From the course: Linux: Firewalls and SELinux
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Understanding contexts - Linux Tutorial
From the course: Linux: Firewalls and SELinux
Understanding contexts
- [Instructor] To understand contexts in SELinux, you need to understand the concepts of labeling and the labeling of type enforcement. Because what SELinux is really doing mostly, whenever it's managing things at the file system and also over network ports, is it's looking at the types that are labeled on processes and on files and on folders, and it's interpreting those and it's using the policy to determine whether or not operations are allowed based on what's prewritten into that policy. So let's look at what that kind of looks like. Let's just cd into usr/sbin, okay, and we're going to ls - lZ on http and d. And there's the httpd process and it has all of our POSIX permissions that we're used to seeing over here, the rwxr-xr-x and the root and root POSIX user and group, and that's all normal and standard and what we're used to seeing outside of an SELinux context. But here we have the labels of the context, right? System u object r http exec t. Now those u, r and t endings there…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.