SELinux ‐ Deepdive with Red Hat - lpcyber1/SEC440 GitHub Wiki

Guided lab #1

  • Changed selinux setting to permissive image

  • Changed it back to enforcing image

  • Rebooted to check setting again image

image

Guided lab #2

  • Start lab image

  • Made custom directory and index file image

  • Edit http.conf file image

  • Enabled httpd image

  • No permissions image

  • Added permissions image

  • Browsed to the page image

image

Guided lab #3

  • Started lab image

  • Edited Apache feature for editing content from home directory image

  • Created student index.html file image

  • Edited permissions for home directory image

  • No access image

  • Changed selinx settings to allow access image

  • Allowed access image

image

Guided lab #4

  • Started lab image

  • No access

image

  • Found error and command to run image

  • Set selinux properly to allow access image

image

  • Access image

image

Module Lab

  • Started lab, no permissions image

  • Finding reason, and latest instance of error with less /var/log/messages and searching for sealert image

  • Ran the proper commands to add access so httpd content can be served image

  • Have access image

  • Grade image

Reflection

  • I feel like this was a great lab for many reasons. I haven't had many issues with selinux permissions or erros from it in general in previous classes. This was the first class where I had to change things with it so it is great experience to understand how to track down errors it could have through logs. I also got to see other selinux content outside of relation to this lab within my system specifically other settings related to it. So I have an idea of what selinux could hold in the future.