Line 24: | Line 24: | ||
* [[SELinux|SELinux]] | * [[SELinux|SELinux]] | ||
* [[SELinux/Understanding|Understanding SELinux]] | * [[SELinux/Understanding|Understanding SELinux]] | ||
* [[SELinux/Policies|Discussion of Policies]] | * [[SELinux/Policies|Discussion of Policies]] | ||
* [[Docs/Drafts/SELinux/SETroubleShoot|SETroubleShoot]] | * [[Docs/Drafts/SELinux/SETroubleShoot|SETroubleShoot]] | ||
* [ | * [https://fedorahosted.org/setroubleshoot/ Troubleshoot Tool] | ||
* [[SELinux/Troubleshooting|Troubleshooting SELinux]] | * [[SELinux/Troubleshooting|Troubleshooting SELinux]] | ||
* [http://fedoraproject.org/wiki/SELinux_FAQ SELinux FAQs] | * [http://fedoraproject.org/wiki/SELinux_FAQ SELinux FAQs] | ||
Line 33: | Line 33: | ||
* [http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/ Fedora 13 - SELinux FAQ] | * [http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/ Fedora 13 - SELinux FAQ] | ||
* [http://docs.fedoraproject.org/en-US/Fedora/13/html/Managing_Confined_Services/ Fedora 13 - Managing Confined Services Guide] | * [http://docs.fedoraproject.org/en-US/Fedora/13/html/Managing_Confined_Services/ Fedora 13 - Managing Confined Services Guide] | ||
* [[SELinux/MCS|Multi Category Security/MCS]] | * [[SELinux/MCS|Multi Category Security/MCS]] | ||
* [[SELinux/MLS|Multi Level Security/MLS]] | * [[SELinux/MLS|Multi Level Security/MLS]] | ||
* [[SELinux/LoadableModules|Loadable Modules]] | * [[SELinux/LoadableModules|Loadable Modules]] | ||
* [[SELinux/PolicyGenTools|Policy Generation Tools | * [[SELinux/PolicyGenTools|Policy Generation Tools]] | ||
* [[Selinux_grammar|SELinux Policy Grammar language]] | * [[Selinux_grammar|SELinux Policy Grammar language]] | ||
* http://danwalsh.livejournal.com/ | * http://danwalsh.livejournal.com/ | ||
Line 45: | Line 43: | ||
* http://selinuxnews.org/ | * http://selinuxnews.org/ | ||
* http://www.nsa.gov/selinux/ | * http://www.nsa.gov/selinux/ | ||
Possibly dated references - | |||
* [[SELinux/Domains|Confined Domains]] | |||
* [[SELinux/Commands|SELinux Commands]] | |||
''Lead Writer:'' | ''Lead Writer:'' |
Revision as of 05:31, 27 December 2010
SELinux Guide
Documentation Summary:
Purpose: How to accomplish specific tasks with SELinux in the desktop environment. This requires a major expansion of the content beyond the SELinux FAQ which will be amalgamated into this guide in use case scenarios.
A user who finishes reading this guide should be able to:
- Understand how the Linux kernel, policy, and user tools work together to implement SELinux in Fedora
- Understand the differences and interactions between legacy UNIX access controls and SELinux
- Determine, set, and understand the operational mode of SELinux in a Fedora system
- Determine, set, and understand object and file labels
- Understand how to perform an automatic relabeling of a file system
Audience: Individuals who are unfamiliar with SELinux and who need to learn how to function in an environment with SELinux enabled.
Approach: This document explains basic principles by explaining one principle at a time. The document assumes some familiarity with Linux/UNIX-specific terminology or concepts. Functionality is also compared, where appropriate, to what the reader may know from other OSes, particularly Microsoft Windows.
Assumptions: The reader has a standard Desktop class installation of Fedora with, including a user account with the default settings. The reader does have access to the root password. (We changed this "non-root access" assumption so that we can include more coverage of regular software updates and the installation of alternate packages and desktops.)
Related Documents:
- SELinux
- Understanding SELinux
- Discussion of Policies
- SETroubleShoot
- Troubleshoot Tool
- Troubleshooting SELinux
- SELinux FAQs
- Fedora 13 - Security-Enhanced Linux User Guide
- Fedora 13 - SELinux FAQ
- Fedora 13 - Managing Confined Services Guide
- Multi Category Security/MCS
- Multi Level Security/MLS
- Loadable Modules
- Policy Generation Tools
- SELinux Policy Grammar language
- http://danwalsh.livejournal.com/
- http://james-morris.livejournal.com/
- http://docs.fedoraproject.org/selinux-faq
- http://selinuxnews.org/
- http://www.nsa.gov/selinux/
Possibly dated references -
Lead Writer:
Writers: MarcWiriadisastra