Docs/Drafts/SELinux

From FedoraProject

< Docs | Drafts(Difference between revisions)
Jump to: navigation, search
(Documentation Summary:)
(Documentation Summary:)
Line 25: Line 25:
 
* [[SELinux|SELinux]]
 
* [[SELinux|SELinux]]
 
* [[SELinux/Understanding|Understanding SELinux]]
 
* [[SELinux/Understanding|Understanding SELinux]]
* [[SELinux/Policies|Discussion of Policies]]
+
* Troubleshooting -
* [[Docs/Drafts/SELinux/SETroubleShoot|SETroubleShoot]]
+
# [[Docs/Drafts/SELinux/SETroubleShoot|SETroubleShoot]]
* [https://fedorahosted.org/setroubleshoot/ Troubleshoot Tool]
+
# [https://fedorahosted.org/setroubleshoot/ Troubleshoot Tool]
* [[SELinux/Troubleshooting|Troubleshooting SELinux]]  
+
# [[SELinux/Troubleshooting|Troubleshooting SELinux]]
* [http://fedoraproject.org/wiki/SELinux_FAQ SELinux FAQs]
+
* FAQs -
* [http://docs.fedoraproject.org/en-US/Fedora/13/html/Security-Enhanced_Linux/ Fedora 13 - Security-Enhanced Linux User Guide]
+
# [http://fedoraproject.org/wiki/SELinux_FAQ SELinux FAQs]
* [http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/ Fedora 13 - SELinux FAQ]
+
# [http://docs.fedoraproject.org/en-US/Fedora/13/html/Security-Enhanced_Linux/ Fedora 13 - Security-Enhanced Linux User Guide]
* [http://docs.fedoraproject.org/en-US/Fedora/13/html/Managing_Confined_Services/ Fedora 13 - Managing Confined Services Guide]
+
# [http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/ Fedora 13 - SELinux FAQ]
 +
# [http://docs.fedoraproject.org/en-US/Fedora/13/html/Managing_Confined_Services/ Fedora 13 - Managing Confined Services Guide]
 
* [[SELinux/MCS|Multi Category Security/MCS]]
 
* [[SELinux/MCS|Multi Category Security/MCS]]
 
* [[SELinux/MLS|Multi Level Security/MLS]]
 
* [[SELinux/MLS|Multi Level Security/MLS]]
 
* [[SELinux/LoadableModules|Loadable Modules]]
 
* [[SELinux/LoadableModules|Loadable Modules]]
* [[SELinux/PolicyGenTools|Policy Generation Tools]]
+
* Policies -
* [[Selinux_grammar|SELinux Policy Grammar language]]
+
# [[SELinux/Policies|Discussion of Policies]]
 +
# [[SELinux/PolicyGenTools|Policy Generation Tools]]
 +
# [[Selinux_grammar|SELinux Policy Grammar language]]
 +
 
 +
Recommended Textbook -
 +
 
 +
* [http://www.selinuxbyexample.com/ SELinux By Example: Using Security Enhanced Linux] by Frank Mayer, Karl MacMillan, David Caplan - Prentice Hall, 2007
 +
 
 +
Additional Web Site References -
 +
 
 
* http://danwalsh.livejournal.com/
 
* http://danwalsh.livejournal.com/
 
* http://james-morris.livejournal.com/
 
* http://james-morris.livejournal.com/
 
* http://docs.fedoraproject.org/selinux-faq
 
* http://docs.fedoraproject.org/selinux-faq
 
* http://selinuxnews.org/
 
* http://selinuxnews.org/
* http://www.nsa.gov/selinux/
 
  
Recommended Textbook -
+
NSA References -
  
* [http://www.selinuxbyexample.com/ SELinux By Example: Using Security Enhanced Linux] by Frank Mayer, Karl MacMillan, David Caplan - Prentice Hall, 2007
+
* [http://www.nsa.gov/selinux/ NSA SELinux main website]
 +
* [http://www.nsa.gov/selinux/info/faq.cfm NSA SELinux FAQ]
  
Possibly dated references -
+
Possibly Dated Content References -
  
 
* [[SELinux/Domains|Confined Domains]]
 
* [[SELinux/Domains|Confined Domains]]

Revision as of 05:48, 27 December 2010

Warning (medium size).png
This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page.
Stop (medium size).png
TRANSLATORS
Please do not translate this document until it is checked into CVS. This document is undergoing very large changes in structure and content

Contents

SELinux Guide

Idea.png
Contributions are welcomed!

Documentation Summary:

Purpose: How to accomplish specific tasks with SELinux in the desktop environment. This requires a major expansion of the content beyond the SELinux FAQ which will be amalgamated into this guide in use case scenarios.

A user who finishes reading this guide should be able to:

  1. Understand how the Linux kernel, policy, and user tools work together to implement SELinux in Fedora
  2. Understand the differences and interactions between legacy UNIX access controls and SELinux
  3. Determine, set, and understand the operational mode of SELinux in a Fedora system
  4. Determine, set, and understand object and file labels
  5. Understand how to perform an automatic relabeling of a file system

Audience: Individuals who are unfamiliar with SELinux and who need to learn how to function in an environment with SELinux enabled.

Approach: This document explains basic principles by explaining one principle at a time. The document assumes some familiarity with Linux/UNIX-specific terminology or concepts. Functionality is also compared, where appropriate, to what the reader may know from other OSes, particularly Microsoft Windows.

Assumptions: The reader has a standard Desktop class installation of Fedora with, including a user account with the default settings. The reader does have access to the root password. (We changed this "non-root access" assumption so that we can include more coverage of regular software updates and the installation of alternate packages and desktops.)

Related Documents:

  1. SETroubleShoot
  2. Troubleshoot Tool
  3. Troubleshooting SELinux
  • FAQs -
  1. SELinux FAQs
  2. Fedora 13 - Security-Enhanced Linux User Guide
  3. Fedora 13 - SELinux FAQ
  4. Fedora 13 - Managing Confined Services Guide
  1. Discussion of Policies
  2. Policy Generation Tools
  3. SELinux Policy Grammar language

Recommended Textbook -

Additional Web Site References -

NSA References -

Possibly Dated Content References -

Lead Writer:

Writers: MarcWiriadisastra


Fedora SELinux Guide DRAFT

Table of Contents