Book Image

CentOS 7 Linux Server Cookbook - Second Edition

By : Jonathan Hobson
Book Image

CentOS 7 Linux Server Cookbook - Second Edition

By: Jonathan Hobson

Overview of this book

This book will provide you with a comprehensive series of starting points that will give you direct access to the inner workings of the latest CentOS version 7 and help you trim the learning curve to master your server. You will begin with the installation and basic configuration of CentOS 7, followed by learning how to manage your system, services and software packages. You will then gain an understanding of how to administer the file system, secure access to your server and configure various resource sharing services such as file, printer and DHCP servers across your network. Further on, we cover advanced topics such as FTP services, building your own DNS server, running database servers, and providing mail and web services. Finally, you will get a deep understanding of SELinux and you will learn how to work with Docker operating-system virtualization and how to monitor your IT infrastructure with Nagios. By the end of this book, you will have a fair understanding of all the aspects of configuring, implementing and administering CentOS 7 Linux server and how to put it in control.
Table of Contents (22 chapters)
CentOS 7 Linux Server Cookbook Second Edition
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Preface
Index

Installing and configuring important SELinux tools


The most significant security feature of any Linux system is providing access control—often called Discretionary Access Control (DAC)—which allows the owner of an object (such as a file) to set security attributes for it (for example, deciding who can read or write to a file using the chown and chmod commands). While this old and very simple security system was sufficient in ancient UNIX times, it does not meet all the modern requirements of security, where servers and services are constantly connected to the Internet.

Often, security breaches can be initiated by attackers exploiting buggy or misconfigured applications and the permissions to them. This is why the SELinux has been developed. Its main purpose is to enhance the security of the DAC system in Linux. It does so by adding an additional security layer on top of DAC, which is called Mandatory Access Control (MAC), and which can provide fine-grain access control to every single component...