- به منظور بررسی و رویت وضعیت جاری SELinux از دستور sestatus استفاده میکنیم.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
# <span style="color: #ff0000;"><strong>sestatus -v</strong></span> SELinux status: <span style="color: #ff0000;">enabled</span> SELinuxfs mount: <span style="color: #ff0000;">/selinux</span> Current mode: <span style="color: #ff0000;">enforcing</span> Mode from config file: enforcing Policy version: 21 Policy from config file: <span style="color: #ff0000;">targeted</span> Process contexts: Current context: root:system_r:unconfined_t:SystemLow-SystemHigh Init context: system_u:system_r:init_t /sbin/mingetty system_u:system_r:getty_t /usr/sbin/sshd system_u:system_r:unconfined_t:SystemLow-SystemHigh File contexts: Controlling term: root:object_r:devpts_t /etc/passwd system_u:object_r:etc_t /etc/shadow system_u:object_r:shadow_t /bin/bash system_u:object_r:shell_exec_t /bin/login system_u:object_r:login_exec_t /bin/sh system_u:object_r:bin_t -> system_u:object_r:shell_exec_t /sbin/agetty system_u:object_r:getty_exec_t /sbin/init system_u:object_r:init_exec_t /sbin/mingetty system_u:object_r:getty_exec_t /usr/sbin/sshd system_u:object_r:sshd_exec_t /lib/libc.so.6 system_u:object_r:lib_t -> system_u:object_r:lib_t /lib/ld-linux.so.2 system_u:object_r:lib_t -> system_u:object_r:ld_so_t |
- دو مورد Current mode و Policy from config file را میتوان از درون پروندهی زیر تغییر داد.
|
1 |
/etc/selinux/config |
- تست شده بر روی CentOS 5.8