SELinux by Example: Using Security Enhanced Linux

Chapter 6. Roles and Users

In this chapter

• 6.1 Role-Based Access Control in SELinux

• 6.4 Exploring Roles and Users with Apol

SELinux provides a form of role-based access control (RBAC) that builds upon type enforcement (TE). Roles are used to group domain types and to restrict relationships between domain types and users. Users in SELinux associate one or more roles with a Linux user. Using roles and users, the RBAC features allow for the efficient definition and management of the privileges ultimately granted to Linux users.

6.1 Role-Based Access Control in SELinux

Roles and users exist in SELinux as the basis for its RBAC feature. It may be surprising ...

Get SELinux by Example: Using Security Enhanced Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SELinux by Example: Using Security Enhanced Linux by Frank Mayer, Karl MacMillan, David Caplan

Chapter 6. Roles and Users

6.1 Role-Based Access Control in SELinux

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly