Linux Tutorial

• Linux Tutorial
• Linux Common Linux Distributions
• Linux Desktop Environment
• Linux Remote Management Protocols
• Linux Remote Administration Tools
• Linux File Directory Structure
• Linux Mount

Linux File/Directory Management

• Linux File System Structure
• Linux Absolute And Relative Paths
• Linux File/Directory Naming Rules
• Linux Commands Format
• Linux Change Directory (cd Command)
• Linux Show Current Path (pwd Command)
• linux View Files In A Directory (ls Command)
• Linux Create A Directory (mkdir Command)
• Linux Remove Empty Directory (rmdir Command)
• Linux Create File And Modify File Timestamp (touch Command)
• Linux Create Hard/Soft Links To File (ln Command)
• Linux Copy File And Directory (cp Command)
• Linux Delete A File Or Directory (rm Command)
• Linux Move File Or Directory (mv Command)
• Linux Environment Variables

Linux Packaging And Compression

• Linux Packaging (tar Command)
• Linux Compress A File Or Directory to ".zip" (zip Command)
• Linux Unzip ".zip" File (unzip Command)
• Linux Compress A File Or Directory to ".gz" (gzip Command)
• Linux Unzip ".gz" File (gunzip Command)
• Linux Compress A File Or Directory to ".bz2" (bzip2 Command)
• Linux Unzip ".bz2" File (bunzip2 Command)

Vim Text Editor

• Vim Installation
• Linux Vim Basic Operations
• Vim Cursor Moving Shortcuts
• Linux Vim Undo And Redo-Undo Shortcuts
• Linux Vim Visualization Mode
• Linux Vim Batch Comments And Custom Comment

Linux Text Processing

• Linux Concatenate Files (cat Command)
• Linux Display File Content by Paging (more Command)
• Linux Display The Beginning Content Of File (head Command)
• Linux Display File Content (less Command)
• Linux Display The Ending Content Of File (tail Command)
• Linux Find File Contents (grep Command)
• Linux Edit File Text (sed Command)
• Linux Edit File Text (awk Command)

Linux Software Installation

• Linux Packages
• Linux RPM Packages' Naming Rules
• Linux RPM Package Installation, Uninstallation And Upgrade (rpm Command)
• Linux Query Packages (rpm Command)
• Linux RPM Package Verification And Digital Certificates
• Linux Extract RPM Package File (cpio Command)
• Linux SRPM Source Package Installation
• Linux yum Source Configuration
• Linux yum Commands
• Linux yum Manage Software Group
• Linux Source Package Installation And Uninstallation
• Linux Source Package Upgrade

Linux User/User Group Management

• Linux Users And User Groups
• Linux UID And GID
• Linux /etc/passwd
• Linux /etc/shadow
• Linux /etc/group
• Linux /etc/gshadow
• Linux Initial And Additional Groups
• Linux /etc/login.defs
• Linux Adding A New System User (useradd Command)
• Linux Change User Password (passwd Command)
• Linux Modify User Information (usermod Command)
• Linux Modify User Password Status (chage Command)
• Linux Delete User (userdel Command)
• Linux View User's UID And GID (id Command)
• Linux Switch Between Users (su Command)
• Linux whoami And who am i Command
• Linux Add User Group (groupadd Command)
• Linux Modify User Group (groupmod Command)
• Linux Delete User Group (groupdel Command)
• Linux Add User To Or Remove User From Group (gpasswd Command)
• Linux Switch The Effective Group Of Users (newgrp Command)

Linux Permission Management

• The Importance Of Linux Permission Management
• Linux Modify The Group Of File And Directory (chgrp Command)
• Linux Modify The Owner And Group Of File And Directory (chown Command)
• Linux Permission Bits
• Linux Modify The File Or Directory Permissions (chmod Command)
• Linux Create/Modify File And Directory Default Permissions (umask Command)
• Linux ACL Access Control Permission
• Linux ACL Permission Settings
• Linux mask Effective Permissions
• Linux SetUID (SUID) Special Permission
• Linux SetGID (SGID) Special Permission
• Linux Stick BIT (SBIT) Special Permission
• Linux Modify File And Directory Permission Attributes (chattr Command)
• Linux Display File And Directory Permission Attributes (lsattr Command)
• Linux System Permission Management (sudo Command)

Linux Filesystem Management

• Linux Display File System Hard Disk Usage (df Command)
• Linux Count The Disk Space Occupied By A Directory Or File (du Command)
• Linux Mount Files Outside The Linux System (mount Command)
• Linux Unmount Filesystem (umount Command)
• Linux Detect And Repair Filesystems (fsck Command)
• Linux Display FileSystem Information (dumpe2fs Command)
• Linux Partition Hard Disk (fdisk Command)
• Linux Partition Large Capacity Hard Disk (parted Command)
• linux Format Partition (mkfs Command)
• Linux Format Hard Disk (mke2fs Command)
• Linux Virtual Memory And Physical Memory

Linux Advanced Filesystem Management

• Disk Quota Overview
• Preparation For Disk Quota Startup
• Linux Scan FileSystem And Create A Quota File (quotacheck Command)
• Linux Turn On Disk Quota Limit (quotaon Command)
• Linux Turn Off Disk Quota Limits (quotaoff Command)
• Linux Modify User (Group) Disk Quota (edquota Command)
• Linux Set Disk Quota Non-interactively (setquota Command)
• Linux Query Disk Quota (quota And repquota Command)
• Linux LVM Logical Volume Management
• Linux PV Physical Volumes
• Linux VG Volume Group
• Linux LV Logical Volumes

Linux System Management

• Linux Process Management
• Linux Start A Process
• Linux Display Running Processes (ps Command)
• Linux Continuously Monitor Process Running Status (top Command)
• Linux Display Process Tree (pstree Command)
• Linux List Information About Files Called Or Opened By A Process (lsof Command)
• Linux Process Priority
• Linux Change Process Priority (nice And renice Command)
• Linux Common Signals
• Linux Kill Process (kill Command)
• Linux Kill A Specific Group Of Processes (killall Command)
• Linux Kick User By Terminal Number (pkill Command)
• Linux Work Management
• Linux Run Commands In The Background
• Linux Display The Jobs That Current Terminal Puts Into The Background (jobs Command)
• Linux Restore Background Commands To Foreground (fg Command)
• Linux Resume Suspended Work in Background (bg Command)
• Linux Run Background Commands Away From The Terminal (nohup Command)
• Linux Execute Tasks Regularly (at Command)
• Linux Execute Scheduled Tasks In A Loop (crontab Command)
• Linux Detect Scheduled Tasks Haven't Been Executed For A Long Time (anacron Command)
• Linux Monitor System Resources (vmstat Command)
• Linux Display Boot Information (dmesg Command)
• Linux Display Memory Status (free Command)
• Linux Display Login User Information (w And who Command)
• Linux Display Logged In Users Information (last And lastlog Command)

Linux Backup and Recovery

• Linux Backup Strategy
• Linux Backup Data (tar Command)
• Linux Backup Partition, File Or Directory (dump Command)
• Linux Restore File, Directory Or Partition (restore Command)
• Linux Data Backup With Format Conversion (dd Command)
• Linux Local Backup and Remote Backup (rsync Command)

Linux System Service Management

• Linux System Services
• linux Port
• Linux Independent Service Management
• Linux Xinetd Service Management
• Linux Source Package Service Management
• Linux Common Service Categories And Functions
• Factors Affecting Linux System Performance
• Linux Analyze System Performance (sar Command)

Linux System Log Management

• Linux rsyslogd Service
• Linux Log File Format
• Linux rsyslogd Configuration File
• Linux Setup Log Server
• Linux Log Rotation (Log Dump)
• Linux Log Rotation (logrotate Command)
• Linux Log Analysis Tool (logwatch)

Linux Boot Management

• Linux System Startup Process
• Linux BIOS POST
• Linux Master Boot Directory (MBR)
• Linux Kernel Module Loading Process
• Linux Initializes The System Environment (/sbin/init)
• Linux Set System Default Runlevel (/etc/inittab)
• Linux /etc/rc.d/rc.local Configuration File
• Linux Bootloader (GRUB) Loads The Kernel
• Linux /boot/grub/ Directory
• Linux GRUB Disk Partition
• Linux GRUB Configuration File (/boot/grub/grub.conf)
• Linux GRUB Configuration File For Multi-system Coexistence
• Linux GRUB Manual Installation
• Linux GRUB Encryption
• Linux Adjust The Resolution Of Character Interface
• Linux Kernel Module Management
• Linux NTFS Filesystem Installation

LAMP/LNMP Environment

• Linux LAMP Environment Setup Preparations
• Linux libxml2 Installation
• Linux libmcrypt Installation
• Linux mhash And mcrypt Installation
• Linux zlib And libpng Installation
• Linux jpeg6 Installation
• Linux freetype Installation
• Linux gd Library Installation
• Linux Apache Installation
• Linux ncurses Installation
• Linux MySQL Installation
• Linux PHP Installation
• Linux memcache Installation
• linux phpMyAdmin Installation
• Linux LNMP Environment Setup Preparations
• LNMP One-click Installation
• Install PHP Extension Modules in LNMP

SELinux Management

• SELinux Overviews
• SELinux Role
• SELinux Work Modes
• SELinux Configuration File (/etc/selinux/config)
• SELinux Work Mode Settings
• SELinux Display Security Context
• SELinux Modify Security Context
• SELinux Query/Modify Default Security Context
• SELinux auditd Logging System Installation
• SELinux auditd Logging System Usage
• SELinux Targeted, MLS And Minimum Strategy
• SELinux Display Strategy Rules
• SELinux Enable/Disable Strategy Rules

How To Display SELinux Strategy Rules (seinfo And sesearch)

SELinux uses policy rules to define access control and enforce security for a system. You can display and analyze these policy rules using the seinfo and sesearch command-line utilities. In this tutorial, we will discuss how to display SELinux policy rules using these tools.

• Installing policy utilities:

First, ensure that the policycoreutils-python-utils package is installed on your system. This package contains the necessary utilities to work with SELinux policies, including seinfo and sesearch.

• For Debian/Ubuntu-based systems:

  sudo apt-get update
  sudo apt-get install policycoreutils-python-utils
  

• For RHEL/CentOS-based systems:

  sudo yum install policycoreutils-python-utils
  

• For openSUSE-based systems:

  sudo zypper install policycoreutils-python-utils
  

• Displaying policy information using seinfo:

The seinfo command provides an overview of the policy components, such as users, roles, types, attributes, and booleans.

To display a summary of the policy components, run:

seinfo

To display information about a specific policy component, use the -x and -t options:

• List all users:

  seinfo -xu
  

• List all roles:

  seinfo -xr
  

• List all types:

  seinfo -xt
  

• List all booleans:

  seinfo -xb
  

• Displaying policy rules using sesearch:

The sesearch command is used to search for specific policy rules in the SELinux policy. To search for a rule, use the following syntax:

sesearch [options] /path/to/policy/file

Some useful options for sesearch include:

• --allow: Search for allow rules.
• --type: Search for type enforcement rules.
• --role_allow: Search for role allow rules.
• -s source_type: Specify the source type.
• -t target_type: Specify the target type.
• -p permission: Specify the permission.

By default, the active policy is located at /etc/selinux/targeted/policy/policy.##.

Examples:

• Search for allow rules involving the httpd_t type:

  sesearch --allow -s httpd_t /etc/selinux/targeted/policy/policy.##
  

• Search for allow rules involving the httpd_t type and file_t type with the read permission:

  sesearch --allow -s httpd_t -t file_t -p read /etc/selinux/targeted/policy/policy.##
  

• Search for role allow rules involving the user_r role:

  sesearch --role_allow -s user_r /etc/selinux/targeted/policy/policy.##
  

In this tutorial, we have discussed how to display SELinux policy rules using the seinfo and sesearch command-line utilities. Understanding and analyzing policy rules is essential for maintaining a secure and well-managed system, especially when troubleshooting or customizing SELinux policies.

1. Querying SELinux policy rules with seinfo and sesearch: Query specific SELinux policy rules using seinfo and sesearch. Example:

   seinfo -aunconditional_access
   

2. How to extract policy details with seinfo and sesearch: Extract detailed information about SELinux policy components. Example:

   seinfo -x /usr/bin/myapp
   

3. SESearch examples for searching SELinux policies: Use sesearch to search for specific policy rules. Example:

   sesearch -Ad -s targeted -t httpd_t