From the course: Linux: Firewalls and SELinux
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Making domains permissive - Linux Tutorial
From the course: Linux: Firewalls and SELinux
Making domains permissive
- As discussed over and over again in this course when SELinux is running in permissive mode, it will not deny access. But denials are logged for actions that would have been denied if running in enforcing mode. This is so useful. Rather than just making the whole system permissive, however, to troubleshoot a problem, you may find it beneficial to just put a single process into permissive mode, but making its domain permissive is how you actually do that, and we can even to it temporarily. Though writing new domain policy modules is beyond the scope of this course, if you were to do so with permissive domains, only the domain in the new policy module could be marked as permissive, thus only exposing the new thing and not the entire system. We use semanage to make the domain permissive and all we really need to know is how to type the name of the domain. You use the permissive -a command followed by the name of the domain you want to make permissive, - a just stands for add. Let's make…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.