Ebook: SELinux System Administration

About This BookLeverage SELinux to improve the secure state of your Linux systemA clear approach to adopting SELinux within your organization Essential skills and techniques to help further your system administration careerWho This Book Is For This book is for Linux administrators who want to control the secure state of their systems. It's packed with the latest information on SELinux operations and administrative procedures so you'll be able to further harden your system through mandatory access control (MAC) - a security strategy that has been shaping Linux security for years. What You Will LearnAnalyze SELinux events and selectively enable or disable SELinux enforcementManage Linux users and associate them with the right role and permission setSecure network communications through SELinux access controlsTune the full service flexibility by dynamically assigning resource labelsHandle SELinux access patterns enforced through the systemQuery the SELinux policy in depthIn Detail Do you have the daunting job of protecting your and your company's systems from malicious attacks and undefined application behaviour? Or are you looking to secure your Linux systems with improved access controls? Well, look no further! This book gives you all the preliminary know-how about enhancing your system's secure state across Linux distributions, helping you keep application vulnerabilities at bay. In this book, we describe the SELinux concepts and show you how to leverage SELinux to improve the protection measures of a Linux system. You will learn not only about the fundamental SELinux concepts, but also about all of SELinux's configuration, including conditional policies, constraints, policy types, and audit capabilities, with genuine examples that you as administrators might come across. In addition, you will learn how to further harden the virtualization.;Offering of both libvirt (sVirt) and Docker through SELinux. By the end of the book, you will know how SELinux works and how it can be tuned to your needs.;Cover -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Fundamental SELinux Concepts -- Providing more security to Linux -- Using Linux security modules -- Extending regular DAC with SELinux -- Restricting root privileges -- Reducing the impact of vulnerabilities -- Enabling SELinux support -- Labeling all resources and objects -- Dissecting the SELinux context -- Enforcing access through types -- Granting domain access through roles -- Limiting roles through users -- Controlling information flow through sensitivities -- Defining and distributing policies -- Writing SELinux policies -- Distributing policies through modules -- Bundling modules in a policy store -- Distinguishing between policies -- Supporting MLS -- Dealing with unknown permissions -- Supporting unconfined domains -- Limiting cross-user sharing -- Incrementing policy versions -- Different policy content -- Summary -- Chapter 2: Understanding SELinux Decisions and Logging -- Switching SELinux on and off -- Setting the global SELinux state -- Switching to permissive (or enforcing) mode -- Using kernel boot parameters -- Disabling SELinux protections for a single service -- Understanding SELinux-aware applications -- SELinux logging and auditing -- Following audit events -- Uncovering more logging -- Configuring Linux auditing -- Configuring the local system logger -- Reading SELinux denials -- Other SELinux-related event types -- USER_AVC -- SELINUX_ERR -- MAC_POLICY_LOAD -- MAC_CONFIG_CHANGE -- MAC_STATUS -- NetLabel events -- Labeled IPsec events -- Using ausearch -- Getting help with denials -- Troubleshooting with setroubleshoot -- Sending e-mails when SELinux denials occur -- Using audit2why -- Interacting with systemd-journal -- Using common sense -- Summary -- Chapter 3: Managing User Logins.