SELinux for idiots

Does such a thing exist? I am trying to get to grips with the basics so I can form a foundation of knowledge but even that is proving difficult. I am ending up with headaches I have watched tutorials and read some documentation but in all honesty I do not understand it

Gods of LInux can you summarise what SELinux is? like really break it down for me?

Or is there some really noob friendly documentation around? I am currently switching SElinux off completely but I wish to turn it on and actually understand what the hell it is doing lol

Many Thanks

Find more posts tagged with

Comments

OctalDump

Yes. There was a youtube video on it. I'll see if I can dig it up. In the meantime, here's something to get started on.

https://www.youtube.com/watch?v=q_y30qZ_plQ

https://www.youtube.com/watch?v=TeaupdLYzmE

https://www.youtube.com/watch?v=tXNr3gOgrn8

RHCSA Series: Mandatory Access Control Essentials with SELinux in RHEL 7 - Part 13

alias454

Here is an SELinux coloring book https://github.com/mairin/selinux-coloring-book

Archon

This book is awesome. No one in the office has any coloured pens or pencils though

OctalDump

One step closer. I'm pretty sure this is the same presenter for the video I am thinking of.

https://www.youtube.com/watch?v=cNoVgDqqJmM

Verities

SELinux is a Mandatory Access Control and it assigns different contexts to each file, known as subjects, objects, and actions. A subject is a process, an object is a file, and an action is what may be done by the subject to the object. It allows for fine grain access controls to a system, which provides a very powerful solution for administrators. This is just a the tip of the ice berg, so I suggest doing a bunch of reading in the Red Hat 7 SELinux Administrator's Guide for further information.

Also you need to lab to understand SELinux...so configure a system and set SELinux to Permissive mode (logs all violations). Next install setroubleshoot-server and run sealert -a /var/log/audit/audit.log. Now you can read how to fix any violations and what degree of confidence the program suggests for each action to get resolved.

Magmadragoon

The best way I think of SELinux is it protects the Linux OS from anything that is not typical. For example, you have a Linux server that does SSH over port 22. If you decide to add SSH to port 2222 it is going to fail even if the port is open on the firewall. To enable the port 2222 to work in the system you use sudo semanage port -a -t ssh_port_t -p tcp 2222 .Then to verify if the port is now working use sudo semanage port -l | grep ssh.

To check if the system has SELinux enabled you use the command getenforce and it should return Enforcing if SELinux is enabled or Permissive if disabled. To set the SELinux status use the setenforce 0 to go to Permissive and setenforce 1 to go to Enforcing.