Chapter 8. Working with SELinux Policies

Until now, we have been working with an existing SELinux policy by tuning our system to deal with the proper SELinux contexts and assigning the right labels to files, directories, and even network ports. In this chapter, we will:

Manipulate conditional SELinux policy rules through booleans
Learn to create new custom SELinux policy modules
Develop user and application domains
Replace existing policies with new, custom ones

We'll end the chapter with a few examples of custom policies that augment our SELinux experience and fine-tune the policy to match the security requirements that the administrator has in mind.

SELinux booleans

One of the methods of manipulating SELinux policies is by toggling SELinux booleans. ...

Get SELinux System Administration - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SELinux System Administration - Second Edition by Sven Vermeulen

Chapter 8. Working with SELinux Policies

SELinux booleans

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly