SUSE Linux Enterprise Server 12 SP5
Introduces basic concepts of system security, covering both local and network security aspects. Shows how to use the product inherent security software like AppArmor or the auditing system that reliably collects information about any security-relevant events.
Publication Date:
December 11, 2023
- About This Guide
- 1 Security and Confidentiality
- I Authentication
- II Local Security
- III Network Security
- IV Confining Privileges with AppArmor
- 20 Introducing AppArmor
- 21 Getting Started
- 22 Immunizing Programs
- 23 Profile Components and Syntax
- 24 AppArmor Profile Repositories
- 25 Building and Managing Profiles with YaST
- 26 Building Profiles from the Command Line
- 27 Profiling Your Web Applications Using ChangeHat
- 28 Confining Users with
pam_apparmor - 29 Managing Profiled Applications
- 30 Support
- 31 AppArmor Glossary
- V SELinux
- VI The Linux Audit Framework
- 33 Understanding Linux Audit
- 33.1 Introducing the Components of Linux Audit
- 33.2 Configuring the Audit Daemon
- 33.3 Controlling the Audit System Using
auditctl - 33.4 Passing Parameters to the Audit System
- 33.5 Understanding the Audit Logs and Generating Reports
- 33.6 Querying the Audit Daemon Logs with
ausearch - 33.7 Analyzing Processes with
autrace - 33.8 Visualizing Audit Data
- 33.9 Relaying Audit Event Notifications
- 34 Setting Up the Linux Audit Framework
- 35 Introducing an Audit Rule Set
- 35.1 Adding Basic Audit Configuration Parameters
- 35.2 Adding Watches on Audit Log Files and Configuration Files
- 35.3 Monitoring File System Objects
- 35.4 Monitoring Security Configuration Files and Databases
- 35.5 Monitoring Miscellaneous System Calls
- 35.6 Filtering System Call Arguments
- 35.7 Managing Audit Event Records Using Keys
- 36 Useful Resources
- 33 Understanding Linux Audit
- A Achieving PCI DSS Compliance
- B GNU licenses
List of Figures
- 3.1 NIS Server Setup
- 3.2 Master Server Setup
- 3.3 Changing the Directory and Synchronizing Files for a NIS Server
- 3.4 NIS Server Maps Setup
- 3.5 Setting Request Permissions for a NIS Server
- 3.6 Setting Domain and Address of a NIS Server
- 4.1 YaST Authentication Server Configuration
- 4.2 YaST LDAP Server—New Database
- 4.3 YaST Kerberos Authentication
- 4.4 YaST Editing Authentication Server Configuration
- 4.5 YaST Authentication Server Database Configuration
- 5.1 Structure of an LDAP Directory
- 5.2 Window
- 6.1 Kerberos Network Topology
- 6.2 Window
- 7.1 Schema of Winbind-based Active Directory Authentication
- 7.2 Main Window of
- 7.3 Enrolling into a Domain
- 7.4 Configuration Window of
- 7.5 Determining Windows Domain Membership
- 7.6 Providing Administrator Credentials
- 8.1 Output from spectre-meltdown-checker
- 9.1 YaST Security Center and Hardening: Security Overview
- 11.1 Minimum ACL: ACL Entries Compared to Permission Bits
- 11.2 Extended ACL: ACL Entries Compared to Permission Bits
- 16.1 iptables: A Packet's Possible Paths
- 16.2 Firewall Configuration: Allowed Services
- 17.1 Routed VPN
- 17.2 Bridged VPN - Scenario 1
- 17.3 Bridged VPN - Scenario 2
- 17.4 Bridged VPN - Scenario 3
- 18.1 YaST CA Module—Basic Data for a Root CA
- 18.2 YaST CA Module—Using a CA
- 18.3 Certificates of a CA
- 18.4 YaST CA Module—Extended Settings
- 26.1
aa-notify Message in GNOME - 27.1 Adminer Login Page
- 32.1 Selecting all SELinux Packages in YaST
- 33.1 Introducing the Components of Linux Audit
- 33.2 Flow Graph—Program versus System Call Relationship
- 33.3 Bar Chart—Common Event Types
List of Tables
List of Examples
- 2.1 PAM Configuration for sshd (
/etc/pam.d/sshd) - 2.2 Default Configuration for the
authSection (common-auth) - 2.3 Default Configuration for the
accountSection (common-account) - 2.4 Default Configuration for the
passwordSection (common-password) - 2.5 Default Configuration for the
sessionSection (common-session) - 2.6 pam_env.conf
- 5.1 Excerpt from schema.core
- 5.2 An LDIF File
- 5.3 ldapadd with example.ldif
- 5.4 LDIF Data for Tux
- 5.5 Modified LDIF File tux.ldif
- 17.1 VPN Server Configuration File
- 17.2 VPN Client Configuration File
- 21.1 Output of
aa-unconfined - 26.1 Learning Mode Exception: Controlling Access to Specific Resources
- 26.2 Learning Mode Exception: Defining Permissions for an Entry
- 32.1 Security Context Settings Using
ls -Z - 32.2 Verifying that SELinux is functional
- 32.3 Getting a List of Booleans and Verifying Policy Access
- 32.4 Getting File Context Information
- 32.5 The default context for directories in the root directory
- 32.6 Showing SELinux settings for processes with
ps Zaux - 32.7 Viewing Default File Contexts
- 32.8 Example Lines from
/etc/audit/audit.log - 32.9 Analyzing Audit Messages
- 32.10 Viewing Which Lines Deny Access
- 32.11 Creating a Policy Module Allowing an Action Previously Denied
- 33.1 Example output of
auditctl-s - 33.2 Example Audit Rules—Audit System Parameters
- 33.3 Example Audit Rules—File System Auditing
- 33.4 Example Audit Rules—System Call Auditing
- 33.5 Deleting Audit Rules and Events
- 33.6 Listing Rules with
auditctl-l - 33.7 A Simple Audit Event—Viewing the Audit Log
- 33.8 An Advanced Audit Event—Login via SSH
- 33.9 Example /etc/audisp/audispd.conf
- 33.10 Example /etc/audisp/plugins.d/syslog.conf
Copyright © 2006– 2023 SUSE LLC and contributors. All rights reserved.
GNU 무료 설명서 라이센스, 버전 1.2 또는 (사용자 선택에 따라) 버전 1.3의 조항에 따라 본 문서를 복사, 배포 및/또는 권한이 허가됩니다. 그리고 각 항목에는 본 저작권 통지 및 라이센스가 설명된 고정(Invariant) 섹션이 있습니다. 라이센스 버전 1.2의 복사본은 “GNU 무료 설명서 라이센스” 섹션에 포함되어 있습니다.
SUSE 상표에 대해서는 http://www.suse.com/company/legal/을 참조하십시오. 모든 다른 제3자의 상표는 해당 소유주의 자산입니다. 상표 기호(®, ™ 등)는 SUSE 및 해당 계열사의 상표를 나타냅니다. 별표(*)는 타사 상표를 나타냅니다.
본 설명서의 모든 정보는 최대한의 주의를 기울여 작성되었습니다. 그러나 이것이 문서의 정확성을 보장하지는 않습니다. SUSE LLC, 해당 계열사, 작성자 또는 번역자는 누구도 발생 가능한 오류 또는 오류로 인한 결과에 대해 책임지지 않습니다.