×ðÁú¿­Ê±¹ÙÍøµÇ¼

ÉîÈëÆÊÎö£ºSELinuxµÄ¿´·¨Óë×÷ÓÃ

SELinuxÊÇÒ»ÖÖÇå¾²ÔöÇ¿ÐÍLinuxϵͳ £¬ËüµÄÈ«³ÆÊÇSecurity-Enhanced Linux £¬Ö¼ÔÚÌá¸ßLinux²Ù×÷ϵͳµÄÇå¾²ÐÔ¡£SELinuxµÄÉè¼ÆÄ¿µÄÊÇÔڹŰåµÄLinuxȨÏÞÖÎÀíÖ®ÉÏÌṩԽ·¢Ï¸ÄåµÄ»á¼û¿ØÖÆ £¬ÒÔ±£»¤ÏµÍ³×ÊÔ´ºÍÊý¾ÝµÄÇå¾²ÐÔ¡£±¾ÎĽ«ÉîÈë̽ÌÖSELinuxµÄ½ç˵¡¢¹¦Ð§ÒÔ¼°ÌṩÏêϸµÄ´úÂëʾÀý £¬×ÊÖú¶ÁÕ߸üºÃµØÏàʶºÍʹÓÃSELinux¡£

Ò»¡¢SELinuxµÄ½ç˵

SELinuxÊÇÓÉÃÀ¹ú¹ú¼ÒÇå¾²¾Ö£¨NSA£©¿ª·¢µÄÒ»ÖÖÇå¾²ÔöÇ¿ÐÍLinuxÇ徲ģ¿é¡£Ëü»ùÓÚÇ¿ÖÆ»á¼û¿ØÖÆ£¨MAC£©Ä£×Ó £¬Óë¹Å°åµÄLinuxȨÏÞÖÎÀíÄ£×ÓÏà±È £¬Ô½·¢Ç¿µ÷ȨÏÞµÄϸÁ£¶È¿ØÖÆ¡£ÔÚSELinuxÖÐ £¬Ã¿¸öÀú³Ì¡¢Îļþ¡¢¶Ë¿Ú¡¢Óû§¶¼ÓÐÓëÖ®Ïà¹ØÁªµÄÇå¾²Õ½ÂÔ £¬ÕâЩսÂÔͨ¹ýÇå¾²Õ½ÂÔ¹æÔò£¨Security Policy Rules£©À´½ç˵¡£

¶þ¡¢SELinuxµÄ¹¦Ð§

Ç¿ÖÆ»á¼û¿ØÖÆ£ºÔÚSELinuxÖÐ £¬ËùÓеĻá¼û¶¼Òª¾­ÓÉÇ¿ÖÆ»á¼û¿ØÖƵļì²é¡£ÕâÒâζ×Å×ÝÈ»Óû§¾ßÓÐrootȨÏÞ £¬Ò²ÎÞ·¨ÈƹýSELinuxµÄ»á¼û¿ØÖƹæÔò¾ÙÐÐÎļþ»á¼û»òÀú³Ì¼äͨѶ £¬´Ó¶øÓÐÓÃÌá¸ßϵͳµÄÇå¾²ÐÔ¡£

Çå¾²ÉÏÏÂÎÄ£ºSELinuxÒýÈëÁËÇå¾²ÉÏÏÂÎĵĿ´·¨ £¬ÎªÃ¿¸ö¹¤¾ß£¨ÀýÈçÎļþ¡¢Àú³Ì£©·ÖÅÉÒ»¸öΨһµÄÇå¾²ÉÏÏÂÎıêʶ¡£ÕâÑù¿ÉÒÔÈ·±£ÔÚ»á¼û¹¤¾ßʱ £¬Ö»ÓÐÇкÏÇå¾²±êʶµÄÖ÷Ì壨ÈçÓû§¡¢Àú³Ì£©²Å»ª¾ÙÐлá¼û¡£

ÀàÐÍÇ¿ÖÆ£ºSELinux»ùÓÚ¹¤¾ßµÄÀàÐͶԻá¼ûȨÏÞ¾ÙÐпØÖÆ £¬½«²î±ðÀàÐ͵Ť¾ßÍÑÀë £¬È·±£Ö»ÓÐÌض¨ÀàÐ͵Ť¾ßÄܹ»Ï໥»á¼û £¬´Ó¶ø±ÜÃâÐÅϢ鶻ò¶ñÒâ¹¥»÷¡£

Èý¡¢Ïêϸ´úÂëʾÀý

ÏÂÃæÌṩһ¸ö¼òÆӵĴúÂëʾÀýÀ´ÑÝʾÔõÑùʹÓÃSELinuxµÄÏÂÁîÐй¤¾ßÀ´ÖÎÀíSELinuxÕ½ÂÔ¡£

Éó²éSELinux״̬£º

sestatus

µÇ¼ºó¸´ÖÆ

ÔËÐÐÒÔÉÏÏÂÁî £¬¿ÉÒÔÉó²éÄ¿½ñϵͳÖÐSELinuxµÄ״̬ £¬°üÀ¨ÊÇ·ñÆôÓá¢Ä¿½ñģʽµÈÐÅÏ¢¡£

ÐÞ¸ÄÎļþµÄÇå¾²ÉÏÏÂÎÄ£º

chcon -t httpd_sys_content_t /var/www/html/index.html

µÇ¼ºó¸´ÖÆ

ÒÔÉÏÏÂÁÎļþ/var/www/html/index.htmlµÄÇå¾²ÉÏÏÂÎĸü¸ÄΪhttpd_sys_content_t £¬ÕâÑùApacheЧÀÍÆ÷¾ÍÄܹ»»á¼û¸ÃÎļþ¡£

Ìí¼Ó×Ô½ç˵SELinuxÕ½ÂÔ£º

semanage fcontext -a -t httpd_sys_content_t '/var/www/html/custom.html'
restorecon -Rv /var/www/html

µÇ¼ºó¸´ÖÆ

ÒÔÉÏ´úÂëʾÀýÑÝʾÁËÔõÑùÌí¼Ó×Ô½ç˵Îļþ/var/www/html/custom.htmlµÄSELinuxÕ½ÂÔ £¬Ê¹µÃApacheЧÀÍÆ÷¿ÉÒÔ»á¼û¸ÃÎļþ £¬²¢Í¨¹ýrestoreconÏÂÁî»Ö¸´ÎļþµÄÇå¾²ÉÏÏÂÎÄ¡£

ͨ¹ýÒÔÉÏ´úÂëʾÀý £¬¶ÁÕß¿ÉÒÔÏàʶµ½ÔõÑùʹÓÃSELinuxµÄÏÂÁîÐй¤¾ßÀ´ÖÎÀíSELinuxÕ½ÂÔ £¬ÊµÏÖ¶Ôϵͳ×ÊÔ´µÄÔ½·¢Ï¸Á£¶ÈµÄ¿ØÖƺͱ£»¤¡£

×ܽ᣺

±¾ÎÄÉîÈë̽ÌÖÁËSELinuxµÄ½ç˵¡¢¹¦Ð§ £¬²¢ÌṩÁËÏêϸµÄ´úÂëʾÀý £¬Ï£Íû¶ÁÕßÄܹ»Í¨¹ý±¾ÎĸüºÃµØÏàʶºÍʹÓÃSELinux £¬Ìá¸ßLinuxϵͳµÄÇå¾²ÐÔºÍÎȹÌÐÔ¡£SELinux×÷ΪһÖÖÇå¾²ÔöÇ¿ÐÍLinuxϵͳ £¬ÔÚÄ¿½ñÐÅÏ¢Çå¾²ÈÕÒæÍ»³öµÄÅä¾°Ï £¬¾ßÓÐÖ÷ÒªµÄÓ¦ÓúÍÍƹã¼ÛÖµ¡£

ÒÔÉϾÍÊÇÉîÈëÆÊÎö£ºSELinuxµÄ¿´·¨Óë×÷ÓõÄÏêϸÄÚÈÝ £¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí £¬°æȨÕùÒéÓë±¾Õ¾ÎÞ¹Ø £¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±¹ÙÍøµÇ¼ÂËÓÍ»úÍø¹Ù·½Ì¬¶È £¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ £¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢ £¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢ £¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼ʵʱÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼

13452372176

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎå £¬9:30-18:30 £¬½ÚãåÈÕÐÝÏ¢

QR code
ÍøÕ¾µØͼ