Re: [CentOS] Restore pristine SELinux configuration ?
Le 19/01/2021 à 19:29, Leon Fauster via CentOS a écrit : > list your modules with > > semodule -l > > and remove custom modules with > > semodule -r myfail2ban Thank you very much ! Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 Mob. : 06 51 80 12 12 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Restore pristine SELinux configuration ?
Am 19.01.21 um 17:25 schrieb Nicolas Kovacs: Hi, I have CentOS 7 running on a public server hosting all sorts of web applications, mail, XMPP, MPD, etc. How do I reset SELinux configuration to defaults? I know how to reset all my custom booleans to the initial state. # cat /etc/selinux/targeted/active/booleans.local # This file is auto-generated by libsemanage # Do not edit directly. httpd_unified=1 httpd_can_sendmail=1 spamd_enable_home_dirs=1 httpd_can_network_connect=1 ftpd_full_access=1 mpd_enable_homedirs=1 named_write_master_zones=1 Starting from there, I can manually reset them to 0 with setsebool. On the other hand, I don't know how I would do something similar with the SELinux modules. I vaguely remember having created some of these, for example for Fail2ban to work correctly. But I don't remember what I did here over the years, what modules I created, etc. How would I recreate the default SELinux configuration without having to wipe and reinstall the whole server? list your modules with semodule -l and remove custom modules with semodule -r myfail2ban -- Leon ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Restore pristine SELinux configuration ?
Hi, I have CentOS 7 running on a public server hosting all sorts of web applications, mail, XMPP, MPD, etc. How do I reset SELinux configuration to defaults? I know how to reset all my custom booleans to the initial state. # cat /etc/selinux/targeted/active/booleans.local # This file is auto-generated by libsemanage # Do not edit directly. httpd_unified=1 httpd_can_sendmail=1 spamd_enable_home_dirs=1 httpd_can_network_connect=1 ftpd_full_access=1 mpd_enable_homedirs=1 named_write_master_zones=1 Starting from there, I can manually reset them to 0 with setsebool. On the other hand, I don't know how I would do something similar with the SELinux modules. I vaguely remember having created some of these, for example for Fail2ban to work correctly. But I don't remember what I did here over the years, what modules I created, etc. How would I recreate the default SELinux configuration without having to wipe and reinstall the whole server? Cheers, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 Mob. : 06 51 80 12 12 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
