Submitted by bobbitt on Tue, 08/27/2013 - 13:43
Getting SELinux working can be tough. Here are some commands I found useful.
Show the security context of a file:
ls -lZ
Copy the context from one file to another:
chcon --reference=<source> <destination>
Create a rule from an audit log (contained in /tmp/selinux):
/usr/bin/audit2allow -i /tmp/selinux
Explain an audit log (that appears in dmesg):
/usr/bin/audit2why -d
Reading an audit entry:
Deactivate all inactive users in the last year:
Yes, some distros still use rpm.
Extract files from an RPM:
Included below are some commands that I have found, created or tweaked to help make life easier along the way.
Get into the correct directory:
cd /etc/pki/tls/certs
Wireshark and tcpdump are extremely powerful network troubleshooting tools.