Yoestoy tratando de usar el comando semanage para configurar ciertos elementos de la política de SELinux sin requerir modificación o recompilación de fuentes políticas bajo RHEL 6 servidor. Pero, yo no soy capaz de encontrar este comando y / o nombre del paquete. ¿Cómo instalo comando semanage bajo RedHat Enterprise Linux?
Es necesario utilizar el comando yum para saber qué paquete proporciona archivo llamado / usr / sbin / semanage. Escriba el siguiente comando:
Es necesario utilizar el comando yum para saber qué paquete proporciona archivo llamado / usr / sbin / semanage. Escriba el siguiente comando:
# yum provides /usr/sbin/semanageO# yum whatprovides /usr/sbin/semanageSalidas de Ejemplo:
Loaded plugins: rhnplugin policycoreutils-python-2.0.83-19.8.el6_0.x86_64 : SELinux policy core python utilities Repo : rhel-x86_64-server-6 Matched from: Filename : /usr/sbin/semanage policycoreutils-python-2.0.83-19.1.el6.x86_64 : SELinux policy core python utilities Repo : rhel-x86_64-server-6 Matched from: Filename : /usr/sbin/semanage
Escriba el siguiente comando para instalar el mismo, ingrese:
# yum -y install policycoreutils-pythonSalidas de ejemplo:============================================================================================================================================================================================================================================= Installing: policycoreutils-python x86_64 2.0.83-19.8.el6_0 rhel-x86_64-server-6 334 k Installing for dependencies: audit-libs-python x86_64 2.0.4-1.el6 rhel-x86_64-server-6 56 k libselinux-python x86_64 2.0.94-2.el6 rhel-x86_64-server-6 201 k libsemanage-python x86_64 2.0.43-4.el6 rhel-x86_64-server-6 81 k setools-libs x86_64 3.3.7-4.el6 rhel-x86_64-server-6 400 k setools-libs-python x86_64 3.3.7-4.el6 rhel-x86_64-server-6 222 k Transaction Summary ============================================================================================================================================================================================================================================= Install 6 Package(s) Upgrade 0 Package(s) Total download size: 1.3 M Installed size: 0 Is this ok [y/N]: y Downloading Packages: (1/6): audit-libs-python-2.0.4-1.el6.x86_64.rpm | 56 kB 00:00 (2/6): libselinux-python-2.0.94-2.el6.x86_64.rpm | 201 kB 00:00 (3/6): libsemanage-python-2.0.43-4.el6.x86_64.rpm | 81 kB 00:00 (4/6): policycoreutils-python-2.0.83-19.8.el6_0.x86_64.rpm | 334 kB 00:00 (5/6): setools-libs-3.3.7-4.el6.x86_64.rpm | 400 kB 00:00 (6/6): setools-libs-python-3.3.7-4.el6.x86_64.rpm | 222 kB 00:00 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 1.7 MB/s | 1.3 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : setools-libs-3.3.7-4.el6.x86_64 1/6 Installing : setools-libs-python-3.3.7-4.el6.x86_64 2/6 Installing : libsemanage-python-2.0.43-4.el6.x86_64 3/6 Installing : audit-libs-python-2.0.4-1.el6.x86_64 4/6 Installing : libselinux-python-2.0.94-2.el6.x86_64 5/6 Installing : policycoreutils-python-2.0.83-19.8.el6_0.x86_64 6/6 Installed: policycoreutils-python.x86_64 0:2.0.83-19.8.el6_0 Dependency Installed: audit-libs-python.x86_64 0:2.0.4-1.el6 libselinux-python.x86_64 0:2.0.94-2.el6 libsemanage-python.x86_64 0:2.0.43-4.el6 setools-libs.x86_64 0:3.3.7-4.el6 setools-libs-python.x86_64 0:3.3.7-4.el6 Complete!
Ahora se puede utilizar el comando semanage:
# semanageSalidas de Ejemplo:/usr/sbin/semanage:
semanage [ -S store ] -i [ input_file | - ]
semanage [ -S store ] -o [ output_file | - ]
semanage {boolean|login|user|port|interface|module|node|fcontext} -{l|D|E} [-n]
semanage login -{a|d|m} [-sr] login_name | %groupname
semanage user -{a|d|m} [-LrRP] selinux_name
semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range
semanage interface -{a|d|m} [-tr] interface_spec
semanage module -{a|d|m} [--enable|--disable] module
semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr
semanage fcontext -{a|d|m} [-efrst] file_spec
semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
semanage permissive -{d|a|l} type
semanage dontaudit [ on | off ]
Primary Options:
-a, --add Add a OBJECT record NAME
-d, --delete Delete a OBJECT record NAME
-m, --modify Modify a OBJECT record NAME
-i, --input Input multiple semange commands in a transaction
-o, --output Output current customizations as semange commands
-l, --list List the OBJECTS
-E, --extract extract customizable commands
-C, --locallist List OBJECTS local customizations
-D, --deleteall Remove all OBJECTS local customizations
-h, --help Display this message
-n, --noheading Do not print heading when listing OBJECTS
-S, --store Select and alternate SELinux store to manage
Object-specific Options (see above):
-f, --ftype File Type of OBJECT
"" (all files)
-- (regular file)
-d (directory)
-c (character device)
-b (block device)
-s (socket)
-l (symbolic link)
-p (named pipe)
-F, --file Treat target as an input file for command, change multiple settings
-p, --proto Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
-M, --mask Netmask
-e, --equal Substitue source path for dest path when labeling
-P, --prefix Prefix for home directory labeling
-L, --level Default SELinux Level (MLS/MCS Systems only)
-R, --roles SELinux Roles (ex: "sysadm_r staff_r")
-s, --seuser SELinux User Name
-t, --type SELinux Type for the object
-r, --range MLS/MCS Security Range (MLS/MCS Systems only)
--enable Enable a module
--disable Disable a module
Requires 2 or more arguments
Ver también:
También puede ver la página del manual de semanage utilizando el siguiente comando:
$ man semanage
No hay comentarios:
Publicar un comentario