Chapter 2: Understanding SELinux Decisions and Logging
Once we enable SELinux on the system, it starts its access control functionality, as described in the previous chapter. Once it starts, administrators need to keep a close eye on its actions, and often need to deal with unexpected behavior if one or more applications are not acting according to the SELinux policy. Through SELinux logging, we learn how SELinux enforces its policies toward the applications on the system.
Administrators have to know how to switch between SELinux in full-enforcement mode (resembling a host-based intrusion prevention system) versus its permissive, logging-only mode, and use its various methods to toggle the SELinux state (enabled or disabled; permissive or enforcing). ...
Get SELinux System Administration - Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.