O'Reilly logo

SELinux by Bill McCarty

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Role-Based Access Control

Up to this point in the book, we’ve looked at the functions SELinux provides and the configuration files that direct its operation. However, we’ve merely glanced at the SELinux policy language that’s used to specify the SELinux security policy. Our situation is akin to that of a 15th or 16th century explorer who has studied maps of the New World and dreamed of the exotic sights that may be found there but has not yet ventured to sea. In this chapter, we at last embark upon our sea voyage.

In this chapter and the following two chapters, you’ll find a detailed explanation of the SELinux policy language and several related languages, such as those used to specify file and security contexts. This chapter explains the SELinux role-based access control policies, Chapter 7 explains the SELinux type-enforcement policies, and Chapter 8 explains other elements of the SELinux policy. Of course, most likely your goal is not merely to understand the SELinux policy language or SELinux security policies themselves, though such skills are useful to the SELinux system administrator. Instead, it’s more likely that you want to be able to specify new and modified SELinux security policies. If that is your goal, Chapter 6 through Chapter 8 won’t quite take you to the end of your voyage, though you’ll make landfall near the end of Chapter 8. Then you’ll be ready for Chapter 9, which explains how you can customize existing SELinux policies and implement your own policies. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required