How to temporary disabled SELinux

This is an article where the discussion is specified in the title of this article. It is about how to temporary disabled SELinux. As we already knew, SELinux is a feature available in a Linux operating system distribution, as it is shown in the part of the name ‘SELinux‘, it is available to support the access control security policy mechanism.

SELinux which stands for Security Enhanced Linux is must be configured to be activated in order for all the rules available as part of SELinux can be implemented within the operating system. But activating this security feature can also be troublesome sometimes because not all of the features or functionality which has already run in the first time before SELinux is implemented can still run properly after SELinux is being activated.

In the troubleshooting step, it is sometimes for the sake of finding the culprit of the problem, SELinux is disabled temporary. The purpose for disabling SELinux is actually to check whether the main problem causing an application, database or even the feature or functionality possessed by the operating system itself for not being able to be utilized or to be functioned properly is the security policy implemented by SELinux itself.

Continue reading “How to temporary disabled SELinux”

Using SELinux for Security Context Labeling

SELinux or Security-Enhanced Linux is one of the security mechanism which is implemented in the kernel level. The security mechanism itself is called the Mandatory Access Control (MAC) which is introduced for the first time in CentOS 4 and in every next version until this article is released to CentOS 7.

Every file and every process where SELinux is implemented has its own security context.  We can also label files or processes when they don’t even have any security context yet. To be able to give security context label to either files or processes we have to look out for the condition or the situation based on the files or processes itself.

To be able to look for the security context label, we have to run the following command :

ls –lZ

The above command, ‘ls’ is used to list directory content.

Continue reading “Using SELinux for Security Context Labeling”