Chapter 2. Understanding SELinux Decisions and Logging

Once SELinux is enabled on a system, it starts its access control functionality, as described in the previous chapter. This however might have some unknown side effects, so in this chapter, we will:

  • Switch between SELinux in full-enforcement mode (resembling a host-based intrusion prevention system) versus its permissive, logging-only mode (resembling a host-based intrusion detection system)
  • Use various methods to toggle the SELinux state (enabled or disabled, permissive or enforcing)
  • Disable SELinux's enforcement for a single domain rather than the entire system
  • Learn to interpret the SELinux log events that describe which activities SELinux has prevented

We will finish with an overview of common ...

Get SELinux System Administration - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.