Security - jasper-zanjani/dotfiles GitHub Wiki

[chcon][chcon] [getenforce][getenforce] [getsebool][getsebool] gpg [restorecon][restorecon] [semanage][semanage] [sestatus][sestatus] [setenforce][setenforce] [setsebool][setsebool]

Display SELinux contexts for processes

ps auxZ

Display SELinux context for files

ls -Z

gpg

Decrypt file

gpg file.txt

Export GPG public key

gpg --export --output ~/jdoe.pub

Import another person's public key

gpg --import jdoe.pub

List available GPG keys

gpg --list-key

Encrypt a file

gpg --encrypt -r [email protected] ./file.txt

Sign {file} without encrypting it (produces file.asc)

gpg --clearsign file

Generate a key

gpg --generate-key
gpg --gen-key

Import another person's public key

gpg --import ~/jdoe.pub

Send keys to {keyserver}

gpg --send-keys keyIDs --keyserver keyserver

restorecon

Restore security context default in the policy

restorecon -Rv website

sestatus

Display status of SELinux

sestatus

setenforce

Change SELinux mode

setenforce enforcing
setenforce 1
setenforce permissive
setenforce 0
setenforce disabled

semanage

Amend policy to add a file context

semanage fcontext -a -t httpd_sys_content_t website

Add a port context

semanage port -a -t http_port_t -p tcp 8080

Display all ports with attached types

semanage port -l