SELinux Notes
SELinux Notes

SELinux Notes

Tags
Linux
Security
Published
June 12, 2021
💡
The old content of this page has been remove and will be updated with new one

/etc/pam.conf

The /etc/pam.conf file is the PAM configuration file. It determines the authentication services to be used and the order in which they are used. This file can be edited to select authentication mechanisms for each system entry application.
For example: It can be used to enable extra 2FA auth

faillock / tally2

Banner /etc/issue

It’s for MOTD

SELinux Modes

SELinux offers three distinct modes:
  • Enforcing mode: This is the default mode. In this mode, any attempt to violate the security policy will be blocked and reported.
  • Permissive mode: This mode will not block any security policy violations, however it will log any violations that are attempted. This mode is useful in debugging because it allows you to see what would happen if the system were in enforcing mode.
  • Disabled mode: In this mode, the SELinux security policy is completely disabled. This mode is used when you do not want any security policy enforced.

SELinux Types

SELinux offers four distinct types:
  • Targeted: This type is the default type for most users. It provides targeted protection against malicious actions.
  • Strict: This type provides a very strict security policy, which will block any action not explicitly allowed.
  • MCS: This type provides an additional layer of security by allowing you to assign different security levels to different processes.

Types

Users

Roles

Objects

Subjects

AppArmor Linux

AppArmor is a Mandatory Access Control (MAC) system for Linux that provides fine-grained control over processes and system resources. AppArmor is similar to SELinux, and allows you to define policies for applications and services that specify what system resources they can access. It can also be used to enforce a range of security policies, including mandatory authentication, to protect against malicious or unauthorized access. AppArmor can be used to protect system services, applications, and user data, and can be used to secure servers and workstations. Additionally, AppArmor also provides a range of security policies, such as role-based access control, that can be used to further restrict access to sensitive data.