Installing the SELinux tools

For some bizarre reason that I'll never understand, the tools that you need to administer SELinux don't get installed by default, even though SELinux itself does. So, the first thing you'll need to do on your CentOS virtual machine is to install them:

sudo yum install setools policycoreutils policycoreutils-python

In a later portion of this chapter, we'll be looking at how to use setroubleshoot to help diagnose SELinux problems. In order to have some cool error messages to look at when we get there, go ahead and install setroubleshoot now, and activate it by restarting the auditd daemon.  (There's no setroubleshoot daemon because setroubleshoot is meant to be controlled by the auditd daemon.) We have the following code:

sudo yum install setroubleshoot
sudo service auditd restart

One of the little systemd quirks that we have to deal with is that you can't stop or restart the auditd daemon with the normal systemctl command, as you're supposed to do when working with systemd daemons. However, the old-fashioned service command works. (And no, I don't know why that is.)

Depending on the type of installation that you chose when installing CentOS, you might or might not already have setroubleshoot installed. To be sure, go ahead and run the command to install it. It won't hurt anything if setroubleshoot is already there.

You now have what you need to get started.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.136.97.64