48. 3.3. SELinux 設定ファイル
/etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing ← SELinux の初期状態
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted ← SELinux のタイプ
48
66. 4.4. SELinux を有効にする
# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=disabled
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
66
115. 6.5. MySQL 設定
# service mysqld start
# mysql -u root
mysql> create database wordpress;
mysql> grant all privileges on wordpress.* to
wordpress@localhost identified by 'PASSW0RD';
mysql> exit
※ ID/PASSWD は適切に設定する
基盤が脆弱であればシステム全体が脆弱になってしまう
115