Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Red Hat Enterprise Linux 9 Essentials Book now available.

Purchase a copy of Red Hat Enterprise Linux 9 (RHEL 9) Essentials

Red Hat Enterprise Linux 9 Essentials Print and eBook (PDF) editions contain 34 chapters and 298 pages

Preview Book

Red Hat Enterprise Linux 6

Managing Confined Services

Guide to configuring services under control of SELinux

Edition 1.6

Logo

Red Hat Engineering Content Services

Copyright © 2010 Red Hat, Inc.

Legal Notice

Copyright © 2010 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at https://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
All other trademarks are the property of their respective owners.


1801 Varsity Drive
 RaleighNC 27606-2072 USA
 Phone: +1 919 754 3700
 Phone: 888 733 4281
 Fax: +1 919 754 3701

Abstract
The Managing Confined Services guide is designed to assist advanced users and administrators when using and configuring Security-Enhanced Linux (SELinux). It is focused on Red Hat Enterprise Linux and describes the components of SELinux as they pertain to services an advanced user or administrator might need to configure. Also included are real-world examples of configuring these services and demonstrations of how SELinux complements their operation.
Preface
1. Document Conventions
1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings
2. We Need Feedback!
1. Introduction
2. Targeted policy
2.1. Type Enforcement
2.2. Confined processes
2.3. Unconfined processes
3. The Apache HTTP Server
3.1. The Apache HTTP Server and SELinux
3.2. Types
3.3. Booleans
3.4. Configuration examples
3.4.1. Running a static site
3.4.2. Sharing NFS and CIFS file systems
3.4.3. Sharing files between services
3.4.4. Changing port numbers
4. Samba
4.1. Samba and SELinux
4.2. Types
4.3. Booleans
4.4. Configuration examples
4.4.1. Sharing directories you create
4.4.2. Sharing a website
5. File Transfer Protocol
5.1. FTP and SELinux
5.2. Types
5.3. Booleans
5.4. Configuration Examples
5.4.1. Uploading to an FTP site
6. Network File System
6.1. NFS and SELinux
6.2. Types
6.3. Booleans
6.4. Configuration Examples
6.4.1. Sharing directories using NFS
7. Berkeley Internet Name Domain
7.1. BIND and SELinux
7.2. Types
7.3. Booleans
7.4. Configuration Examples
7.4.1. Dynamic DNS
8. Concurrent Versioning System
8.1. CVS and SELinux
8.2. Types
8.3. Booleans
8.4. Configuration Examples
8.4.1. Setting up CVS
9. Squid Caching Proxy
9.1. Squid Caching Proxy and SELinux
9.2. Types
9.3. Booleans
9.4. Configuration Examples
9.4.1. Squid Connecting to Non-Standard Ports
10. MySQL
10.1. MySQL and SELinux
10.2. Types
10.3. Booleans
10.4. Configuration Examples
10.4.1. MySQL Changing Database Location
11. PostgreSQL
11.1. PostgreSQL and SELinux
11.2. Types
11.3. Booleans
11.4. Configuration Examples
11.4.1. PostgreSQL Changing Database Location
12. rsync
12.1. rsync and SELinux
12.2. Types
12.3. Booleans
12.4. Configuration Examples
12.4.1. Rsync as a daemon
13. Postfix
13.1. Postfix and SELinux
13.2. Types
13.3. Booleans
13.4. Configuration Examples
13.4.1. SpamAssassin and Postfix
14. DHCP
14.1. DHCP and SELinux
14.2. Types
15. References

  
 
  Published under the terms of the Creative Commons License Design by Interspire