SELinux System Administration



SELinux System Administration
A comprehensive guide to walk you through SELinux access controls
Overview
Use SELinux to further control network communications
Enhance your system's security through SELinux access controls
Set up SELinux roles, users and their sensitivity levels
In Detail
NSA Security-Enhanced Linux (SELinux) is a set of patches and added utilities to the Linux kernel to incorporate a strong, flexible, mandatory access control architecture into the major subsystems of the kernel. With its fine-grained yet flexible approach, it is no wonder Linux distributions are firing up SELinux as a default security measure.
SELinux System Administration covers the majority of SELinux features through a mix of real-life scenarios, descriptions, and examples. Everything an administrator needs to further tune SELinux to suit their needs are present in this book.
This book touches on various SELinux topics, guiding you through the configuration of SELinux contexts, definitions, and the assignment of SELinux roles, and finishes up with policy enhancements. All of SELinux's configuration handles, be they conditional policies, constraints, policy types, or audit capabilities, are covered in this book with genuine examples that administrators might come across.
By the end, SELinux System Administration will have taught you how to configure your Linux system to be more secure, powered by a formidable mandatory access control.
What you will learn from this book
Enable and disable features selectively or even enforce them to a granular level
Interpret SELinux logging to make security-conscious decisions
Assign new contexts and sensitivity labels to files and other resources
Work with mod_selinux to secure web applications
Use tools like sudo, runcon, and newrole to switch roles and run privileged commands in a safe environment
Use iptables to assign labels to network packets
Configure IPSec and NetLabel to transport SELinux contexts over the wire
Build your own SELinux policies using reference policy interfaces
Approach
A step-by-step guide to learn how to set up security on Linux servers by taking SELinux policies into your own hands.
Who this book is written for
Linux administrators will enjoy the various SELinux features that this book covers and the approach used to guide the admin into understanding how SELinux works. The book assumes that you have basic knowledge in Linux administration, especially Linux permission and user management.
Download


keep2share