Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1 yum install httpd
- 2 systemctl start httpd
- 3 ps Zaux | grep http
- 4 ls -Zl /var/www
- 5 lsmod | grep lsm
- 6 ls /etc/selinux/
- 7 cd
- 8 getenforce
- 9 setenforce --help
- 10 vim /etc/sysconfig/selinux
- 11 vim /etc/httpd/conf/httpd.conf
- 12 mkdir /web
- 13 vim /web/index.html
- 14 systemctl restart httpd
- 15 curl http://localhost
- 16 getenforce
- 17 grep AVC /var/log/audit/audit.log
- 18 setenforce permissive
- 19 curl http://localhost
- 20 setenforce 1
- 21 vim /web/index.html
- 22 vim /etc/httpd/conf/httpd.conf
- 23 systemctl restart httpd
- 24 curl http://localhost
- 25 grep AVC /var/log/audit/audit.log
- 26 setenforce 0
- 27 curl http://localhost
- 28 grep AVC /var/log/audit/audit.log
- 29 git clone https://github.com/sandervanvugt/luth
- 30 git clone https://github.com/sandervanvugt/selinux
- 31 cd luth
- 32 ./countdown 15
- 33 cd ..
- 34 git clone https://github.com/SELinuxProject/refpolicy
- 35 id -Z
- 36 sestatus
- 37 ps Zaux | grep http
- 38 ls -lZ /var/www
- 39 ls -dZ /web
- 40 grep AVC /var/log/audit/audit.log
- 41 man semanage
- 42 man semanage-fcontext
- 43 semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"
- 44 ls -dZ /web
- 45 cd /etc/selinux/
- 46 ls
- 47 cd targeted/
- 48 ls
- 49 cd contexts/
- 50 ls
- 51 cd files/
- 52 ls
- 53 cat file_contexts.local
- 54 restorecon -Rv /web
- 55 dnf provides */semanage
- 56 vim /etc/httpd/conf/httpd.conf
- 57 ps -eZ | grep dbus-daemon
- 58 ps Zaux | grep dbus-daemon
- 59 semanage fcontext -l
- 60 semanage fcontext -l | wc
- 61 dnf provides */seinfo
- 62 dnf install setools-console -y
- 63 seinfo -t
- 64 seinfo -t |wc
- 65 man -k _selinux
- 66 dnf install -y selinux-policy-doc
- 67 hisgtory
- 68 history
- 69 mandb
- 70 man -k _selinux
- 71 man -k _selinux | wc
- 72 man -k _selinux | grep http
- 73 man -k _selinux | grep ftp
- 74 man ftpd_selinux
- 75 getsebool -a
- 76 getsebool -a | wc
- 77 getsebool -a | grep http
- 78 setsebool -P httpd_use_nfs on
- 79 getsebool -a | grep http
- 80 semanage boolean -l | grep http
- 81 dnf install -y vsftpd
- 82 vim /etc/vsftpd/vsftpd.conf
- 83 dnf install -y lftp
- 84 systemctl enable --now vsftpd
- 85 lftp localhost
- 86 cd /var/ftp
- 87 chmod 777 pub
- 88 cd
- 89 lftp localhost
- 90 getenforce
- 91 setenforce enforcing
- 92 lftp localhost
- 93 grep AVC /var/log/audit/audit.log | grep ftp
- 94 cd /var/ftp
- 95 ls -lZ
- 96 semanage fcontext -a -t public_content_rw_t "/var/ftp/pub(/.*)?"
- 97 restorecon -Rv /var/ftp/pub/
- 98 cd pub
- 99 ls
- 100 cd ..
- 101 lftp localhost
- 102 grep AVC /var/log/audit/audit.log | grep ftp
- 103 grep sealert /var/log/messages
- 104 sealert -l 48c48352-9240-4981-86d3-c13bae5e4b2b | less
- 105 setsebool -P ftpd_anon_write 1
- 106 lftp localhost
- 107 cd
- 108 cd luth/
- 109 ./countdown 12
- 110 vim /etc/httpd/conf/httpd.conf
- 111 systemctl restart httpd
- 112 systemctl status httpd
- 113 grep sealert /var/log/messages
- 114 sealert -l a917433a-092a-4ba8-9806-d97602702c44
- 115 sealert -l a917433a-092a-4ba8-9806-d97602702c44 | less
- 116 semanage port -a -t http_port_t -p tcp 82
- 117 semanage port -l | grep httpd
- 118 semanage port -l | grep http
- 119 systemctl restart httpd
- 120 systemctl status httpd
- 121 grep sealert /var/log/messages
- 122 sealert -l 0465a323-81ed-401d-94ca-323708960453
- 123 sealert -l 0465a323-81ed-401d-94ca-323708960453 | less
- 124 # ausearch -c 'httpd' --raw | audit2allow -M my-httpd
- 125 ausearch -c 'httpd' --raw > ../seout.txt
- 126 cd ..
- 127 less seout.txt
- 128 vim seout.txt
- 129 cat seout.txt | audit2allow -M my-httpd
- 130 ls
- 131 vim my-httpd.te
- 132 sealert -b
- 133 sesearch -b ftpd_anon_write -A
- 134 getsebool -a | grep ftp
- 135 sesearch -b ftpd_full_access -A
- 136 search -b ftpd_anon_write -p read -AC
- 137 sesearch -b ftpd_anon_write -p read -AC
- 138 sesearch -b ftpd_anon_write -p read -A
- 139 sesearch -s httpd_t -t user_home_t -p read -A
- 140 sesearch -A | grep httpd_t
- 141 ldd $(which ls)
- 142 semanage permissive -l
- 143 ps Zaux | grep ftp
- 144 semanage permissive -d ftpd_t
- 145 semanage permissive -a ftpd_t
- 146 semanage permissive -l
- 147 semanage permissive -d ftpd_t
- 148 seinfo -aunconfined_domain_type -x
- 149 semodule -l | less
- 150 semodule -l
- 151 semodule -d zarafa
- 152 ls
- 153 history | grep git
- 154 ls
- 155 cd refpolicy/
- 156 ls
- 157 cd policy/
- 158 ls
- 159 cd modules/
- 160 ls
- 161 cd services/
- 162 ls
- 163 vim sysstat.te
- 164 pwd
- 165 cd
- 166 cd luth/
- 167 ./countdown 15
- 168 cd ../r
- 169 cd ..
- 170 ls
- 171 cd refpolicy/policy/modules/roles/
- 172 ls
- 173 vim unprivuser.te
- 174 seinfo -c
- 175 seinfo -cipx_socket -x
- 176 seinfo -csocket -x
- 177 seinfo -cfile -x
- 178 cd
- 179 vim sander.te
- 180 vim sander.fc
- 181 checkmodule -M -m -o sander.mod sander.te
- 182 ls sander*
- 183 type sander.mod
- 184 file sander.mopd
- 185 file sander.mod
- 186 semodule_package -o sander.pp -m sander.mod -f sander.fc
- 187 semodule -i sander.pp
- 188 mkdir /opt/sander
- 189 ls -ldZ /opt/sander
- 190 restorecon -Rv /opt/sander
- 191 semanage user -l
- 192 ps Zaux
- 193 history
- 194 seinfo -aselinux_unconfined_type -x
- 195 semanage user -l
- 196 selinux login -l
- 197 semanage login -l
- 198 useradd linda
- 199 echo password | passwd --stdin linda
- 200 useradd -Z sysadm_u -G wheel lisa
- 201 semanage login -a -s user_u linda
- 202 semanage login -l
- 203 ssh linda@localhost
- 204 id -Z
- 205 grep AVC /var/log/audit/audit.log
- 206 journalctl | grep semanage
- 207 grep sealert /var/log/messages
- 208 sealert -l 70315399-3287-4a85-a35a-45538b4e7130 | less
- 209 semanage login -l
- 210 semanage login -a -s sysadm_u root
- 211 semanage login -l
- 212 semanage login -m -s sysadm_u root
- 213 semanage login -l
- 214 semanage login -m -s user_u -r s0 __default__
- 215 semanage login -l
- 216 useradd anna
- 217 echo password | passwd --stdin anna
- 218 ssh anna@localhost
- 219 getsebool -a | grep user
- 220 getsebool -a | grep sysadm
- 221 ssh root@localhost
- 222 history
- 223 #### dont do this at home #### semanage login -m -s user_u root
- 224 sleep 20; luth/countdown 12
- 225 seinfo -t public_content_t -x
- 226 cd /usr/share/doc/selinux-policy/
- 227 ls
- 228 vim example.te
- 229 vim example.if
- 230 vim example.fc
- 231 make -f /usr/share/selinux/devel/Makefile myapp.pp
- 232 cd /usr/share/selinux/devel/
- 233 ls
- 234 cd include/
- 235 ls
- 236 pwd
- 237 cd
- 238 cd selinux/
- 239 ls
- 240 vim setup-rot.sh
- 241 ls
- 242 cat rot13.service
- 243 cat server.php
- 244 ./setup-rot.sh
- 245 dnf provides */sepolgen
- 246 dnf install -y policycoreutils-devel
- 247 sepolgen --application startrot13
- 248 vim startrot13.te
- 249 vim startrot13.te
- 250 vim startrot13.sh
- 251 ls
- 252 ./startrot13.sh
- 253 ls
- 254 semodule -i startrot13.pp
- 255 man startrot13_selinux
- 256 seinfo -t | grep start
- 257 dnf provides */rpmbuild
- 258 dnf install -y rpm-build
- 259 ./startrot13.sh
- 260 runcon -u system_u -r system_r -t httpd_t vsftpd
- 261 grep sealert /var/log/messages
- 262 sealert -l a6209df7-00df-4db0-b575-adff66fe34f9 | less
- 263 # ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 264 # semodule -X 300 -i my-runcon.pp
- 265 # ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 266 ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 267 semodule -X 300 -i my-runcon.pp
- 268 runcon -u system_u -r system_r -t httpd_t vsftpd
- 269 history
- 270 history | grep root
- 271 semanage login -m -s user_u root
- 272 id -Z
- 273 history
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement