Solved

SE Linux management > Is it best set to Enforcing mode . Disabled? (fedora 14)  - Linux n00b

Posted on 2011-03-22
3
421 Views
Last Modified: 2012-05-11

Mate set it like this on a test box.

Should I revert to Permissive or enforcing?

HAving no joy setting up SWAT and Im wondering if this is the spanner in the setup works.

0
Comment
Question by:fcek
3 Comments
 
LVL 31

Accepted Solution

by:
farzanj earned 167 total points
ID: 35195022
Enforcing is good but you have to know what you are doing.  If you are using GUI and SELinux tools, it gives you tips what to do.

Set it to permissive and make sure everything is running that way it is running.  Make sure to check the logs and SELinux messages in Permissive mode that informs about issues.  Once all the issues are resolved, set it to enforcing.

Most people in the Linux world don't know how to use SELinux and therefore hate it.  It is a very good tool provided that you know how to use it and you can reap the full range of security benefits if you can write your own policies!

If you don't care about this extra layer of security and want to avoid hassle, you may simply disable it.
0
 
LVL 29

Assisted Solution

by:fosiul01
fosiul01 earned 167 total points
ID: 35195029
You should use Permissive or disabled...

best is just disabled it.

you will have to be really really good in linux to use selinux with every services....

I hardly see people use selinux  , and most of the time you will see linux base software is saying, turn off the selinux ..

example. if you go for Virtual server, selinux will be off straight way..

so dont worry about selinux.. just disable it for time being.

0
 
LVL 77

Assisted Solution

by:arnold
arnold earned 166 total points
ID: 35195090
SELinux is a tool that helps secure one's system from different type of attacks. And in an event when an attack gets on the server, selinux in some cases will make it harder for the attacker to further damage/compromise the system.

0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Postfix issues with spam/auth attempts under NAT 9 112
how to install java on RHEL image on EC2 4 41
awk file 6 79
linux - yum package installation issue 2 66
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question