{"id":1740,"date":"2021-01-28T16:46:20","date_gmt":"2021-01-28T07:46:20","guid":{"rendered":"https:\/\/mindtech.jp\/?p=1740"},"modified":"2021-01-28T16:47:09","modified_gmt":"2021-01-28T07:47:09","slug":"post-1740","status":"publish","type":"post","link":"https:\/\/mindtech.jp\/?p=1740","title":{"rendered":"CentOS 7.9 \u3067SELinux\u3092\u7121\u52b9\u306b\u3059\u308b\u65b9\u6cd5\u3067\u30cf\u30de\u308b"},"content":{"rendered":"\n<p>\u500b\u4eba\u7684\u306a\u5099\u5fd8\u9332\u3067\u3082\u3042\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<p>CentOS7.9\u3067Web\u30b5\u30a4\u30c8\u3092\u7acb\u3061\u4e0a\u304c\u308b\u969b\u306b\u3001\u30d5\u30a1\u30a4\u30eb\u306ePermission\u30a8\u30e9\u30fc\u304c\u591a\u767a\u3057\u3066\u3001\u3068\u308a\u3042\u3048\u305aSELinux\u3092\u5916\u305d\u3046\u3068\u601d\u3044\u3001\u3084\u308a\u65b9\u3092\u601d\u3044\u51fa\u305d\u3046\u3068\u3057\u3066\u30b0\u30b0\u308b\u3068<\/p>\n\n\n\n<p>\u4e00\u6642\u7684\u306a\u5bfe\u5fdc\u306e\u5834\u5408\u3001\u4ee5\u4e0b\u306e\u30b3\u30de\u30f3\u30c9\u3092\u6295\u5165\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># setenforce 0<\/code><\/pre>\n\n\n\n<p>\u78ba\u8a8d\u65b9\u6cd5\u306f\u3001getenforce \u30b3\u30de\u30f3\u30c9\u3092\u4f7f\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># getenforce\nDisabled<\/code><\/pre>\n\n\n\n<p>\u3053\u306e\u8a2d\u5b9a\u3092\u6052\u4e45\u5316\u3057\u3088\u3046\u3068\u3059\u308b\u3068\u3001\u30b7\u30b9\u30c6\u30e0\u306e\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3092\u4fee\u6b63\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30b0\u30b0\u308b\u3068\u3001\/etc\/sysconfig\/selinux \u30d5\u30a1\u30a4\u30eb\u4e2d\u306e SELINUX=enforcing \u306e\u3068\u3053\u308d\u3092 disabled \u306b\u305b\u3088\u3068\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># This file controls the state of SELinux on the system.\r\n# SELINUX= can take one of these three values:\r\n#     enforcing - SELinux security policy is enforced.\r\n#     permissive - SELinux prints warnings instead of enforcing.\r\n#     disabled - No SELinux policy is loaded.\r\nSELINUX=disabled <\/code><\/pre>\n\n\n\n<p>\u5909\u66f4\u3057\u305f\u5f8c\u306bOS\u3092\u518d\u8d77\u52d5\u3059\u308b\u3068\u53cd\u6620\u3055\u308c\u3001\u4e0a\u8a18\u306e getenforce \u30b3\u30de\u30f3\u30c9\u3067\u78ba\u8a8d\u305b\u3088\u3068\u3002<\/p>\n\n\n\n<p>\u3059\u308b\u3068 &#8220;Enforcing&#8221;\u3068\u8868\u793a\u3055\u308c\u307e\u3057\u305f\u3002\u8a71\u304c\u9055\u3046\u3058\u3083\u3093\uff01<\/p>\n\n\n\n<p>\u30b9\u30da\u30eb\u30df\u30b9\u3084\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u306a\u3069\u3092\u30c1\u30a7\u30c3\u30af\u3057\u307e\u3057\u305f\u304c\u554f\u984c\u306a\u304b\u3063\u305f\u306e\u3067\u3001\u30ac\u30bb\u30cd\u30bf\u3092\u7591\u3044\u307e\u3057\u305f\u3002\u7d50\u5c40\u306e\u3053\u3068\u308d\u3001\u4fee\u6b63\u5bfe\u8c61\u306e\u30d5\u30a1\u30a4\u30eb\u306f\u3000\/etc\/selinux\/config \u306e\u65b9\u3067\u3057\u305f\u3002\u5185\u5bb9\u306f\u4e0a\u8a18\u306e\u30b5\u30f3\u30d7\u30eb\u3068\u540c\u69d8\u3067\u3059\u3002\u7d1b\u3089\u308f\u3057\u3044\u30fb\u30fb\u30fb<br><br>\u51fa\u5178\u306f Redhat Customer Portal \u306e &#8220;5.4 SELINUX\u306e\u6709\u52b9\u5316\u304a\u3088\u3073\u7121\u52b9\u5316\u201d\u3067\u3059\u3002<br><a href=\"https:\/\/access.redhat.com\/documentation\/ja-jp\/red_hat_enterprise_linux\/6\/html\/security-enhanced_linux\/sect-security-enhanced_linux-working_with_selinux-enabling_and_disabling_selinux\">https:\/\/access.redhat.com\/documentation\/ja-jp\/red_hat_enterprise_linux\/6\/html\/security-enhanced_linux\/sect-security-enhanced_linux-working_with_selinux-enabling_and_disabling_selinux<\/a><\/p>\n\n\n\n<p>\u6df1\u8ffd\u3044\u306f\u3057\u3066\u3044\u307e\u305b\u3093\u304c\u3001\u304a\u305d\u3089\u304f\u306f\u904e\u53bb\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u3067\u306f \/etc\/sysconfig\/selinux \u306e\u65b9\u3092\u4fee\u6b63\u3057\u3066\u3044\u305f\u6642\u671f\u3082\u3042\u3063\u305f\u306e\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<br>\u4fee\u6b63\u304c\u53cd\u6620\u3055\u308c\u306a\u304f\u3066\u60a9\u3093\u3067\u3044\u308b\u65b9\u306f\u3001\u4fee\u6b63\u3059\u308b\u30d5\u30a1\u30a4\u30eb\u306e\u65b9\u3092\u5909\u3048\u3066\u307f\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u500b\u4eba\u7684\u306a\u5099\u5fd8\u9332\u3067\u3082\u3042\u308a\u307e\u3059\u3002 CentOS7.9\u3067Web\u30b5\u30a4\u30c8\u3092\u7acb\u3061\u4e0a\u304c\u308b\u969b\u306b\u3001\u30d5\u30a1\u30a4\u30eb\u306ePermission\u30a8\u30e9\u30fc\u304c\u591a\u767a\u3057\u3066\u3001\u3068\u308a\u3042\u3048\u305aSELinux\u3092\u5916\u305d\u3046\u3068\u601d\u3044\u3001\u3084\u308a\u65b9\u3092\u601d\u3044\u51fa\u305d\u3046\u3068\u3057\u3066\u30b0\u30b0\u308b\u3068 \u4e00\u6642\u7684\u306a\u5bfe\u5fdc\u306e\u5834\u5408 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1561,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6],"tags":[400,403],"class_list":["post-1740","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-6","tag-linux","tag-selinux"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/mindtech.jp\/wp-content\/uploads\/2020\/09\/Linux.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4rHn0-s4","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/posts\/1740","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mindtech.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1740"}],"version-history":[{"count":1,"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/posts\/1740\/revisions"}],"predecessor-version":[{"id":1741,"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/posts\/1740\/revisions\/1741"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mindtech.jp\/index.php?rest_route=\/wp\/v2\/media\/1561"}],"wp:attachment":[{"href":"https:\/\/mindtech.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1740"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mindtech.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1740"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mindtech.jp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1740"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}