Milestone 9 SELinux Deepdive SEC‐440 - DefiantCoder/Tech-Journals GitHub Wiki

440-home

Deliverable 1

  • Here is the new index page for web01

image

Web01 setup

  • Add the following users:
    • regularuser
    • switcheduser
    • guestuser
    • restrictedduser

Deliverable 2

ps -efZ | grep sshd
  • The process domain is as shown:

image

Deliverable 3

  • The SELinux type for our index.html is httpd_sys_content_t image

Deliverable 4

image

image

Deliverable 5

  • The original context type of redhat-release was : etc_t while the copy in /var/www/html is: httpd_sys_content_t . Using this we can conclude that the context type changes based on the location of the file as the purpose is different.

image

image

image

Deliverable 6

6a the SELinux type is user_home_t

6b the selinux context remains the same when you move the file

image

  • Permission is denied due to moving the file instead of copying it. This leads to SELinux location and permissions not matching up with the new location which raises flags and is denied by SELinux

Deliverable 7

restorecon resource

  • I found the following log showing permission denied when attempting to access userhost.txt

image

  • By running ls -Z and specifying the file we can see the location issue of user_home and using restorecon -rv and specifying the file we can update the SELinux context to the new location now allowing it to properly funcion

image

image

Deliverable 8

Enable UserDir

  • First navigate to /etc/httpd/conf.d/userdir.conf
    • enable UserDir
    • uncomment UserDir public_html_ image

image

  • Proof of home directory index

image

Deliverable 9

SSH port change + SELinux allow guide

image

image

Deliverable 10

image

Deliverable 11

sudo semanage login -a -s guest_u guestuser

sudo semanage login -m -s guest_u guestuser

sudo semanage login -l

image

Deliverable 12

image