selinux configuration file / etc / selinux / config definition is SELinux default run state
cat /etc/selinux/semanage.conf
View selinux running state getenforce
Selinux modify the operating mode setenforce (0 or 1) 0 = not enabled, 1 for enabled, temporarily modify the system restart will fail.
semanage commands for managing SELinux security policy context, the format is " semanage [ options ] [ file ], semanage command not only as a traditional chcon command does - settings file, directory strategy can also manage network
Port, a message interface (which will include new features hereinafter in this chapter). Use semanage command, several parameters are often used and their functions are as follows:
➢ the -l parameter is used to query;
➢ -a parameter is used to add;
➢ -m parameter is used to modify;
➢ -d parameter is used to delete.
The [@ linuxprobe the root ~] # -a -t fcontext the semanage the httpd _ SYS _ Content _ T / Home / wwwroot
restorecon command then using the restorecon command can be added -Rv parameters specified directory recursive operations, and a display SELinux the security context of the process of modification
[root @ linuxprobe ~] # restorecon -rv / Home / wwwroot /
getsebool -a | grep role service name is xxx bring up information about the service name in the scope selinux managed
setsebool we must remember that in the setsebool command surface plus on -P parameter, after the changes to SELinux policy rules permanent and immediate effect as
[root @ linuxprobe ~] # setsebool -P httpd _ enable _ Homedirs = oN