The old content of this page has been remove and will be updated with new one
/etc/pam.conffile is the PAM configuration file. It determines the authentication services to be used and the order in which they are used. This file can be edited to select authentication mechanisms for each system entry application.
For example: It can be used to enable extra 2FA auth
faillock / tally2
It’s for MOTD
Integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag certificate system, SSSD and others. Built on top of well known Open Source components and standard protocols Strong focus on ease of management and automation of installation and configuration tasks.
SELinux offers three distinct modes:
- Enforcing mode: This is the default mode. In this mode, any attempt to violate the security policy will be blocked and reported.
- Permissive mode: This mode will not block any security policy violations, however it will log any violations that are attempted. This mode is useful in debugging because it allows you to see what would happen if the system were in enforcing mode.
- Disabled mode: In this mode, the SELinux security policy is completely disabled. This mode is used when you do not want any security policy enforced.
SELinux offers four distinct types:
- Targeted: This type is the default type for most users. It provides targeted protection against malicious actions.
- Strict: This type provides a very strict security policy, which will block any action not explicitly allowed.
- MCS: This type provides an additional layer of security by allowing you to assign different security levels to different processes.
setsebool(8) - Linux manual page
This page is part of the selinux (Security-Enhanced Linux user- space libraries and tools) project. Information about the project can be found at ⟨ https://github.com/SELinuxProject/selinux/wiki⟩. If you have a bug report for this manual page, see ⟨ https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This page was obtained from the project's upstream Git repository ⟨ https://github.com/SELinuxProject/selinux⟩ on 2022-12-17.
chcon(1) - Linux manual page
This page is part of the coreutils (basic file, shell and text manipulation utilities) project. Information about the project can be found at ⟨ http://www.gnu.org/software/coreutils/⟩. If you have a bug report for this manual page, see ⟨ http://www.gnu.org/software/coreutils/⟩. This page was obtained from the tarball coreutils-9.1.tar.xz fetched from ⟨ http://ftp.gnu.org/gnu/coreutils/⟩ on 2022-12-17.
AppArmor is a Mandatory Access Control (MAC) system for Linux that provides fine-grained control over processes and system resources. AppArmor is similar to SELinux, and allows you to define policies for applications and services that specify what system resources they can access. It can also be used to enforce a range of security policies, including mandatory authentication, to protect against malicious or unauthorized access. AppArmor can be used to protect system services, applications, and user data, and can be used to secure servers and workstations. Additionally, AppArmor also provides a range of security policies, such as role-based access control, that can be used to further restrict access to sensitive data.