# SELinux Cheat Sheet -------------------------------------- Utilizing **SELinux** *(**Security-E
SELinux Cheat Sheet
--------------------------------------Utilizing SELinux (Security-Enhanced Linux) effectively can significantly enhance the security posture of your operating system.
SELinux operates by enforcing mandatory access control (MAC) policies that restric users and processes to only the resources they're explicitly allowed to access.
#
-------------------------------------
Here's a cheat sheet with basic commands, code snippets, and comments to help you manage SELinux on your system.
#
-------------------------------------
1. Checking SELinux Status
- Check if SELinux is enabled:
This command shows the current SELinux status and the enforced mode.
2. Managing SELinux Modes
- Set SELinux to enforcing mode (actively enforcing policies):
- Set SELinux to permissive mode (logs actions that would have been blocked):
- Disable SELinux (not recommended for secure environments):
- You need to edit
/etc/selinux/configSELINUX=disabled3. Managing Policies
- List all SELinux boolean settings:
- Change a SELinux boolean setting (temporarily):
Replace
httpd_can_network_connect- Change a SELinux boolean setting (persistently across reboots):
