Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@localhost ~]# history
- 1 dnf install -y httpd
- 2 systemctl enable --now httpd
- 3 ps aux | grep http
- 4 ps Zaux | grep http
- 5 ls -lZ /var/www
- 6 getenforce
- 7 setenforce permissive
- 8 getenforce
- 9 setenforce disabled
- 10 reboot
- 11 getenforce
- 12 setenforce enforcing
- 13 reboot
- 14 podman ps
- 15 podman ps -a
- 16 podman inspect 7a4f5afe3ef2 > ubi8.json
- 17 udica -j ubi8.json ubi8pol
- 18 semodule -i ubi8pol.cil /usr/share/udica/templates/{base_container.cil,net_container.cil,home_container.cil}
- 19 podman stop 7a4f5afe3ef2
- 20 podman run --security-opt label=type:ubi8pol.process -v /home:/home:ro -v /var/spool:/var/spool:rw -p 21:21 -it ubi8 bash
- 21 podman run --security-opt label=type:ubi8pol.process -v /home:/home:ro -v /var/spool:/var/spool:rw -it ubi8 bash
- 22 ssh linda@localhost
- 23 chvt 4
- 24 w
- 25 semanage user -l
- 26 #semanage login -m -s sysadm_u root
- 27 semanage login -m -s user_u -r s0 __default__
- 28 semanage login -l
- 29 useradd anna
- 30 echo password | passwd --stdin anna
- 31 chvt 5
- 32 getsebool -a | grep user
- 33 getsebool -a | grep sysadm
- 34 cd selinux/
- 35 ./countdown 13
- 36 seinfo -t exec_type -x
- 37 seinfo -t httpd_sys_content_t -x
- 38 pwd
- 39 ls
- 40 vim setup-rot.sh
- 41 vim rot13.service
- 42 vim server.php
- 43 vim setup-rot.sh
- 44 ./setup-rot.sh
- 45 sepolgen --application startrot13
- 46 ls
- 47 cat startrot13
- 48 cat startrot13.te
- 49 cat startrot13.fc
- 50 ./startrot13.sh
- 51 vim startrot13.te
- 52 ./startrot13.sh
- 53 semodule -d startrot
- 54 semodule -d startrot13
- 55 ./startrot13.sh
- 56 systemctl stop vsftpd
- 57 systemctl stop httpd
- 58 runcon -u system_u -r system_r -t httpd_t vsftpd
- 59 grep AVC /var/log/audit/audit.log
- 60 vim sander.te
- 61 pwd
- 62 ls
- 63 cd ..
- 64 ls
- 65 cat sander.te
- 66 cp sander.te runcon.te
- 67 vim runcon.te
- 68 getenforce
- 69 setenforce permissive
- 70 runcon -u system_u -r system_r -t httpd_t vsftpd
- 71 ps Zaux | grep vsft
- 72 grep AVC /var/log/audit/audit.log
- 73 vim vsftp.te
- 74 mv vsftp.te vsftp.txt
- 75 cat vsftp.txt | audit2allow
- 76 ls
- 77 journalct | grep sealert
- 78 journalctl | grep sealert
- 79 sealert -l 3be52f7d-015d-4c83-aecb-a6fa5920ce9c | less
- 80 # ausearch -c 'vsftpd' --raw | audit2allow -M my-vsftpd
- 81 # semodule -X 300 -i my-vsftpd.pp
- 82 cat vsftp.txt | audit2allow -M myvsftpd
- 83 vim myvsftpd.te
- 84 semodule -i myvsftpd.te
- 85 semodule -i myvsftpd.pp
- 86 runcon -u system_u -r system_r -t httpd_t vsftpd
- 87 systemctl cat vsftpd.service
- 88 systemctl edit vsftp.service
- 89 systemctl edit vsftpd.service
- 90 which runcon
- 91 systemctl edit vsftpd.service
- 92 setenforce enforcing
- 93 systemctl restart vsftpd.service
- 94 exit
- 95 dnf install git
- 96 git clone https://github.com/sandervanvugt/selinux
- 97 cd selinux/
- 98 ls
- 99 vim /var/www/html/index.html
- 100 systemctl restart httpd
- 101 curl localhost
- 102 ps Zaux | grep http
- 103 ls -Z /var/www/html/index.html
- 104 mkdir /web
- 105 vim /web/index.html
- 106 vim /etc/httpd/conf/httpd.conf
- 107 systemctl restart httpd
- 108 curl localhost
- 109 getenforce
- 110 setenforce permissive
- 111 curl localhost
- 112 vim /etc/httpd/conf/httpd.conf
- 113 systemctl restart httpd
- 114 curl localhost
- 115 setenforce enforcing
- 116 grep AVC /var/log/audit/audit.log
- 117 ./countdown 1
- 118 cd ..
- 119 git clone https://github.com/SELinuxProject/RefPolicy
- 120 sestatus
- 121 vim /etc/sysconfig/selinux
- 122 cd selinux/
- 123 ./countdown 12
- 124 ./countdown 6
- 125 grep AVC /var/log/audit/audit.log
- 126 ls -Z /var/www
- 127 semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
- 128 cd /etc/selinux/
- 129 ls
- 130 cd targeted/
- 131 ls
- 132 cd contexts/
- 133 ls
- 134 cd files
- 135 ls
- 136 pwd
- 137 cat file_contexts.local
- 138 ls -dZ /web
- 139 restorecon -Rv /web
- 140 ls -Zd /var/www
- 141 man semanage-fcontext
- 142 ps aux | grep setroub
- 143 journalctl | grep sealert
- 144 sealert -l 34c49ef7-763b-442b-851a-35b3d1916918 | less
- 145 grep AVC /var/log/audit/audit.log
- 146 dnf install -y selinux-policy-doc
- 147 man -k _selinux
- 148 man -k _selinux | wc
- 149 man -k _selinux | grep http
- 150 man httpd_selinux
- 151 man ypbind_selinux
- 152 vim /etc/ssh/sshd_config
- 153 systemctl restart sshd
- 154 systemctl status sshd
- 155 journalctl | grep AVC
- 156 grep avc /var/log/audit/audit.log
- 157 man semanage-port
- 158 #semanage port -a -t ssh_port_t -p tcp 8991
- 159 semanage port -a -t ssh_port_t -p tcp 443
- 160 man semanage-port
- 161 semanage port -m -t ssh_port_t -p tcp 443
- 162 systemctl restart sshd
- 163 ss -tunap
- 164 ss -tunapZ
- 165 dnf install -y vsftpd
- 166 vim /etc/vsftpd/vsftpd.conf
- 167 grep ftp /etc/passwd
- 168 cd /var/ftp/
- 169 ls
- 170 ls -l
- 171 chmod 777 pub
- 172 systemctl restart vsftpd
- 173 dnf install -y lftp
- 174 lftp localhost
- 175 grep avc /var/log/audit/audit.log
- 176 journalct | grep sealert
- 177 journalctl | grep sealert
- 178 sealert -l b6ed4355-8200-4156-a467-997b80b10ab8 | less
- 179 setsebool -P allow_ftpd_anon_write 1
- 180 lftp localhost
- 181 setsebool -P allow_ftpd_anon_write 1
- 182 sealert -l b6ed4355-8200-4156-a467-997b80b10ab8 | less
- 183 semanage fcontext -a -t public_content_rw_t pub
- 184 less /etc/selinux/targeted/contexts/files/file_contexts.local
- 185 man semanage-fcontext
- 186 semanage fcontext -d -t public_content_rw_t pub
- 187 less /etc/selinux/targeted/contexts/files/file_contexts.local
- 188 semanage fcontext -a -t public_content_rw_t "/var/ftp/pub(/.*)?"
- 189 restorecon -Rv /var/ftp/pub
- 190 lftp localhost
- 191 cd
- 192 cd selinux/
- 193 ./countdown 13
- 194 dnf provides */sesearch
- 195 dnf install setools-console
- 196 man sesearch
- 197 sesearch -b ftpd_anon_write -A
- 198 getsebool -a | grep ftp
- 199 sesearch -b ftpd_full_access -A
- 200 sesearch -s httpd_t -t user_home_t -p read -A
- 201 grep AVC /var/log/audit/audit.log | grep ssh
- 202 sesearch -s sshd_t -t http_port_t -p name_bind -A
- 203 ps Zaux | grep cron
- 204 sesearch -A | wc
- 205 sesearch -A | grep crond_t
- 206 sesearch -A | grep crond_t | wc
- 207 man -k _selinux | grep cron
- 208 man crond_selinux
- 209 ldd $(which passwd)
- 210 ssh student@192.168.29.184
- 211 ssh student@192.168.29.194
- 212 ss tuneap | grep ssh
- 213 ss -tunap | grep ssh
- 214 man restorecon
- 215 ps Zaux
- 216 seinfo -tunconfined_t
- 217 seinfo -aunconfined_domain_type -x
- 218 seinfo -aunconfined_domain_type -x | less
- 219 yum install container-tools
- 220 podman run --env container=podman -v /home:/home:ro -v /var/spool:/var/spool:rw -p 21:21 -it ubi8 bash
- 221 podman ps
- 222 podman ps -a
- 223 podman stop 7a4
- 224 podman stop 11f
- 225 ps Zaux | grep ubi8
- 226 ./countdown 18
- 227 semodule -l
- 228 semodule -d zabbix
- 229 journalctl | grep sealer
- 230 sealert -l 34c49ef7-763b-442b-851a-35b3d1916918 | less
- 231 # ausearch -c 'httpd' --raw | audit2allow -M my-httpd
- 232 # semodule -X 300 -i my-httpd.pp
- 233 grep AVC /var/log/audit/audit.log | grep http > http_allow.txt
- 234 vim http_allow.txt
- 235 cat http_allow.txt | audit2allow -M httppol
- 236 ls httpp*
- 237 vim httppol.te
- 238 semodule -i httppol.pp
- 239 cd ..
- 240 ls
- 241 cd RefPolicy/
- 242 ls
- 243 cd policy/
- 244 ls
- 245 cd modules/
- 246 ls
- 247 cd services
- 248 ls
- 249 vim obex.te
- 250 seinfo -c | less
- 251 seinfo -csocket -x
- 252 seinfo -cfile -x
- 253 seinfo -c file -x
- 254 semanage port -m -t http_port_t -p tcp 443
- 255 systemctl restart sshd
- 256 cd
- 257 vim sander.te
- 258 vim sander.fc
- 259 checkmodule -M -m -o sander.mod sander.te
- 260 semodule_package -o sander.pp -m sander.mod -f sander.fc
- 261 semodule -i sander.pp
- 262 mkdir /opt/sander
- 263 touch /opt/sander/file.txt
- 264 ls -Zd /opt/sander/
- 265 restorecon -Rv /opt/sander
- 266 semanage user -l
- 267 semanage login -l
- 268 useradd linda
- 269 echo password | passwd --stdin linda
- 270 useradd -Z sysadm_u -G wheel lisa
- 271 semanage login -a -s user_u linda
- 272 semanage login -l
- 273 exit
- 274 history
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement