User Tools

Site Tools


linux:administration:security

Security

Users

  • show all logged in users: users
  • show user/groups assignments and identifiers: id

Files

  • /etc/passwd: defines users, their primary groups and login shell
  • /etc/shadow: password (hash) database
  • /etc/groups: defines all other groups a user is in

Sudoers

File /etc/sudoers defines users (and options) related to command sudo. It might make sense to specify a varying umask in ~/.bashrc.

if [[ $(id -u) -eq 0 ]]; then
   umask 0022
else
   umask 0027
fi

Firewall

  • show iptables firewall rules: iptables -L -n -v
  • show Uncomplicated Firewall (UFW) rules: sudo ufw status verbose
  • show all predefined UFW application profiles: sudo ufw app list
  • establish rules from predefined UFW application profile: sudo ufw allow from 192.168.178.0/24 to any app samba4
  • delete allow rules from UFW application profile: sudo ufw delete allow from 192.168.178.0/24 to any app samba4

Files

  • /etc/ufw/applications.d/*: predefined UFW application profiles
  • /var/log/ufw.log: UFW log (for example blocked packets)

SELinux

linux/administration/security.txt · Last modified: 2022/02/05 20:29 by Ralf Hoppe