Linux Today: Linux News On Internet Time.

More on LinuxToday

Tips for Taming SE Linux, Part Two

Dec 05, 2007, 08:30 (0 Talkback[s])
(Other stories by Carla Schroder)

"Last week we took the eagle's eye view of the principles behind SELinux. Today we'll dig a bit more deeply into SELinux policies, and then fire up Fedora 8 and see what SELinux looks like in practice. I recommend using the latest Fedora version as a SELinux training tool, because Fedora has the most mature implementation and userspace tools. Red Hat Enterprise Linux and CentOS, the leading Red Hat clone, have similar SELinux setups to Fedora. Gentoo also has a nice SELinux implementation. I don't recommend starting from scratch. Start with a working setup, and then plan to spend considerable time learning your way around it, because it is a big complex beast.

"It's not that SELinux itself is so complex; it's the scale of it. SELinux wants to touch every file and process on your system. Fedora, RHEL, and Gentoo come with prefab policies, and this is a good thing because writing SELinux policies is a large undertaking..."

Complete Story

Related Stories: