O'Reilly logo
live online training icon Live Online training

Mastering SELinux

Sander van Vugt

SELinux, otherwise known as Security-Enhanced Linux, is one of the most difficult Linux concepts to understand and use, yet it is key to providing access control and is also an important topic in the Red Hat RHCSA, CompTIA Linux+ and Linux Foundation LFCS exams. The Linux operating system was never designed with overall security in mind, and that’s exactly where SELinux comes in. Using SELinux adds 21st century security to the Linux operating system. This training session will fully explore SELinux so you can fully utilize its capabilities and understand the concepts for whichever certification exam you are taking. Although SELinux is not easy to understand there’s no need to struggle with it. This course is essential to everyone who wants to a Linux certification exam such as RHCSA or RHCE.

What you'll learn-and how you can apply it

  • Understanding SELinux
  • Monitoring SELinux behavior
  • Managing SELinux Context Labels
  • Managing SELinux Booleans
  • Troubleshooting SELinux
  • Creating SELinux Policy Modules
  • Making Any Application work with SELinux

This training course is for you because...

This session is for Linux developers, administrators and security officers that want to increase the level of security offered by their Linux servers.

Prerequisites

Basic Linux Skills

Materials, downloads, or Supplemental Content needed in advance

The course participant needs to install and configure a lab environment. This can be a Linux virtual machine that runs in virtualization software on the participants own computer, using software like VMware Workstation or Oracle VirtualBox, or on a dedicated computer. Instructions on how to set up a lab environment can be found on Safari at: https://sunburn.in/?page=library/view/red-hat-certified/9780134723990/RHCA_00_Intro_III-01.html.

Participants need to download the ova3.zip file.

Instructions on how to set up a lab environment (video).

Resources

If an attendee has no experience with Linux, we recommend studying: "Beginning Linux System Administration".

About your instructor

  • Sander van Vugt started working with Linux in 1992. He wrote his first book about Linux in 1999, and up to date has completed 62 different books on Linux related topics, including the best selling RHCSA/RHCE 7 Cert Guide. Sander is the author of over 20 Linux related video courses. He also works as a Linux instructor, teaching on-site and on-line classes for customers around the world.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Segment 1: Understanding SELinux (40 min)

  • Students will learn why SELinux is an essential part of Linux security, and how it is organized

Segment 2: Monitoring SELinux Behavior (20 min)

  • Students will learn how to analyze what SELinux is doing to protect their systems

Break

Segment 3: Managing SELinux Context labels (60 min)

  • Students will learn how to manage SELinux context label in different lab-demos to ensure that no matter what needs to be secured the student will be able to secure it using SELinux context labels

Break

Segment 4: Managing SELinux Booleans (20 min)

  • Students will learn how to use booleans to protect services. Students will also learn how to analyze exactly what a boolean is doing.

Segment 5: Troubleshooting SELinux (40 min)

  • Students will learn how to troubleshoot SELinux based on different case scenarios

Break

Segment 6: Creating SELinux Policy Modules (40 min)

  • Students will learn what they can do to create their own SELinux Policy Modules to ensure that any application will work in an environment where SELinux is enabled

Break

Segment 7: Making Any Application work with SELinux (40 min)

  • Students will learn what they can do when an application doesn't work well in an environment where SELinux is enabled.