A SysAdmin’s Guide to SELinux: 42 Answers to the Big Questions

537

“It is an important and popular fact that things are not always what they seem…”

―Douglas Adams, The Hitchhiker’s Guide to the Galaxy

Security. Hardening. Compliance. Policy. The Four Horsemen of the SysAdmin Apocalypse. In addition to our daily tasks—monitoring, backup, implementation, tuning, updating, and so forth—we are also in charge of securing our systems. Even those systems where the third-party provider tells us to disable the enhanced security. It seems like a job for Mission Impossible‘s Ethan Hunt.

Faced with this dilemma, some sysadmins decide to take the blue pill because they think they will never know the answer to the big question of life, the universe, and everything else. And, as we all know, that answer is 42.

In the spirit of The Hitchhiker’s Guide to the Galaxy, here are the 42 answers to the big questions about managing and using SELinux with your systems.

  1. SELinux is a LABELING system, which means every process has a LABEL. Every file, directory, and system object has a LABEL. Policy rules control access between labeled processes and labeled objects. The kernel enforces these rules.

Read more at OpenSource.com