Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@localhost selinux]# history
- 1 ls -Z
- 2 cat /etc/os-release
- 3 cd /etc
- 4 ls -l
- 5 yum install -y httpd
- 6 systemctl enable --now httpd
- 7 ps aux | grep http
- 8 ps Zaux | grep http
- 9 cd /var/www/
- 10 ls -lZ
- 11 netstat -Ztulpen
- 12 cd
- 13 mkdir /web
- 14 vim /web/index.html
- 15 vim /etc/httpd/conf/httpd.conf
- 16 systemctl restart httpd
- 17 curl localhost
- 18 history
- 19 setenforce permissive
- 20 curl localhost
- 21 ls -Zd /web
- 22 ps Zaux | grep http
- 23 vim /etc/httpd/conf/httpd.conf
- 24 systemctl restart httpd
- 25 getenforce
- 26 curl localhost
- 27 setenforce enforcing
- 28 curl localhost
- 29 grep AVC /var/log/audit/audit.log
- 30 ls -lZ /var/www
- 31 ls -lD /web
- 32 ls -zd /web
- 33 ls -Zd /web
- 34 semanage fcontext -a -t httpd_sys_script_exec_t "/web(/.*)?"
- 35 ls -Zd /web
- 36 restorecon -Rv /web
- 37 curl localhost
- 38 semanage fcontext -a -t httpd_sys_content_rw_t "/data(/.*)?"
- 39 mkdir /data
- 40 ls -Z /data
- 41 ls -Zd /data
- 42 restorecon -Rv /data
- 43 cd /web
- 44 touch newfile
- 45 ls -Z
- 46 ls -lZ /var/www
- 47 ls -lZd /web
- 48 cd ..
- 49 yum install -y git
- 50 git clone https://github.com/sandervanvugt/selinux
- 51 ls selinux/
- 52 mv selinux/ /root/
- 53 cd
- 54 git clone https://github.com/sandervanvugt/luth
- 55 luth/countdown 12
- 56 cd /etc/selinux/
- 57 ls
- 58 cat config
- 59 cat semanage.conf
- 60 cd targeted/
- 61 ls
- 62 cd contexts/
- 63 ls
- 64 cd files/
- 65 ls
- 66 cat file_contexts.local
- 67 pwd
- 68 cd
- 69 history
- 70 getenforce
- 71 setenforce --help
- 72 vim /etc/sysconfig/selinux
- 73 reboot
- 74 git clone https://github.com/SELinuxProject/refpolicy
- 75 cd refpolicy/
- 76 ls
- 77 cd policy/
- 78 ls
- 79 cd modules/
- 80 ls
- 81 cd
- 82 sestatus
- 83 grep AVC /var/log/audit/audit.log
- 84 ps Zaux | grep dbus-daemon
- 85 man 7 capabilities
- 86 luth/countdown 12
- 87 semanage fcontext -l
- 88 semanage fcontext -l | wc
- 89 man -k _selinux
- 90 yum install selinux-policy-doc
- 91 man -k _selinux
- 92 man -k _selinux | wc
- 93 man -k _selinux | grep http
- 94 man httpd_selinux
- 95 man semanage
- 96 man semanage-fcontext
- 97 vim /etc/ssh/sshd_config
- 98 systemctl restart sshd
- 99 systemctl status sshd
- 100 grep AVC /var/log/audit/audit.log
- 101 man -k _selinux | grep ssh
- 102 man sshd_selinux
- 103 netstat -Ztulpen | grep ssh
- 104 journalctl | grep sealert
- 105 sealert -l f8bea170-a1e8-4e92-8428-e60d579e0bc8 | less
- 106 history
- 107 semanage port -a -t ssh_port_t -p tcp 2022
- 108 systemctl restart sshd
- 109 netstat -Ztulpen | grep ssh
- 110 grep sealert /var/log/messages
- 111 sealert -l c4a7553e-8057-4e4a-88d0-e0f71c44205a | less
- 112 ausearch -c 'httpd' --raw
- 113 sealert -l c4a7553e-8057-4e4a-88d0-e0f71c44205a | less
- 114 vim /etc/sysconfig/selinux
- 115 yum install -y vsftpd
- 116 vim /etc/vsftpd/vsftpd.conf
- 117 cd /var/ftp/
- 118 ls -lZ
- 119 chmod -R 777 pub
- 120 semanage fcontext -a -t public_content_rw_t "/var/ftp/pub(/.*)?"
- 121 restorecon -Rv /var/ftp/pub
- 122 systemctl restart vsftpd
- 123 yum install -y lftp
- 124 lftp localhost
- 125 getsebool -a
- 126 getsebool -a | wc
- 127 getsebool -a | grep ftp
- 128 journalctl | grep sealert
- 129 sealert -l f422de85-86de-474f-81ce-465bad90cca4 | less
- 130 setsebool -P ftpd_anon_write 1
- 131 lftp localhost
- 132 grep AVC /var/log/audit/audit.log
- 133 grep AVC /var/log/audit/audit.log | grep ftp
- 134 grep AVC /var/log/audit/audit.log | grep http
- 135 cd
- 136 luth/countdown 18
- 137 sealert -b
- 138 getsebool -a | grep ftp
- 139 sesearch -b ftpd_anon_write -A
- 140 sesearch -b ftpd_full_access -A
- 141 sesearch -A | wc
- 142 sesearch -A | grep httpd_d
- 143 sesearch -A | grep httpd_t
- 144 ldd $(which ls)
- 145 seinfo -tunconfined_t
- 146 seinfo -aunconfined_domain_type -x
- 147 semodule -l
- 148 semodule -d xen
- 149 grep http /var/log/audit/audit.log | audit2allow -M mypolicy
- 150 ls
- 151 vim mypolicy.te
- 152 seinfo -c
- 153 seinfo -cservice -x
- 154 vim sander.te
- 155 vim sander.fc
- 156 checkmodule -M -m -o sander.mod sander.te
- 157 semodule_package -o sander.pp -m sander.mod -f sander.fc
- 158 semodule -i sander.pp
- 159 mkdir /opt/sander
- 160 ls -Zd /opt/sander
- 161 vim sander.fc
- 162 restorecon -Rv /opt/sander
- 163 semanage user -l
- 164 luth/countdown 12
- 165 semanage user -l
- 166 useradd linda
- 167 echo password | passwd --stdin linda
- 168 useradd -Z sysadm_u -G wheel lisa
- 169 id linda
- 170 id lisa
- 171 id -Z lisa
- 172 semanage login -a -s user_u linda
- 173 semanage login -l
- 174 ssh linda
- 175 ssh localhost
- 176 ssh localhost -p 2022
- 177 ssh linda@localhost -p 2022
- 178 semanage login -l
- 179 semanage login -m -s sysadm_u root
- 180 semanage login -l
- 181 semanage login -m -s user_u -r s0 __default__
- 182 semanage login -l
- 183 useradd anna
- 184 echo password | passwd --stdin anna
- 185 ssh anna@localhost
- 186 ssh anna@localhost -p 2022
- 187 getsebool -a | grep user
- 188 getsebool -a | grep sysadm
- 189 ls
- 190 cd selinux/
- 191 ls
- 192 vim setup-rot.sh
- 193 ./setup-rot.sh
- 194 sepolgen --application startrot13
- 195 vim startrot13.te
- 196 vim startrot13.fc
- 197 vim startrot13.te
- 198 startrot.sh
- 199 ./startrot13.sh
- 200 man -k startrot
- 201 mandb
- 202 ls
- 203 less startrot13_selinux.8
- 204 seinfo -t | grep start
- 205 systemctl stop vsftpd
- 206 runcon -u system_u -r system_r -t httpd_t vsftpd
- 207 grep sealert /var/log/messages
- 208 sealert -l 183830de-4cb4-44b4-8a70-7aa587ec903a
- 209 sealert -l 183830de-4cb4-44b4-8a70-7aa587ec903a | less
- 210 # ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 211 # semodule -X 300 -i my-runcon.pp
- 212 ausearch -c 'runcon' --raw | audit2allow -M my-runcon
- 213 semodule -X 300 -i my-runcon.pp
- 214 runcon -u system_u -r system_r -t httpd_t vsftpd
- 215 ps Zaux | grep vsftpd
- 216 grep AVC /var/log/audit/audit.log
- 217 grep sealert /var/log/messages
- 218 sealert -l bea45b79-889c-44d6-bb50-057aa5943d3f | less
- 219 setsebool -P domain_can_mmap_files 1
- 220 runcon -u system_u -r system_r -t httpd_t vsftpd
- 221 grep sealert /var/log/messages
- 222 sealert -l 86761ee2-ac9d-46b7-9d67-9629fefd0438 | less
- 223 # ausearch -c 'vsftpd' --raw | audit2allow -M my-vsftpd
- 224 # semodule -X 300 -i my-vsftpd.pp
- 225 ausearch -c 'vsftpd' --raw | audit2allow -M my-new-vsftpd
- 226 semodule -X 300 -i my-new-vsftpd.pp
- 227 runcon -u system_u -r system_r -t httpd_t vsftpd
- 228 grep sealert /var/log/messages
- 229 history
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement