Selinux

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Overview

How to Find Out Whether SELinux is Enabled

getenforce

If SELinux is enabled, the command will return "Enforcing".

Configuration

Install Management and Troubleshooting Tools

yum provides /usr/sbin/semanage
yum provides sealert

yum -y install policycoreutils-python
yum -y install setroubleshoot-server

Troubleshooting

Diagnose SELinux Problems

If you have a suspicion that SELinux may be at the root of your problems, run: 

sealert -a /var/log/audit/audit.log

You may get an output similar to the following one, which helps diagnose the problem: 

[...]
SELinux is preventing /usr/sbin/httpd from write access on the file manager.node.nodes.lock.
[...]

Permission Denied when Trying to Write in a Directory

TODO, rationalize the following content: Media_Wiki_Installation#Fails_to_upload_images_with_.27Fatal_exception_of_type_.22MWException.22.27.

Retrieved from "https://kb.novaordis.com/index.php?title=Selinux&oldid=1240"