Scribd
Upload
61 views2 pages

Selinux Commands

This document outlines SELinux commands for configuring various services including NIS, POP, HTTP, FTP, Samba, Squid, and IMAP. It provides iptables rules to allow or reject network access to specific ports for each service and SELinux boolean settings and file context changes to properly label files and allow access for each service under SELinux.

Uploaded by

PrinceTSM
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
61 views2 pages

Selinux Commands

This document outlines SELinux commands for configuring various services including NIS, POP, HTTP, FTP, Samba, Squid, and IMAP. It provides iptables rules to allow or reject network access to specific ports for each service and SELinux boolean settings and file context changes to properly label files and allow access for each service under SELinux.

Uploaded by

PrinceTSM
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 2

SELINUX COMMANDS

1} For NIS user:Setsebool P allow_ypbind=1 2} POP command for IPTABLES a) Iptables A INPUT p tcp s 172.24.0.0/16 --dport 110 j ACCEPT {to allow our network} b) IPTABLES A INPUT p tcp s 172.25.0.0/16 --dport j REJECT { to reject other network} c) IPTABLES A INPUT p tcp s ! 172.24.0.0/16 --dport 110 j REJECT 3} HTTP:restorecon R v /var/www/html/index.html restorecon R v /var/www/virtual/index.html 4} FTP:a) chcon t public_content_rw_t /var/ftp/pub {to match the contents} b) setsebool P ftp_home_dir=1 c) setsebool P allow_ftpd_anon_write=1 d) setsebool P allow_ftpd_full_access=1 5} SAMBA:Chcon t samba_share_t /share dir 6} SQUID:Setsebool P squid_disable_trans=1 7} IMAP:a) Iptables A INPUT p tcp s 172.24.0.0/16 dport 993 j ACCEPT {to allow our network}
Kishore kumar sharma

b) IPTABLES A INPUT p tcp s 172.25.0.0/16 --dport 993 j REJECT { to reject other network} c) IPTABLES A INPUT p tcp s ! 172.24.0.0/16 --dport 993 j REJECT

Kishore kumar sharma

You might also like