Chapter 6. Roles and Users
In this chapter
• 6.1 Role-Based Access Control in SELinux
• 6.2 Roles and Role Statements
• 6.3 Users and User Statements
• 6.4 Exploring Roles and Users with Apol
SELinux provides a form of role-based access control (RBAC) that builds upon type enforcement (TE). Roles are used to group domain types and to restrict relationships between domain types and users. Users in SELinux associate one or more roles with a Linux user. Using roles and users, the RBAC features allow for the efficient definition and management of the privileges ultimately granted to Linux users.
6.1 Role-Based Access Control in SELinux
Roles and users exist in SELinux as the basis for its RBAC feature. It may be surprising ...
Get SELinux by Example: Using Security Enhanced Linux now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.