you might improve the security of your Linux system by installing and implementing SELinux.
This provides an extra layer of protection by isolating applications on the system and securing the host.
By default, Ubuntu uses AppArmor, another Mandatory Access Control system.
To make your Linux system more secure, you’re free to make use of SELinux instead.
What Is SELinux?
SELinux is a security enhancement for Linux that includes modifications to the kernel and user tools.
It separates the implementation of security decisions from the security policy and simplifies the process of enforcing policy.
The service can leave your system unstable, so check that toback up your system before proceedingwith it.
When the SELinux mode is set to enable, you’re able to use permissive or enforcing mode.
You should use the permissive mode when you only need to monitor the interactions.
But if you want to filter as well as monitor interactions, make use of the enforcing mode.
However, the setstatus command gives more details on the mode that is currently set on your system.
it’s possible for you to also check the current modes by accessing the/etc/sysconfig/selinuxfile.
The permissive mode is more flexible compared to enforcing.
Accessing the SELinux Log File on Ubuntu
You will find SELinux logs in theaudit.logfile stored in the/var/log/auditdirectory.
There are two methods you might use to do so:
1.
After the reboot, SELinux will return to enforcement.
Once done, save and exit the file by pressingCtrl + X, thenY, and hitEnter.
Additionally, it can secure web servers based on the SELinux mode you selected.
you might either set the mode to permissive or enforcing.
