Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@localhost selinux]# history
- 1 yum install -y httpd
- 2 ls -l /var/www
- 3 ls -lZ /var/www
- 4 systemctl enable --now httpd
- 5 ps Zaux | grep http
- 6 ls -lZd /tmp
- 7 netstat -Ztuplen
- 8 mkdir /web
- 9 vim /web/index.html
- 10 vim /etc/httpd/conf/httpd.conf
- 11 systemctl restart httpd
- 12 curl http://localhost
- 13 getenforce
- 14 setenforce permissive
- 15 getenforce
- 16 curl http://localhost
- 17 vim /etc/httpd/conf/httpd.conf
- 18 systemctl restart httpd
- 19 curl http://localhost
- 20 setenforce enforcing
- 21 curl http://localhost
- 22 grep AVC /var/log/audit/audit.log
- 23 sestatus
- 24 yum install -y git
- 25 git clone https://github.com/sandervanvugt/selinux
- 26 ls selinux/
- 27 git clone https://github.com/sandervanvugt/luth
- 28 luth/countdown 12
- 29 ps Zaux
- 30 ps -eZ | grep dbus-daemon
- 31 ps -eZ | grep systemd
- 32 semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
- 33 ls -Zd /web
- 34 cd /etc/selinux/
- 35 ls
- 36 cd targeted/
- 37 ls
- 38 cd contexts/
- 39 ls
- 40 cd files/
- 41 ls
- 42 vim file_contexts.local
- 43 restorecon -Rv /web
- 44 setenforce enforcing
- 45 getenforce
- 46 curl http://localhost
- 47 ls -Z /var/www
- 48 semanage fcontext -l
- 49 semanage fcontext -l | wc
- 50 semanage fcontext -l | grep http
- 51 seinfo -t
- 52 seinfo -t | wc
- 53 seinfo -t | grep http
- 54 man -k _selinux
- 55 yum install selinux-policy-doc
- 56 man -k _selinux
- 57 man -k _selinux | grep vmware
- 58 vim /etc/ssh/sshd_config
- 59 systemctl restart sshd
- 60 systemctl status sshd
- 61 grep AVC /var/log/audit/audit.log
- 62 semanage port -a -t ssh_port_t -p tcp 2022
- 63 systemctl restart sshd
- 64 vim /etc/ssh/sshd_config
- 65 semanage port -a -t ssh_port_t -p tcp 443
- 66 semanage port -t | grep 443
- 67 semanage port -l | grep 443
- 68 semanage port -m -t ssh_port_t -p tcp 443
- 69 systemctl restart sshd
- 70 man semanage-fcontext
- 71 semanage fcontext -a -t tmp_t "/web(/.*)?"
- 72 pwd
- 73 cd ../../..
- 74 ls
- 75 cd
- 76 getsebool -a | wc
- 77 getsebool -a | less
- 78 setsebool ftpd_anon_write on -P
- 79 semanage boolean -l | grep ftpd_a
- 80 getsebool -a | grep kube
- 81 getsebool -a | grep conta
- 82 luth/countdown 12
- 83 ps aux | grep setrou
- 84 grep sealert /var/log/messages
- 85 sealert -l 7113ade3-c84d-4462-90c2-08e95597c5b8 | less
- 86 sesearch -b ftpd_anon_write -A
- 87 yum install -y vsftpd lftp
- 88 grep ftp /etc/passwd
- 89 cd /var/ftp
- 90 ls
- 91 ls -lZ
- 92 chmod 777 pub
- 93 getsebool -a | grep ftp
- 94 setsebool ftpd_anon_write on -P
- 95 ls -l
- 96 systemctl enable --now vsftpd
- 97 lftp localhost
- 98 vim /etc/vsftpd/vsftpd.conf
- 99 systemctl restart vsftpd
- 100 lftp localhost
- 101 setenforce permissive
- 102 lftp localhost
- 103 ls -Z
- 104 sesearch -b ftpd_anon_write -A
- 105 grep sealert /var/log/messages
- 106 sealert -l 966db3a6-0b20-4bce-99d9-e6ec08dc7fbd | less
- 107 cd /
- 108 lftp localhost
- 109 grep sealert /var/log/messages
- 110 sealert -l 966db3a6-0b20-4bce-99d9-e6ec08dc7fbd | less
- 111 sesearch -b ftpd_full_access -A
- 112 man 7 capabilities
- 113 sesearch -b ftpd_anon_write -p read -AC
- 114 sesearch -b ftpd_anon_write -p read -A
- 115 sesearch -s httpd_t -t user_home_t -p read -A
- 116 ps Zaux | grep http
- 117 sesearch -A | grep httpd_t
- 118 ldd $(which passwd)
- 119 ldd $(which httpd)
- 120 vim /etc/httpd/conf/httpd.conf
- 121 grep 81 /etc/services | less
- 122 systemctl restart httpd
- 123 systemctl status httpd
- 124 getenforce
- 125 setenforce enforcing
- 126 systemctl restart httpd
- 127 systemctl status httpd
- 128 systemctl stop httpd
- 129 systemctl start httpd
- 130 semanage port -l | grep http
- 131 vim /etc/httpd/conf/httpd.conf
- 132 systemctl restart httpd
- 133 systemctl status httpd
- 134 semanage permissive -l
- 135 semanage permissive -a httpd_t
- 136 semanage permissive -l
- 137 systemctl restart httpd
- 138 systemctl status httpd
- 139 semanage permissive -d httpd_t
- 140 systemctl status httpd
- 141 systemctl restart httpd
- 142 vim /etc/httpd/conf/httpd.conf
- 143 systemctl restart httpd
- 144 luth/countdown 20
- 145 cd
- 146 luth/countdown 20
- 147 semodule -l
- 148 semodule -l | wc
- 149 grep http /var/log/audit/audit.log | audit2allow -M mypolicy
- 150 ls mypolicy.*
- 151 vim mypolicy.te
- 152 seinfo -c | less
- 153 seinfo -cfile -x
- 154 grep AVC /var/log/audit/audit.log
- 155 grep http /var/log/audit/audit.log | grep AVC > httpavc.txt
- 156 vim httpavc.txt
- 157 cat httpavc.txt | audit2allow -M http_pol
- 158 ls
- 159 vim http_pol.te
- 160 vim sander.te
- 161 vim sander.fc
- 162 checkmodule -M -m -o sander.mod sander.te
- 163 vim sander.te
- 164 checkmodule -M -m -o sander.mod sander.te
- 165 semodule_package -o sander.pp -m sander.mod -f sander.fc
- 166 semodule -i sander.pp
- 167 mkdir /opt/sander
- 168 restorecon -Rv /opt/sander
- 169 cat sander.te
- 170 cat sander.fc
- 171 reboot
- 172 history
- 173 ls -a
- 174 cp .bash_history 4hourhistory
- 175 sesearch --dontaudit
- 176 sesearch --dontaudit | wc
- 177 sesearch -D -s sshd_t -d
- 178 sesearch -D -s sshd_t
- 179 sesearch -T
- 180 pstree -Z | grep -e '^systemd -e httpd'
- 181 pstree -Z | grep -e ^systemd -e httpd
- 182 luth/countdown 13
- 183 git clone https://github.com/SELinuxProject/refpolicy
- 184 cd refpolicy/
- 185 ls
- 186 cd policy/
- 187 ls
- 188 cd modules/
- 189 ls
- 190 ls */*.fc
- 191 cd /usr/share/doc/
- 192 ls
- 193 cd selinux-policy/
- 194 ls
- 195 vim example.te
- 196 vim example.fc
- 197 make -f /usr/share/selinux/devel/Makefile myapp.pp
- 198*
- 199 make -f Makefile.example myapp.pp
- 200 make -f /usr/share/doc/selinux-policy/Makefile.example myapp.pp
- 201 cd /usr/share/doc/selinux-policy/
- 202 ls
- 203 make -f Makefile.example example.pp
- 204 yum -qf /usr/share/selinux/targeted/include/Makefile
- 205 rpm -qf /usr/share/selinux/targeted/include/Makefile
- 206 cd
- 207 cd selinux/
- 208 ls
- 209 cat rot13.service
- 210 cat server.php
- 211 ./setup-rot.sh
- 212 sepolgen --application startrot
- 213 cat startrot.te
- 214 vim startrot.fc
- 215 ls
- 216 systemctl stop vsftpd
- 217 ps aux | grep ftp
- 218 runcon -u system_u -r system_r -t httpd_t vsftpd
- 219 vsftpd
- 220 killall vsftpd
- 221 which vsftpd
- 222 runcon --help
- 223 journactl
- 224 journalctl
- 225 grep sealert /var/log/messages
- 226 sealert -l 34a375bf-7083-45e8-b125-b0714087d24a | less
- 227 # ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 228 # semodule -X 300 -i my-runcon.pp
- 229 ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 230 semodule -X 300 -i my-runcon.pp
- 231 runcon --help
- 232 runcon -u system_u -r system_r -t httpd_t vsftpd
- 233 grep ftp /var/log/messages
- 234 grep sealert /var/log/messages
- 235 sealert -l def5c383-09e1-4881-8e4a-f69d7e08867f | less
- 236 setsebool -P domain_can_mmap_files 1
- 237 runcon -u system_u -r system_r -t httpd_t vsftpd
- 238 date
- 239 grep sealert /var/log/messages
- 240 setenforce 0
- 241 runcon -u system_u -r system_r -t httpd_t vsftpd
- 242 grep sealert /var/log/messages
- 243 ps Zaux | grep ftp
- 244 pwd
- 245 ls
- 246 sepolgen --application startrot
- 247 vim startrot.te
- 248 startrot.sh
- 249 ls
- 250 ./startrot.sh
- 251 ls -lZ startrot*
- 252 seinfo -t | grep start
- 253 history
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement