Scribd Logo
Upload

Welcome to Scribd!

  • Selinux Commands

    Uploaded by

    PrinceTSM
    28 views2 pages
    This document outlines SELinux commands for configuring various services including NIS, POP, HTTP, FTP, Samba, Squid, and IMAP. It provides iptables rules to allow or reject network access to specific ports for each service and SELinux boolean settings and file context changes to properly label files and allow access for each service under SELinux.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document outlines SELinux commands for configuring various services including NIS, POP, HTTP, FTP, Samba, Squid, and IMAP. It provides iptables rules to allow or reject network access to specific ports for each service and SELinux boolean settings and file context changes to properly label files and allow access for each service under SELinux.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    28 views2 pages

    Selinux Commands

    Uploaded by

    PrinceTSM
    This document outlines SELinux commands for configuring various services including NIS, POP, HTTP, FTP, Samba, Squid, and IMAP. It provides iptables rules to allow or reject network access to specific ports for each service and SELinux boolean settings and file context changes to properly label files and allow access for each service under SELinux.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    SELINUX COMMANDS

    1} For NIS user:Setsebool P allow_ypbind=1 2} POP command for IPTABLES a) Iptables A INPUT p tcp s 172.24.0.0/16 --dport 110 j ACCEPT {to allow our network} b) IPTABLES A INPUT p tcp s 172.25.0.0/16 --dport j REJECT { to reject other network} c) IPTABLES A INPUT p tcp s ! 172.24.0.0/16 --dport 110 j REJECT 3} HTTP:restorecon R v /var/www/html/index.html restorecon R v /var/www/virtual/index.html 4} FTP:a) chcon t public_content_rw_t /var/ftp/pub {to match the contents} b) setsebool P ftp_home_dir=1 c) setsebool P allow_ftpd_anon_write=1 d) setsebool P allow_ftpd_full_access=1 5} SAMBA:Chcon t samba_share_t /share dir 6} SQUID:Setsebool P squid_disable_trans=1 7} IMAP:a) Iptables A INPUT p tcp s 172.24.0.0/16 dport 993 j ACCEPT {to allow our network}
    Kishore kumar sharma

    b) IPTABLES A INPUT p tcp s 172.25.0.0/16 --dport 993 j REJECT { to reject other network} c) IPTABLES A INPUT p tcp s ! 172.24.0.0/16 --dport 993 j REJECT

    Kishore kumar sharma

    You might also like