whats SELinux ? plz help asap

SOLVED

Hello dear Gurus

OS: rhel 4.0 AS

I wana know what is SELinux ?
how can i take benefit from SELinux ? any example ?
how can i disable/enable it ?
plz also le me know Any good tutorial .. abt its configuration.

Any help will be highly appreciated
Thanks n Regards
Maaz

12 REPLIES 12

Hi Mazz,

SELinux is Security Enhanced Linux.

SELinuxx is a research prototype of the LinuxÂ® kernel and a number of utilities with enhanced security functionality designed simply to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type EnforcementÂ®, Role-based Access Control, and Multi-level Security.

Cheers,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "

Hi Mazz ,

Also to know , What is it good for?

Well, The Security-enhanced Linux's new features are designed to enforce the separation of information based on confidentiality and integrity requirements. They are designed for preventing processes from reading data and programs, tampering with data and programs, bypassing application security mechanisms, executing untrustworthy programs, or interfering with other processes in violation of the system security policy. They also help to confine the potential damage that can be caused by malicious or flawed programs. They should also be useful for enabling a single system to be used by users with differing security authorizations to access multiple kinds of information with differing security requirements without compromising those security requirements.

Cheers,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "

Thanks a Million Raj for such a detailed and prompt reply
During installation i have select the 'Disable' SELinux ... now i want to enable it.. how can i enable SELinux ?

Regards
Maaz

Mazz ,

You can check out this site for download , and try ..

http://www.nsa.gov/selinux/

Also check :

http://selinux.sourceforge.net/

Also a good FAQ available :

http://www.nsa.gov/selinux/info/faq.cfm

Hope this will help..

Cheers,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "

SELinux can be enabled at the boot time.

# /usr/bin/sestatus

check this for status of SELinux.

Also check the file:

# /etc/sestatus.conf

set_enforcement has to be 1 ,

Please provide some more info...

Cheers,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "

Maaz,

Check this out , you can fix it..

Enable or Disable Enforcement
You can enable and disable SELinux enforcement in runtime or configure it for system boot, using the command line or GUI. There are three modes for SELinux to be in: disabled, meaning not enabled in the kernel; permissive, meaning SELinux is running and logging but not controlling permissions; enforcing, meaning SELinux is running and enforcing policy.

To toggle enforcement during runtime, use the setenforce [ 0 | 1 ] command. The 0 option turns enforcement off, the 1 option turns it on.

# sestatus informs you of the two permission mode statuses,
# the current mode in runtime and the mode from the config
# file referenced during boot:

sestatus | grep -i mode
Current mode: permissive
Mode from config file: permissive

# Changing the runtime enforcement doesn't effect the
# boot time configuration:

setenforce 1
sestatus | grep -i mode
Current mode: enforcing
Mode from config file: permissive

Reboot and check...

Also check this Link:
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/rhlcommon-section-0068.html

Hope it helps..

Cheers,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "

Hope you are using REDHAT...
which linux and What version are u using..

hth,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "

For RHEL 4.0 the SELinux settings can be enabled or disabled by editing /etc/sysconfig/selinux file.

In your case it will be set to DISABLED, you have to change it to ENFORCED.

The /etc/sysconfig/selinux file contains documentation on how to do this.

Regards,
Gopi

Never Never Never Giveup

The system-config-security command can be used to modify SELinux configuration.

The Red Hat Enterprise Linux documentation page has a good manual for SELinux.

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?

Its also something I routinely disable.

I don't think its ready for production systems.

Best is to disable it at install time, but you've already got good procedures.

Example, at a default level you can't run a web server with content outside the /var filesystem.

Its tough.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Dear Raj, Gopi Sekar, Ivan Ferreira, and Steven E Protter .. I m highly thankfull to u all GURUS, for such a GREAT HELP.

Millions of Thanks n Regards
Maaz

SELinux is really nice, but you have to ask yourself if you need it on your machine. I would certainly enable it on machines exposed to the internet (you can never be too secure there), but for internal machines i am more tended to leave it off (though, i make sure all the other security features/settings are ok).