Working with policies
At the core of every SELinux system are the policies. These are the exact rules that define the access rights and relationships between all our objects. As we have learned earlier, all our system's objects have labels, and one of them is a type identifier that can then be used to enforce rules laid down by policies. In every SELinux enabled system, by default, all access to any object is prohibited unless a policy rule has been defined otherwise. Here, in this recipe, we will show you how we can query and customize SELinux policies. As you may notice, some of the commands have already been applied in other recipes in this book, such as for the httpd
or ftpd
daemons. Here, you will find out how policies work.
Getting ready ...
Get CentOS 7 Linux Server Cookbook - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.