Install DA on CENTOS 8 v2 selinux and howto / docu and EPEL

ikkeben

Verified User
Joined
May 22, 2014
Messages
587
Location
Netherlands Germany
Please take care here or in docu / wiki for a howto with more infos about new, changed and depricated stuff.

Also for hardening CENTOS 8 in combination with DA?

Some cipher parts in configs are different.

SELINUX is default in and on enforce.

Maybe if possible at all to have a DA config for CENTOS 8 where SELINUX could be ON?

With default SELINUX on and not DA you have to to some manual configuration on installs for centos8, so i still don't know yes or no good idea to use that "extra security"

Network scripts are default depricated not installed.

NetworkManager is "taking over fully" the network part in CENTOS 8
 
Last edited:

ikkeben

Verified User
Joined
May 22, 2014
Messages
587
Location
Netherlands Germany
Also this part is handy.
Systemwide crypto policies

One can use update-crypto-policies command to update or set up system-wide cryptographic policy on CentOS for TLS/SSH/Kerberos and so on:
Manage the policies available to the various cryptographic back-ends

The policies currently provide settings for these applications and libraries:

BIND DNS name server daemon
GnuTLS TLS library
OpenJDK runtime environment
Kerberos 5 library
Libreswan IPsec and IKE protocol implementation
NSS TLS library
OpenSSH SSH2 protocol implementation
OpenSSL TLS library
https://www.cyberciti.biz/linux-news/centos-linux-8-released-new-features-and-download/
 

ikkeben

Verified User
Joined
May 22, 2014
Messages
587
Location
Netherlands Germany
FYI:

I did install EPEL and powertools to before the DA install

Finally, enable the PowerTools repository since EPEL packages may depend on packages from it:
sudo yum config-manager --set-enabled PowerTools
Now that EPEL repo installed it is time to configure and use it. Hence, run the following command:
sudo yum update

Example for htop , you can install RKHUNTER to
dnf --enablerepo= 'epel' install htop
 
Last edited:
Top