Hi,

I have CentOS 7 running on a public server hosting all sorts of web applications, mail, XMPP, MPD, etc.

How do I reset SELinux configuration to defaults?

I know how to reset all my custom booleans to the initial state.

# cat /etc/selinux/targeted/active/booleans.local
# This file is auto-generated by libsemanage
# Do not edit directly.

httpd_unified=1
httpd_can_sendmail=1
spamd_enable_home_dirs=1
httpd_can_network_connect=1
ftpd_full_access=1
mpd_enable_homedirs=1
named_write_master_zones=1

Starting from there, I can manually reset them to 0 with setsebool.

On the other hand, I don’t know how I would do something similar with the SELinux modules. I vaguely remember having created some of these, for example for Fail2ban to work correctly. But I don’t remember what I did here over the years, what modules I created, etc.

How would I recreate the default SELinux configuration without having to wipe and reinstall the whole server?

Cheers,

Niki
—
Microlinux – Solutions informatiques durables
7, place de l’église – 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : info@microlinux.fr Tél. : 04 66 63 10 32
Mob. : 06 51 80 12 12