Gentoo Logo

Disclaimer : This document is not valid and is not maintained anymore.


[ << ] [ < ] [ Home ] [ > ] [ >> ]


Gentoo SELinux Handbook

Content:

  • Introduction to Gentoo/Hardened SELinux
    In this part we cover what SELinux is and how it is positioned within the Gentoo/Hardened project.
    1. Enhancing Linux Security
      Security is more than enabling a certain framework or installing a different Linux kernel. It is a way of working / administrating your Gentoo Linux system. We cover a few (generic) best practices, and then elaborate on what Mandatory Access Control is and how SELinux fills in this gap.
    2. SELinux Concepts
      To be able to properly work with SELinux, it is vital that you understand a few of its concepts like domains, domain transitions and file contexts. Without a basic understanding of these aspects, it will be difficult to understand how SELinux policies work and how to troubleshoot if things go wrong.
    3. SELinux Resources
      To get more acquainted with SELinux, many resources exist on the Internet. In this chapter we give a quick overview of the various resources as well as places where you can get more help when you are fighting with SELinux.
  • Using Gentoo/Hardened SELinux
    With the theoretic stuff behind us, let us start by installing Gentoo/Hardened with a SELinux kernel as well as the SELinux tools.
    1. Gentoo SELinux Installation / Conversion
      To set up SELinux within Gentoo/Hardened, you first need to install Gentoo with the correct Hardened profile (or convert to the Hardened profile) and then update your system to become a SELinux-managed system. This chapter will guide you through this process.
    2. Configuring SELinux For Your Needs
      With SELinux now "installed" and enabled (although in permissive mode), we now configure it to suit your particular needs. After all, SELinux is a Mandatory Access Control system where you, as security administrator, define what is allowed and what not.
    3. SELinux Commands
      Let's take a step back and get to know a few more commands. We covered most of them in the previous section, but we will now dive a bit deeper in its syntax, features and potential pitfalls.
    4. Permissive, Unconfined, Disabled or What Not...
      Your system can be in many SELinux states. In this chapter, we help you switch between the various states / policies.
    5. Modifying the Gentoo Hardened SELinux Policy
      Gentoo Hardened offers a default policy, but this might not allow what you want (or allows too much). In this chapter we tell you how you can tweak Gentoo's policy, or even run your own.
    6. Troubleshooting SELinux
      Everything made by a human can and will fail. In this chapter we will try to keep track of all potential issues you might come across and how to resolve them.
    7. Change History
      As documentation evolves with the technology, this handbook too sees its fair share of changes. To allow users, who are already on SELinux, to verify if there are any changes they need to be aware off, this chapter lists the changes in chronological order.

[ << ] [ < ] [ Home ] [ > ] [ >> ]


Print

View all

Page updated September 18, 2011

Summary: This is the Gentoo SELinux Handbook.

Chris PeBenito
Author

Sven Vermeulen
Author

Chris Richards
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.