sestatus
... displays the SELinux status for the system
setenforce < 1 | 0 >
... sets the SELinux system in
semodule -l
... lists all loaded policy modules
semodule -d <module_name>
... disables policy module 'module_name'
semanage user -l
... lists SELinux users with their corresponding roles
semanage login -l
... lists local (login) users with their corresponding SELinux users
semanage port -l
... lists port assignment rules
semanage port -a -t ssh_port_t -p tcp 1122
... assigns TCP port 1122 to domain ssh_port
setsebool -P httpd_can_network_connect on
... let a proxy be a proxy
ls -lahZ
... shows the current security context in addition to the regular ls -lah output
chcon -Rv -t ssh_home_t .ssh
... sets a new security context
sesearch --allow --source sshd_t --target nfs_t
... lists the permissions (policies) for sshd_t on nfs_t for all classes (files, dirs, etc).
setsebool -P httpd_can_network_connect 1
... allow nginx to send (proxy)
httpd_sys_content_t
ssh_home_t
2026-04-11 13:08:14
minicms - © 2020-2026 Simeon Simeonov