Learn to enhance your system's security through SELinux access controls with Packt’s new book and eBook.

October 2013 | Open Source

Packt is pleased to announce the release of the book SELinux System Administration, a step-by-step guide to use SELinux to control network communications. The book is useful for building personal SELinux policies using reference policy interfaces, configuring IPSec and Net-Label to transport SELinux contexts over the wire, and also work with mod_SELinux to secure web applications. The print book is 120 pages long and is competitively priced at $32.99, while the eBook is available in Amazon, Kindle, PDF versions for $16.99.

About the author:

Sven is an IT infrastructure architect working at a European financial institution. He is a long term contributor to various free software projects and the author of various online guides and resources. In 2003, he joined the ranks of the Gentoo Linux project as a documentation developer and has since then crossed several roles, including being Gentoo Foundation’s trustee, council member, project leads for documentation, and at present he is the project lead for Gentoo Hardened’s SELinux integration. In this timeframe, he has gained expertise in several technologies, ranging from operating system level knowledge to application servers, as he used his interest in security to guide his projects further: security guides using SCAP languages, mandatory access controls through SELinux, authentication with PAM, (application) firewalling, and more. Prior to this, he graduated with an MSc in Computer Engineering at the University of Ghent and then worked as a web application infrastructure engineer with IBM Web Sphere AS. On SELinux, he has contributed several policies to the reference policy project, and participates actively in policy development and user space development projects. He also authored the Linux Sea online publication, which is a gentle introduction to Linux for novice system administrators.

Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies. It is a set of kernel modifications and user-space tools that can be added to various Linux distributions. SELinux is a security enhancement to Linux which gives users and administrators more access control.

SELinux System Administration helps its readers to set up SELinux roles, users, and their sensitivity levels, as well as enable and disable features selectively or even enforce them on a granular level. The book also teaches readers how to assign new contexts and sensitivity labels to files and other resources, and use tools like sudo, runcon, and new-role to switch roles and run privileged commands in a safe environment.

This book covers various SELinux topics, guiding readers through the configuration of SELinux contexts, definitions, and the assignment of SELinux roles, and finishes up with policy enhancements. All of SELinux's configuration handles, be they conditional policies, constraints, policy types, or audit capabilities, are covered in this book with real-world examples that administrators might come across.

The following topics are covered in the book:

Chapter 1: Fundamental SELinux Concepts

Chapter 2: Understanding SELinux Decisions and Logging

Chapter 3: Managing User Logins

Chapter 4: Process Domains and File-level Access Controls

Chapter 5: Controlling Network Communications

Chapter 6: Working with SELinux Policies

This book would be helpful for Linux administrators who have some experience with the various SELinux features that this book covers and understand how SELinux works. Basic knowledge of Linux administration would also be an advantage. For more information please visit:http://www.packtpub.com/selinux-system-administration/book .

SELinux System Administration
Enhance your system's security through SELinux access controls

For more information, please visit: http://www.packtpub.com/selinux-system-administration/book

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software