Changing SELinux Booleans

From EnGardeWiki

Jump to: navigation, search

Contents

[edit]

Description

There are times when the default SELinux booleans that come with EnGarde Secure Linux aren't perfect for your environment. In that case you need to change the on boot SELinux booleans. Century 21 Broker Properti Jual Beli Sewa Rumah Indonesia Century 21 Broker Properti Jual Beli Sewa Rumah Indonesia

[edit]

Objective

Ensure that booleans are set the proper way for your environment each reboot and are not last across system restarts.

[edit]

Procedure

By following the steps and applying samsung the specific boolean you are looking to change, you will be able to maintain your current environment and settings.

[edit]

Choose A Boolean

First choose the boolean that needs to be changed. Let's use the boolean httpd_webmail for someone who has webmail running.

[edit]

Initial Setting

Check the current setting of the boolean and the initial adipex setting. First become root with sysadm_r privileges. 

[root@machine]# newrole -r sysadm_r
Authenticating root.
Password:
[root@machine]# sestatus | grep httpd_webmail
httpd_webmail                inactive

This means that currently the httpd_webmail SELinux boolean is set to off.

[edit]

Change The Setting

Open up the /etc/selinux/engarde/booleans file in your favorite text editor. Find the httpd_webmail boolean. If the line reads: 

httpd_webmail = 0

then your boolean is still set to the default. To turn it on, change the 0 to a 1 so it reads as follows: 

httpd_webmail = 1

Save the file and exit. From the next reboot on, the default setting for the httpd_webmail SELinux boolean will be active.

[edit]

Check The Setting

To check the seting after reboot, execute the same command as above: 

[root@machine]# newrole -r sysadm_r
Authenticating root.
Password:
[root@machine]# sestatus | grep httpd_webmail
httpd_webmail                active

The difference should be that the httpd_webmail boolean should now read active.

[edit]

Notes

If you need to change the setting immediately without a reboot, then in addition to the above (so the change will stay), you need to execute the pos software following commands: 

[root@machine]# newrole -r sysadm_r
Authenticating root.
Password:
[root@machine]# setsebool httpd_webmail 1

The httpd_webmail SELinux boolen will now be turned weight loss pills on. Century 21 Broker Properti Jual Beli Sewa Rumah Indonesia

Retrieved from "http://wiki.engardelinux.org/index.php/Changing_SELinux_Booleans"
Personal tools