How To Install mod_selinux on Fedora 34

mod_selinux is Apache/SELinux plus module

Introduction

In this tutorial we learn how to install mod_selinux on Fedora 34.

What is `mod_selinux`

The Apache/SELinux plus is an extra module (mod_selinux.so) which enables to launch contents-handler (it means both of references to static contents and invocations of web applications) with individual and restrictive privileges set, based on http authentication. The mod_selinux.so generates a one-time worker thread for each request, and it assigns the worker restrictive domain based on the authentication prior to launching contents handlers. It means we can apply valid access controls on web-applications, and makes assurance operating system can prevent violated accesses, even if web application contains security bugs or vulnerabilities.

We can use yum or dnf to install mod_selinux on Fedora 34. In this tutorial we discuss both methods but you only need to choose one of method to install mod_selinux.

Install mod_selinux on Fedora 34 Using dnf

Update yum database with dnf using the following command.

sudo dnf makecache --refresh

The output should look something like this:

Fedora 34 - x86_64                               20 kB/s | 6.6 kB     00:00
Fedora 34 openh264 (From Cisco) - x86_64        1.4 kB/s | 989  B     00:00
Fedora Modular 34 - x86_64                       68 kB/s | 6.5 kB     00:00
Fedora 34 - x86_64 - Updates                    3.5 kB/s | 6.2 kB     00:01
Fedora Modular 34 - x86_64 - Updates             17 kB/s | 5.9 kB     00:00
Metadata cache created.

After updating yum database, We can install mod_selinux using dnf by running the following command:

sudo dnf -y install mod_selinux

Install mod_selinux on Fedora 34 Using yum

Update yum database with yum using the following command.

sudo yum makecache --refresh

The output should look something like this:

Fedora 34 - x86_64                               20 kB/s | 6.6 kB     00:00
Fedora 34 openh264 (From Cisco) - x86_64        1.4 kB/s | 989  B     00:00
Fedora Modular 34 - x86_64                       68 kB/s | 6.5 kB     00:00
Fedora 34 - x86_64 - Updates                    3.5 kB/s | 6.2 kB     00:01
Fedora Modular 34 - x86_64 - Updates             17 kB/s | 5.9 kB     00:00
Metadata cache created.

After updating yum database, We can install mod_selinux using yum by running the following command:

sudo yum -y install mod_selinux

How To Uninstall mod_selinux on Fedora 34

To uninstall only the mod_selinux package we can use the following command:

sudo dnf remove mod_selinux

mod_selinux Package Contents on Fedora 34

/etc/httpd/conf.d/mod_selinux.conf
/etc/httpd/conf.modules.d/10-mod_selinux.conf
/usr/lib/.build-id
/usr/lib/.build-id/27
/usr/lib/.build-id/27/7490251c7849918b50195f494baf36537e1fd2
/usr/lib64/httpd/modules/mod_selinux.so
/usr/share/doc/mod_selinux
/usr/share/doc/mod_selinux/LICENSE
/usr/share/doc/mod_selinux/README
/usr/share/selinux/packages/mod_selinux.minimum.pp
/usr/share/selinux/packages/mod_selinux.mls.pp
/usr/share/selinux/packages/mod_selinux.targeted.pp

References

mod_selinux website

Summary

In this tutorial we learn how to install mod_selinux on Fedora 34 using yum and dnf.