cyber-security-resources/linux-hardening/selinux_UBUNTU_lab.md

53 lines
1.3 KiB
Markdown
Raw Normal View History

2023-01-08 17:30:47 -05:00
# SELinux in Ubuntu Lab
The following can be completed with Ubuntu 22.x or later.
## Installing and Enabling SELinux
The first step is to install SELinux. Start by opening a command line terminal and installing the necessary packages with the apt commands below.
```
$sudo apt update
$ sudo apt install policycoreutils selinux-utils selinux-basics
```
### Activate SELinux
Execute the following command with root permissions to enable SELinux on the system.
```
$ sudo selinux-activate
```
## Enforcing Mode
Set SELinux to enforcing mode:
```
$ sudo selinux-config-enforcing
```
Reboot your system. The relabelling will be triggered after you reboot your system. When finished the system will reboot one more time automatically.
```
$ reboot
```
Check SELinux status with the following command to ensure that it is in enforcing mode.
$ sestatus
## Disabling SELinux
To disable SELinux open up the `/etc/selinux/config` configuration file and change the following line:
FROM:
```
SELINUX=enforcing
```
TO:
```
SELINUX=disabled
```
Reboot your system for the changes to take effect.
Alternatively you can temporarily put SELinux into permissive mode with the following command.
```
$ sudo setenforce 0
```
Note this change will not be persistent (i.e., survive a reboot). It will go back to enforcing later. To enable SELinux again just execute:
```
$ sudo setenforce 1
```