RH199 - ch05s08

Preface A: Introduction

Section A.1: Orientation to the Classroom Lab Environment

Chapter 1: Local and Remote Logins

Section 1.1: Accessing the Command Line Using the Local Console

Section 1.2: Quiz: Local Console Access Terms

Section 1.3: Configuring SSH Key-based Authentication

Section 1.4: Guided Exercise: Using SSH Key-based Authentication

Section 1.5: Getting Help From Red Hat

Section 1.6: Guided Exercise: Creating and Viewing an SoS Report

Chapter 2: File System Navigation

Section 2.1: The Linux File System Hierarchy

Section 2.2: Quiz: File System Hierarchy

Section 2.3: Managing Files Using Command-Line Tools

Section 2.4: Guided Exercise: Command-Line File Management

Section 2.5: Making Links Between Files

Section 2.6: Guided Exercise: Making Links Between Files

Chapter 3: Users and Groups

Section 3.1: Users and Groups

Section 3.2: Quiz: User and Group Concepts

Section 3.3: Gaining Superuser Access

Section 3.4: Guided Exercise: Running Commands as root

Section 3.5: Managing Local User Accounts

Section 3.6: Guided Exercise: Creating Users Using Command-line Tools

Section 3.7: Managing Local Group Accounts

Section 3.8: Guided Exercise: Managing Groups Using Command-line Tools

Section 3.9: Managing User Passwords

Section 3.10: Guided Exercise: Managing User Password Aging

Section 3.11: Using Identity Management Services

Section 3.12: Guided Exercise: Connecting to a Central LDAP and Kerberos Server

Section 3.13: Lab: Managing Linux Users and Groups

Chapter 4: File Permissions

Section 4.1: Managing File System Permissions from the Command Line

Section 4.2: Guided Exercise: Managing File Security from the Command Line

Section 4.3: Managing Default Permissions and File Access

Section 4.4: Guided Exercise: Controlling New File Permissions and Ownership

Section 4.5: POSIX Access Control Lists (ACLs)

Section 4.6: Quiz: Interpret ACLs

Section 4.7: Securing Files with ACLs

Section 4.8: Guided Exercise: Using ACLs to Grant and Limit Access

Chapter 5: SELinux Permissions

Section 5.1: Enabling and Monitoring Security Enhanced Linux (SELinux)

Section 5.2: Quiz: SELinux Concepts

Section 5.3: Changing SELinux Modes

Section 5.4: Guided Exercise: Changing SELinux Modes

Section 5.5: Changing SELinux Contexts

Section 5.6: Guided Exercise: Changing SELinux Contexts

Section 5.7: Changing SELinux Booleans

SectionSection 5.8: Guided Exercise: Changing SELinux Booleans

Section 5.9: Troubleshooting SELinux

Section 5.10: Guided Exercise: Troubleshooting SELinux

Section 5.11: Lab: Managing SELinux Security

Chapter 6: Process Management

Section 6.1: Killing Processes

Section 6.2: Guided Exercise: Killing Processes

Section 6.3: Monitoring Process Activity

Section 6.4: Guided Exercise: Monitoring Process Activity

Section 6.5: Using nice and renice to Influence Process Priority

Section 6.6: Guided Exercise: Discovering Process Priorities

Section 6.7: Lab: Managing Priority of Linux Processes

Chapter 7: Updating Software Packages

Section 7.1: Attaching Systems to Subscriptions for Software Updates

Section 7.2: Quiz: Red Hat Subscription Management

Section 7.3: Managing Software Updates with yum

Section 7.4: Guided Exercise: Installing and Updating Software with yum

Section 7.5: Enabling yum Software Repositories

Section 7.6: Guided Exercise: Enabling Software Repositories

Section 7.7: Lab: Installing and Updating Software Packages

Chapter 8: Creating and Mounting File Systems

Section 8.1: Mounting and Unmounting File Systems

Section 8.2: Guided Exercise: Mounting and Unmounting File Systems

Section 8.3: Adding Partitions, File Systems, and Persistent Mounts

Section 8.4: Guided Exercise: Adding Partitions, File Systems, and Persistent Mounts

Section 8.5: Managing Swap Space

Section 8.6: Guided Exercise: Adding and Enabling Swap Space

Section 8.7: Lab: Adding Disks, Partitions, and File Systems to a Linux System

Chapter 9: Service Management and Boot Troubleshooting

Section 9.1: Identifying Automatically Started System Processes

Section 9.2: Guided Exercise: Identify the Status of systemd Units

Section 9.3: Controlling System Services

Section 9.4: Guided Exercise: Using systemctl to Manage Services

Section 9.5: The Red Hat Enterprise Linux Boot Process

Section 9.6: Guided Exercise: Selecting a Boot Target

Section 9.7: Repairing Common Boot Issues

Section 9.8: Guided Exercise: Resetting a Lost root Password

Section 9.9: Repairing File System Issues at Boot

Section 9.10: Guided Exercise: Repairing Boot Problems

Section 9.11: Repairing Boot Loader Issues

Section 9.12: Guided Exercise: Repairing a Boot Loader Problem

Section 9.13: Lab: Controlling Services and Daemons

Chapter 10: Network Configuration

Section 10.1: Validating Network Configuration

Section 10.2: Guided Exercise: Examining Network Configuration

Section 10.3: Configuring Networking with nmcli

Section 10.4: Guided Exercise: Configuring Networking with nmcli

Section 10.5: Editing Network Configuration Files

Section 10.6: Guided Exercise: Editing Network Configuration Files

Section 10.7: Configuring Host Names and Name Resolution

Section 10.8: Guided Exercise: Configuring Host Names and Name Resolution

Section 10.9: Lab: Managing Red Hat Enterprise Linux Networking

Chapter 11: System Logging and NTP

Section 11.1: System Log Architecture

Section 11.2: Quiz: System Logging Components

Section 11.3: Reviewing Syslog Files

Section 11.4: Guided Exercise: Finding Log Entries

Section 11.5: Reviewing systemd Journal Entries

Section 11.6: Guided Exercise: Finding Events With journalctl

Section 11.7: Preserving the systemd Journal

Section 11.8: Guided Exercise: Configure a Persistent systemd Journal

Section 11.9: Maintaining Accurate Time

Section 11.10: Guided Exercise: Adjusting System Time

Section 11.11: Lab: Analyzing and Storing Logs

Chapter 12: Logical Volume Management

Section 12.1: Managing Logical Volumes

Section 12.2: Guided Exercise: Adding a Logical Volume

Section 12.3: Extending Logical Volumes

Section 12.4: Guided Exercise: Extending a Logical Volume

Section 12.5: Lab: Managing Logical Volume Management (LVM) Storage

Chapter 13: Scheduled Processes

Section 13.1: Scheduling System cron Jobs

Section 13.2: Guided Exercise: Scheduling System cron Jobs

Section 13.3: Managing Temporary Files

Section 13.4: Guided Exercise: Managing Temporary Files

Chapter 14: Mounting Network File Systems

Section 14.1: Mounting Network Storage with NFS

Section 14.2: Guided Exercise: Mounting and Unmounting NFS

Section 14.3: Automounting Network Storage with NFS

Section 14.4: Guided Exercise: Automounting NFS

Section 14.5: Accessing Network Storage with SMB

Section 14.6: Guided Exercise: Mounting a SMB File System

Section 14.7: Lab: Accessing Network Storage with Network File System (NFS)

Section 14.8: Lab: Accessing Network Storage with SMB

Chapter 15: Firewall Configuration

Section 15.1: Limiting Network Communication

Section 15.2: Guided Exercise: Limiting Network Communication

Section 15.3: Lab: Limiting Network Communication

Chapter 16: Virtualization and Kickstart

Section 16.1: Defining the Anaconda Kickstart System

Section 16.2: Quiz: Kickstart File Syntax and Modification

Section 16.3: Deploying a New Virtual System with Kickstart

Section 16.4: Guided Exercise: Installing a System Using Kickstart

Section 16.5: Managing a Local Virtualization Host

Section 16.6: Quiz: Managing a Local Virtualization Host

Bookmark this page

P 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

Guided Exercise: Changing SELinux Booleans

Apache can publish web content hosted in users' home directories, but SELinux prevents this by default. In this exercise, you will identify and change the SELinux Boolean that will permit Apache to access user home directories.

Resources
Files:	`/etc/httpd/conf.d/userdir.conf`
Machines:	`serverX`

Outcomes

You will have a web server that publishes web content from users' home directories.

The Apache web server should already be installed and running on serverX.example.com.

Log in as root on serverX. Enable the Apache feature that permits users to publish web content from their home directories. Edit the /etc/httpd/conf.d/userdir.conf configuration file and change two distinct lines with the UserDir directive to read as follows:
```
#UserDir disabled
UserDir public_html
```
```
[root@serverX ~]# vi /etc/httpd/conf.d/userdir.conf
[root@serverX ~]# grep '#UserDir' /etc/httpd/conf.d/userdir.conf
#UserDir disabled
[root@serverX ~]# grep '^ *UserDir' /etc/httpd/conf.d/userdir.conf
UserDir public_html
```
Restart the Apache web service to make the changes take effect.
```
[root@serverX ~]# systemctl restart httpd
```
Create some web content that is published from a user's home directory.
1. Log in as student in another window and create a public_html directory.
```
[student@serverX ~]$ mkdir ~/public_html
```
2. Create some content in a index.html file.
```
[student@serverX ~]$ echo 'This is student content on serverX.' > ~/public_html/index.html
```
3. Change the permissions on student's home directory so Apache can access the public_html subdirectory.
```
[student@serverX ~]$ chmod 711 ~
```
Open a web browser on serverX and try to view the following URL: http://localhost/~student/index.html. You will get an error message that says you do not have permission to access the file.

In your root window, use the getsebool command to see if there are any Booleans that restrict access to home directories.

[root@serverX ~]# getsebool -a | grep home
[... Output omitted ...]
httpd_enable_homedirs --> off
[... Output omitted ...]

Use setsebool to enable home directory access persistently.
```
[root@serverX ~]# setsebool -P httpd_enable_homedirs on
```
Try to view http://localhost/~student/index.html again. You should see the message “This is student content on serverX.”

Revision: rh199-7-d0984a3