Linux Tutorial

• Linux Tutorial
• Linux Common Linux Distributions
• Linux Desktop Environment
• Linux Remote Management Protocols
• Linux Remote Administration Tools
• Linux File Directory Structure
• Linux Mount

Linux File/Directory Management

• Linux File System Structure
• Linux Absolute And Relative Paths
• Linux File/Directory Naming Rules
• Linux Commands Format
• Linux Change Directory (cd Command)
• Linux Show Current Path (pwd Command)
• linux View Files In A Directory (ls Command)
• Linux Create A Directory (mkdir Command)
• Linux Remove Empty Directory (rmdir Command)
• Linux Create File And Modify File Timestamp (touch Command)
• Linux Create Hard/Soft Links To File (ln Command)
• Linux Copy File And Directory (cp Command)
• Linux Delete A File Or Directory (rm Command)
• Linux Move File Or Directory (mv Command)
• Linux Environment Variables

Linux Packaging And Compression

• Linux Packaging (tar Command)
• Linux Compress A File Or Directory to ".zip" (zip Command)
• Linux Unzip ".zip" File (unzip Command)
• Linux Compress A File Or Directory to ".gz" (gzip Command)
• Linux Unzip ".gz" File (gunzip Command)
• Linux Compress A File Or Directory to ".bz2" (bzip2 Command)
• Linux Unzip ".bz2" File (bunzip2 Command)

Vim Text Editor

• Vim Installation
• Linux Vim Basic Operations
• Vim Cursor Moving Shortcuts
• Linux Vim Undo And Redo-Undo Shortcuts
• Linux Vim Visualization Mode
• Linux Vim Batch Comments And Custom Comment

Linux Text Processing

• Linux Concatenate Files (cat Command)
• Linux Display File Content by Paging (more Command)
• Linux Display The Beginning Content Of File (head Command)
• Linux Display File Content (less Command)
• Linux Display The Ending Content Of File (tail Command)
• Linux Find File Contents (grep Command)
• Linux Edit File Text (sed Command)
• Linux Edit File Text (awk Command)

Linux Software Installation

• Linux Packages
• Linux RPM Packages' Naming Rules
• Linux RPM Package Installation, Uninstallation And Upgrade (rpm Command)
• Linux Query Packages (rpm Command)
• Linux RPM Package Verification And Digital Certificates
• Linux Extract RPM Package File (cpio Command)
• Linux SRPM Source Package Installation
• Linux yum Source Configuration
• Linux yum Commands
• Linux yum Manage Software Group
• Linux Source Package Installation And Uninstallation
• Linux Source Package Upgrade

Linux User/User Group Management

• Linux Users And User Groups
• Linux UID And GID
• Linux /etc/passwd
• Linux /etc/shadow
• Linux /etc/group
• Linux /etc/gshadow
• Linux Initial And Additional Groups
• Linux /etc/login.defs
• Linux Adding A New System User (useradd Command)
• Linux Change User Password (passwd Command)
• Linux Modify User Information (usermod Command)
• Linux Modify User Password Status (chage Command)
• Linux Delete User (userdel Command)
• Linux View User's UID And GID (id Command)
• Linux Switch Between Users (su Command)
• Linux whoami And who am i Command
• Linux Add User Group (groupadd Command)
• Linux Modify User Group (groupmod Command)
• Linux Delete User Group (groupdel Command)
• Linux Add User To Or Remove User From Group (gpasswd Command)
• Linux Switch The Effective Group Of Users (newgrp Command)

Linux Permission Management

• The Importance Of Linux Permission Management
• Linux Modify The Group Of File And Directory (chgrp Command)
• Linux Modify The Owner And Group Of File And Directory (chown Command)
• Linux Permission Bits
• Linux Modify The File Or Directory Permissions (chmod Command)
• Linux Create/Modify File And Directory Default Permissions (umask Command)
• Linux ACL Access Control Permission
• Linux ACL Permission Settings
• Linux mask Effective Permissions
• Linux SetUID (SUID) Special Permission
• Linux SetGID (SGID) Special Permission
• Linux Stick BIT (SBIT) Special Permission
• Linux Modify File And Directory Permission Attributes (chattr Command)
• Linux Display File And Directory Permission Attributes (lsattr Command)
• Linux System Permission Management (sudo Command)

Linux Filesystem Management

• Linux Display File System Hard Disk Usage (df Command)
• Linux Count The Disk Space Occupied By A Directory Or File (du Command)
• Linux Mount Files Outside The Linux System (mount Command)
• Linux Unmount Filesystem (umount Command)
• Linux Detect And Repair Filesystems (fsck Command)
• Linux Display FileSystem Information (dumpe2fs Command)
• Linux Partition Hard Disk (fdisk Command)
• Linux Partition Large Capacity Hard Disk (parted Command)
• linux Format Partition (mkfs Command)
• Linux Format Hard Disk (mke2fs Command)
• Linux Virtual Memory And Physical Memory

Linux Advanced Filesystem Management

• Disk Quota Overview
• Preparation For Disk Quota Startup
• Linux Scan FileSystem And Create A Quota File (quotacheck Command)
• Linux Turn On Disk Quota Limit (quotaon Command)
• Linux Turn Off Disk Quota Limits (quotaoff Command)
• Linux Modify User (Group) Disk Quota (edquota Command)
• Linux Set Disk Quota Non-interactively (setquota Command)
• Linux Query Disk Quota (quota And repquota Command)
• Linux LVM Logical Volume Management
• Linux PV Physical Volumes
• Linux VG Volume Group
• Linux LV Logical Volumes

Linux System Management

• Linux Process Management
• Linux Start A Process
• Linux Display Running Processes (ps Command)
• Linux Continuously Monitor Process Running Status (top Command)
• Linux Display Process Tree (pstree Command)
• Linux List Information About Files Called Or Opened By A Process (lsof Command)
• Linux Process Priority
• Linux Change Process Priority (nice And renice Command)
• Linux Common Signals
• Linux Kill Process (kill Command)
• Linux Kill A Specific Group Of Processes (killall Command)
• Linux Kick User By Terminal Number (pkill Command)
• Linux Work Management
• Linux Run Commands In The Background
• Linux Display The Jobs That Current Terminal Puts Into The Background (jobs Command)
• Linux Restore Background Commands To Foreground (fg Command)
• Linux Resume Suspended Work in Background (bg Command)
• Linux Run Background Commands Away From The Terminal (nohup Command)
• Linux Execute Tasks Regularly (at Command)
• Linux Execute Scheduled Tasks In A Loop (crontab Command)
• Linux Detect Scheduled Tasks Haven't Been Executed For A Long Time (anacron Command)
• Linux Monitor System Resources (vmstat Command)
• Linux Display Boot Information (dmesg Command)
• Linux Display Memory Status (free Command)
• Linux Display Login User Information (w And who Command)
• Linux Display Logged In Users Information (last And lastlog Command)

Linux Backup and Recovery

• Linux Backup Strategy
• Linux Backup Data (tar Command)
• Linux Backup Partition, File Or Directory (dump Command)
• Linux Restore File, Directory Or Partition (restore Command)
• Linux Data Backup With Format Conversion (dd Command)
• Linux Local Backup and Remote Backup (rsync Command)

Linux System Service Management

• Linux System Services
• linux Port
• Linux Independent Service Management
• Linux Xinetd Service Management
• Linux Source Package Service Management
• Linux Common Service Categories And Functions
• Factors Affecting Linux System Performance
• Linux Analyze System Performance (sar Command)

Linux System Log Management

• Linux rsyslogd Service
• Linux Log File Format
• Linux rsyslogd Configuration File
• Linux Setup Log Server
• Linux Log Rotation (Log Dump)
• Linux Log Rotation (logrotate Command)
• Linux Log Analysis Tool (logwatch)

Linux Boot Management

• Linux System Startup Process
• Linux BIOS POST
• Linux Master Boot Directory (MBR)
• Linux Kernel Module Loading Process
• Linux Initializes The System Environment (/sbin/init)
• Linux Set System Default Runlevel (/etc/inittab)
• Linux /etc/rc.d/rc.local Configuration File
• Linux Bootloader (GRUB) Loads The Kernel
• Linux /boot/grub/ Directory
• Linux GRUB Disk Partition
• Linux GRUB Configuration File (/boot/grub/grub.conf)
• Linux GRUB Configuration File For Multi-system Coexistence
• Linux GRUB Manual Installation
• Linux GRUB Encryption
• Linux Adjust The Resolution Of Character Interface
• Linux Kernel Module Management
• Linux NTFS Filesystem Installation

LAMP/LNMP Environment

• Linux LAMP Environment Setup Preparations
• Linux libxml2 Installation
• Linux libmcrypt Installation
• Linux mhash And mcrypt Installation
• Linux zlib And libpng Installation
• Linux jpeg6 Installation
• Linux freetype Installation
• Linux gd Library Installation
• Linux Apache Installation
• Linux ncurses Installation
• Linux MySQL Installation
• Linux PHP Installation
• Linux memcache Installation
• linux phpMyAdmin Installation
• Linux LNMP Environment Setup Preparations
• LNMP One-click Installation
• Install PHP Extension Modules in LNMP

SELinux Management

• SELinux Overviews
• SELinux Role
• SELinux Work Modes
• SELinux Configuration File (/etc/selinux/config)
• SELinux Work Mode Settings
• SELinux Display Security Context
• SELinux Modify Security Context
• SELinux Query/Modify Default Security Context
• SELinux auditd Logging System Installation
• SELinux auditd Logging System Usage
• SELinux Targeted, MLS And Minimum Strategy
• SELinux Display Strategy Rules
• SELinux Enable/Disable Strategy Rules

Query And Modify SELinux Default Security Context (semanage Command)

The semanage command is a powerful tool for managing SELinux policies and settings, including querying and modifying the default security context for various objects. In this tutorial, we'll discuss how to use the semanage command to work with default security contexts.

• Installing the semanage utility:

First, ensure that the policycoreutils-python-utils package is installed on your system. This package contains the necessary utilities, including semanage.

• For Debian/Ubuntu-based systems:

  sudo apt-get update
  sudo apt-get install policycoreutils-python-utils
  

• For RHEL/CentOS-based systems:

  sudo yum install policycoreutils-python-utils
  

• For openSUSE-based systems:

  sudo zypper install policycoreutils-python-utils
  

• Querying default security contexts:

The semanage fcontext command is used to query and modify file default security contexts. To list all default file contexts, run:

sudo semanage fcontext -l

To query a specific file context, use the -L option followed by the file path or a regular expression:

sudo semanage fcontext -l | grep "/path/to/file"

• Modifying default security contexts:

To add or modify a default security context, use the -a (add) or -m (modify) options along with -t (type) and the target file path or expression:

• Add a new default security context:

  sudo semanage fcontext -a -t context_type "/path/to/file(/.*)?"
  

• Modify an existing default security context:

  sudo semanage fcontext -m -t context_type "/path/to/file(/.*)?"
  

For example, to change the default security context type of the /srv/www directory and its contents to httpd_sys_content_t, run:

sudo semanage fcontext -a -t httpd_sys_content_t "/srv/www(/.*)?"

• Applying changes to default security contexts:

After modifying a default security context, use the restorecon command to apply the changes:

sudo restorecon -R /path/to/file_or_directory

For example, to apply the changes for the /srv/www directory and its contents, run:

sudo restorecon -R /srv/www

In this tutorial, we've discussed how to use the semanage command to query and modify default security contexts for files in SELinux. Properly managing default security contexts is crucial for maintaining a secure and well-managed Linux system.

1. Querying SELinux default security context with semanage:

   • Description: Learn how to use semanage to retrieve information about the default security contexts in SELinux.
   • Code:

     semanage fcontext -l
     

2. Modifying default context settings using semanage:

   • Description: Understand the process of changing default context settings using semanage.
   • Code:

     semanage fcontext -a -t httpd_sys_content_t '/custom/path(/.*)?'
     

3. How to use semanage to manage SELinux contexts:

   • Description: Explore the basic usage of semanage for managing SELinux contexts.
   • Code:

     semanage login -a -s unconfined_u -r s0-s0:c0.c1023 myuser
     

4. Customizing default contexts with semanage in Linux:

   • Description: Learn to customize default contexts using semanage on Linux systems.
   • Code:

     semanage fcontext -a -t my_custom_type '/custom/path(/.*)?'
     

5. Viewing and editing SELinux policy settings with semanage:

   • Description: Understand how to view and edit SELinux policy settings using semanage.
   • Code:

     semanage boolean -l
     semanage boolean -m --on my_bool_setting
     

6. Managing SELinux port types with semanage:

   • Description: Explore how to manage SELinux port types using semanage.
   • Code:

     semanage port -l
     semanage port -a -t http_port_t -p tcp 8080
     

7. Using semanage to modify user and role settings in SELinux:

   • Description: Learn to modify user and role settings in SELinux with semanage.
   • Code:

     semanage user -a -R 'staff_r sysadm_r' -r s0-s0:c0.c1023 myuser
     

8. SELinux context persistence and semanage commands:

   • Description: Understand how SELinux context changes persist and the relevant semanage commands.
   • Code:

     semanage -o
     

9. Advanced options for semanage in Unix-like systems:

   • Description: Explore advanced features and options available in semanage on Unix-like systems.
   • Code:

     semanage login -d -s staff_u myuser
     

10. Troubleshooting SELinux default context issues with semanage:

    • Description: Learn how to use semanage for troubleshooting default context issues in SELinux.
    • Code:

      semanage fcontext -l | grep <pattern>