#SELinux
2 posts
RHEL Advanced #4: SELinux Advanced — Writing Policy and audit2allow
Going one level higher than the intermediate post: the structure of .te/.fc/.if policy files, the flow and limits of generating modules with audit2allow, the procedure to compile and install with checkmodule / semodule_package / semodule by hand, plus booleans and interfaces — all in one cycle. The goal is to follow an AVC denial all the way through to a permanent policy module.
RHEL Intermediate #1: Intro to SELinux — Enforcing/Permissive, Labels, Troubleshooting
A beginner-friendly introduction to SELinux, RHEL's last security layer. Covers the three modes Enforcing/Permissive/Disabled, the shape of labels (context) attached to every file and process, viewing them with ls -Z / ps -Z, fixing labels with chcon/restorecon, making permanent changes via semanage fcontext, toggling booleans, and troubleshooting AVC denials with audit2allow and sealert.