首先贴下这个文件的内容
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
我的问题是第7行也就是"# SELINUXTYPE= can take one of these two values:"这行中说的是two values,但下面的格式却是3个值.不过再仔细一看"# targeted - Targeted processes are protected,"这行最后的标点却是,,说明确实是2个值,我对这里的矛盾很不理解,请问怎么看这个文件?
根据上面的意思 minimun是targeted的修正版,两个是一类的,而mls是一个更高级的参数,如同strict一样。
SELINUXTYPE=targeted or minimum
SELINUXTYPE=mls
我的centos6.5
SELINUXTYPE=targeted
SELINUXTYPE=strict
目测是修改了代码之后忘了修改这里的说明,minimum是centos7才新增的,是基于targeted的更保守的策略模式--只有安装了对应的策略包才会对其进行保护
相关文件见这里