Fill 2020.03.13
Linux-Apache service deployment
Apache and Nginx is a very good service program, first introduced in Chapter 10 Apache, Nginxhi learn in Chapter XX in.
Apache fast, reliable, secure, feature-rich (mainly to RHCE examination)
During the Apache service configuration, there is a need to focus on learning, but also the focus of this chapter --SELinux
SELinux
SELinux is a mandatory access control security subsystem. The purpose of using SELinux technology RHEL 7 system is to allow each service process is constrained, it is only to obtain resources should have acquired.
It can monitor illegal activities in many ways: the function of the service program restrictions; restrictions on access to file resources. (Eg Mito Xiu Xiu want to get your bank card information)
"SELinux domain" and "SELinux security context" is the Linux system, double insurance
SELinux which domains as limiting the service functions, SELinux security context of the limitations of the file permissions;
Note: Do I need to check the system's SELinux enabled, if it is permissive or disable the need to modify the enforcing, you can use the command to confirm getenforce
semanage command
Semanage command for managing SELinux policy, in the form "semanage [options] [file]"
Need to use the command SELinux security context restorecon be effective immediately.
-Rv can achieve recursive directory operations.
Study notes:
