Pointers to some SELinux explanations

July 14, 2006

SELinux is one of those things that have been cropping up on my radar ever since I had to start telling the Red Hat installer not to turn it on. (I kept not enabling it because changing an entire security architecture of a system is not to be done lightly, even when it's a new system I'm setting up.)

SELinux is an imposing system with equally imposing documentation. Fortunately, recently Dan Walsh of Red Hat has been posting some very useful (to me) 'SELinux for beginners' documentation:

  1. a basic introduction
  2. How does SELinux enforce policy?
  3. Applications that work with SELinux
  4. File contexts and mv/cp/install
  5. How logging in and so on work
  6. The /etc/selinux/config file and how to change what SELinux level your system uses
  7. config files in general
  8. Managing file contexts
  9. the restorcond daemon
  10. SELinux manpages and AVC messages
  11. Booleans
  12. Role Based Access Controls (RBAC)
  13. Using RBAC in a MLS policy
  14. more on Module handling
  15. SELinux reveals bugs in other code
  16. Loadable Modules - File Context

There's also a Fedora Core 5 SELinux FAQ, with links to other FAQs. However, from reading through it I think Dan Walsh's stuff is easier to follow.

(This entry is a bit belated, because Dan Walsh didn't so much wrap up his series of entries as stop writing them, which I can't exactly blame him for, and I was sitting on it until the series was 'complete'.)

Written on 14 July 2006.
« A thought on Linux installation versus Solaris 9 installation
SELinux bites man: a story »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Fri Jul 14 02:19:36 2006
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.