O'Reilly logo
live online training icon Live Online training

Mastering SELinux

Topic: System Administration
Sander van Vugt

SELinux, otherwise known as Security-Enhanced Linux, is one of the most difficult Linux concepts to understand and use, yet it is key to providing access control and is also an important topic in the Red Hat RHCSA, CompTIA Linux+ and Linux Foundation LFCS exams. The Linux operating system was never designed with overall security in mind, and that’s exactly where SELinux comes in. Using SELinux adds 21st century security to the Linux operating system. This training session will fully explore SELinux so you can fully utilize its capabilities and understand the concepts for whichever certification exam you are taking. Although SELinux is not easy to understand there’s no need to struggle with it. This course is essential to everyone who wants to a Linux certification exam such as RHCSA or RHCE.

What you'll learn-and how you can apply it

  • Understanding SELinux
  • Monitoring SELinux behavior
  • Managing SELinux Context Labels
  • Managing SELinux Booleans
  • Troubleshooting SELinux
  • Creating SELinux Policy Modules
  • Making Any Application work with SELinux

This training course is for you because...

This session is for Linux developers, administrators and security officers that want to increase the level of security offered by their Linux servers.


Basic Linux Skills

Materials, downloads, or Supplemental Content needed in advance

The course participant needs to install and configure a lab environment. This can be a Linux virtual machine that runs in virtualization software on the participants own computer, using software like VMware Workstation or Oracle VirtualBox, or on a dedicated computer. Instructions on how to set up a lab environment can be found on Safari at: https://learning.oreilly.com/library/view/red-hat-certified/9780134723990/.

Participants need to install a virtual or physical machine with a recent 7.x version of either Red Hat Enterprise Linux, or CentOS.


If an attendee has no experience with Linux, we recommend studying: "Beginning Linux System Administration".

About your instructor

  • Sander van Vugt started working with Linux in 1992. He wrote his first book about Linux in 1999, and up to date has completed 62 different books on Linux related topics, including the best selling titles like the RHCSA Complete Video Course and the Certified Kubernetes Application Developer (CKAD) Crash Course as well as many other open source platform titles. He also works as a Linux instructor, teaching on-site and on-line classes for customers around the world.


The timeframes are only estimates and may vary according to how the class is progressing

Segment 1: Understanding SELinux (40 min)

  • Students will learn why SELinux is an essential part of Linux security, and how it is organized

Segment 2: Monitoring SELinux Behavior (20 min)

  • Students will learn how to analyze what SELinux is doing to protect their systems


Segment 3: Managing SELinux Context labels (60 min)

  • Students will learn how to manage SELinux context label in different lab-demos to ensure that no matter what needs to be secured the student will be able to secure it using SELinux context labels


Segment 4: Managing SELinux Booleans (20 min)

  • Students will learn how to use booleans to protect services. Students will also learn how to analyze exactly what a boolean is doing.

Segment 5: Troubleshooting SELinux (40 min)

  • Students will learn how to troubleshoot SELinux based on different case scenarios


Segment 6: Creating SELinux Policy Modules (40 min)

  • Students will learn what they can do to create their own SELinux Policy Modules to ensure that any application will work in an environment where SELinux is enabled


Segment 7: Making Any Application work with SELinux (40 min)

  • Students will learn what they can do when an application doesn't work well in an environment where SELinux is enabled.