Strengthening Linux security is a task that must always be considered, especially when you are in the presence of servers. One of the measures is to use SELinux in Ubuntu 22.04 that although it is not the definitive solution, it is a good start.
What is SELinux?
SELinux is a Linux security module that works because of access control lists. It defines how different users can and cannot read, write, update, remove, or otherwise change different resources, and how administrators manage those differences.
Nowadays, many modern distributions such as Ubuntu 22.04 include AppArmor which is like an alternative to SELinux. The catch is that Linux only allows one of them to be active. However, both are very efficient.
One aspect to keep in mind for SELinux is that it modifies many parts of the system. The simplest SELinux installations are somewhat time-consuming, as they affect the entire file system. It is even recommended to start it in permissive mode, make configurations and backups, and then deploy it to its full potential.
Don’t panic, SELinux makes the system more robust, but you will lose some flexibility.
Install SELinux on Ubuntu 22.04
Before you start, it is advisable not to use applications during the installation and try not to have any active users on the system. Then, update the system completely
sudo apt update sudo apt upgrade
Then, you can start with the work.
Check if AppArmor is working
As I explained above, only one between AppArmor and SELinux can be active on the system. So, the first step is to check if AppArmor is running with sysmtectl
To achieve this, open a terminal and run
systemctl status apparmor
If it is running, you will see a screen output like this
● apparmor.service - Load AppArmor profiles Loaded: loaded (/lib/systemd/system/apparmor.service; enabled; vendor pres> Active: active (exited) since Sat 2022-10-08 08:18:10 EDT; 2h 33min ago Docs: man:apparmor(7) https://gitlab.com/apparmor/apparmor/wikis/home/ Process: 679 ExecStart=/lib/apparmor/apparmor.systemd reload (code=exited, > Main PID: 679 (code=exited, status=0/SUCCESS) Oct 08 08:18:10 imaginelinux systemd: Starting Load AppArmor profiles... Oct 08 08:18:10 imaginelinux apparmor.systemd: Restarting AppArmor Oct 08 08:18:10 imaginelinux apparmor.systemd: Reloading AppArmor profiles Oct 08 08:18:10 imaginelinux apparmor.systemd: Skipping profile in /etc/apparmo> Oct 08 08:18:10 imaginelinux systemd: Finished Load AppArmor profiles.
So, you will have to stop it
sudo systemctl stop apparmor
And disable it so that it does not start with the system
sudo systemctl disable apparmor
You can even remove it, but I think it is not necessary.
Install and activate SELinux
Now you can start with the installation. To do so, just run this command.
sudo apt install policycoreutils selinux-basics selinux-utils
The installation should not take long since they are fairly lightweight tools. Once it’s finished, you can then activate it.
You will see an output screen like the following
SELinux is activated. You may need to reboot now.
Do not reboot the system yet.
First, we need to check what state SELinux is in. To do this run.
You will get an output screen like this
Remember that SELinux has a
enforcing mode whereby activating the latter, you will lose the SSH connection, until you reconfigure it.
Another option is to check the SELinux config file
Now just set the level you want and reboot the system to apply the changes.
Disable SELinux on Ubuntu 22.04
The best way to disable it is to change its status to permissive
sudo vim /etc/selinux/config
Save the changes and close the editor.
SELinux stands as a kind of policy that helps to improve server security. It is a good way to protect the system using tools within the system itself.
I hope this post helps you, and you can share it with your friends.