How to disable Interactive Boot
Edit the file /etc/sysconfig/init. Add or correct the setting:
The PROMPT option allows the console user to perform an interactive system startup, in which it is possible to select the set of services which are started on boot. Using interactive boot, the console user could disable auditing, firewalls, or other services, weakening system security
How to check for Unlabeled Device Files
Device files are used for communication with important system resources. SELinux contexts should exist for these. If a device file is not labeled, then misconfiguration is likely.
To check for unlabeled device files, run the following command:
It should produce no output in a well-configured system.
How to disable and Remove SETroubleshoot
Disable the service and remove the RPM:
The setroubleshoot service is a facility for notifying the desktop user of SELinux denials in a user-friendly fashion. SELinux errors may provide important information about intrusion attempts in progress, or may give information about SELinux configuration problems which are preventing correct system operation. In order to maintain a secure and usable SELinux installation, error logging and notification is necessary.
Home serverbuddies
© 2024 ServerBuddies Support Blog.Original WP theme by: nodethirtythree
www.serverbuddies.com