Exam 1Z0-106 Topic 2 Question 29 Discussion
Actual exam question for Oracle's 1Z0-106 exam
Question #: 29
Topic #: 2
Question #: 29
Topic #: 2
Examine these requirements for a host with a user oracle:
* Network services must run in a confined domain.
* The oracle user must be confined.
* The oracle user must be able to use Mozilla Firefox.
* Access to files and directories must be granted based only on SELinux contexts.
* The SELinux configuration must be persistent across system restarts.
* Users must be able to publish private HTML content.
Now examine these commands and output:
# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max Kernel policy version: 31
# setenforce enforcing
# semanage login -a -s guest_u oracle
# setsebool -P http_enable_homedirs on
Which requirements are satisfied?
* Network services must run in a confined domain.
* The oracle user must be confined.
* The oracle user must be able to use Mozilla Firefox.
* Access to files and directories must be granted based only on SELinux contexts.
* The SELinux configuration must be persistent across system restarts.
* Users must be able to publish private HTML content.
Now examine these commands and output:
# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: permissive
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max Kernel policy version: 31
# setenforce enforcing
# semanage login -a -s guest_u oracle
# setsebool -P http_enable_homedirs on
Which requirements are satisfied?
Suggested Answer: A Vote an answer
Explanation of Answer A:
* Network services running in a confined domain: SELinux provides domain confinement for services, ensuring they run with restricted access based on their defined policies.
* The oracle user must be confined: The commandsemanage login -a -s guest_u oracleconfines theoracleuser to theguest_uSELinux user role, which is a confined role.
* Access to files and directories based only on SELinux contexts: With SELinux enabled and the policy loaded, access is governed by SELinux contexts.
* Persistent SELinux configuration across reboots: Thesetenforce enforcingcommand, combined with the appropriate policy configuration, ensures that SELinux remains in enforcing mode across reboots.
* Users able to publish private HTML content: Thesetsebool -P http_enable_homedirs oncommand enables the use of user home directories for web content, allowing users to host personal web pages.
* Network services running in a confined domain: SELinux provides domain confinement for services, ensuring they run with restricted access based on their defined policies.
* The oracle user must be confined: The commandsemanage login -a -s guest_u oracleconfines theoracleuser to theguest_uSELinux user role, which is a confined role.
* Access to files and directories based only on SELinux contexts: With SELinux enabled and the policy loaded, access is governed by SELinux contexts.
* Persistent SELinux configuration across reboots: Thesetenforce enforcingcommand, combined with the appropriate policy configuration, ensures that SELinux remains in enforcing mode across reboots.
* Users able to publish private HTML content: Thesetsebool -P http_enable_homedirs oncommand enables the use of user home directories for web content, allowing users to host personal web pages.
by Xenia at Jan 23, 2025, 01:10 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).