O'Reilly logo

SELinux by Example: Using Security Enhanced Linux by David Caplan, Karl MacMillan, Frank Mayer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Roles and Users

In this chapter

• 6.1 Role-Based Access Control in SELinux

• 6.2 Roles and Role Statements

• 6.3 Users and User Statements

• 6.4 Exploring Roles and Users with Apol

• 6.5 Summary

• Exercises

SELinux provides a form of role-based access control (RBAC) that builds upon type enforcement (TE). Roles are used to group domain types and to restrict relationships between domain types and users. Users in SELinux associate one or more roles with a Linux user. Using roles and users, the RBAC features allow for the efficient definition and management of the privileges ultimately granted to Linux users.

6.1 Role-Based Access Control in SELinux

Roles and users exist in SELinux as the basis for its RBAC feature. It may be surprising ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required