Enhance Linux security, application platforms, and virtualization solutions with SELinux 3 to work within your boundaries, your rules, and your policies
▶Book Description
Linux is a dominant player in many organizations and in the cloud. Securing the Linux environment is extremely important for any organization, and Security-Enhanced Linux (SELinux) acts as an additional layer to Linux system security.
SELinux System Administration covers basic SELinux concepts and shows you how to enhance Linux system protection measures. You will get to grips with SELinux and understand how it is integrated. As you progress, you'll get hands-on experience of tuning and configuring SELinux and integrating it into day-to-day administration tasks such as user management, network management, and application maintenance. Platforms such as Kubernetes, system services like systemd, and virtualization solutions like libvirt and Xen, all of which offer SELinux-specific controls, will be explained effectively so that you understand how to apply and configure SELinux within these applications. If applications do not exert the expected behavior, you'll learn how to fine-tune policies to securely host these applications. In case no policies exist, the book will guide you through developing custom policies on your own.
By the end of this Linux book, you'll be able to harden any Linux system using SELinux to suit your needs and fine-tune existing policies and develop custom ones to protect any app and service running on your Linux systems.
▶What You Will Learn
⦁Understand what SELinux is and how it is integrated into Linux
⦁Tune Linux security using policies and their configurable settings
⦁Manage Linux users with least-privilege roles and access controls
⦁Use SELinux controls in system services and virtualization solutions
⦁Analyze SELinux behavior through log events and policy analysis tools
⦁Protect systems against unexpected and malicious behavior
⦁Enhance existing policies or develop custom ones
▶Key Features
⦁Learn what SELinux is, and how it acts as a mandatory access control system on Linux
⦁Apply and tune SELinux enforcement to users, applications, platforms, and virtualization solutions
⦁Use real-life examples and custom policies to strengthen the security posture of your systems
▶Who This Book Is For
This Linux sysadmin book is for Linux administrators who want to control the secure state of their systems using SELinux, and for security professionals who have experience in maintaining a Linux system and want to know about SELinux. Experience in maintaining Linux systems, covering user management, software installation and maintenance, Linux security controls, and network configuration is required to get the most out of this book.
▶What this book covers
⦁ Chapter 1, Fundamental SELinux Concepts, provides fundamental insights into the SELinux technology and allows you to understand the differences between SELinux implementations.
⦁ Chapter 2, Understanding SELinux Decisions and Logging, teaches you how to analyze SELinux events, and how to configure system logging to facilitate SELinux troubleshooting.
⦁ Chapter 3, Managing User Logins, allows you to manage Linux users and associate them with the right SELinux context.
⦁ Chapter 4, Using File Contexts and Process Domains, explains how SELinux labels are exposed on the system, and how to change the SELinux context of files and resources.
⦁ Chapter 5, Controlling Network Communications, introduces SELinux access control protections on a network level, ranging from socket-based protection measures to packet filtering with SELinux.
⦁ Chapter 6, Configuring SELinux through Infrastructure-as-Code Orchestration, shows you how to configure SELinux settings across large-scale environments using automation and orchestration tooling.
⦁ Chapter 7, Configuring Application-Specific SELinux Controls, explains how SELinux is adopted by several applications to augment their security posture further.
⦁ Chapter 8, SEPostgreSQL – Extending PostgreSQL with SELinux, helps you learn how to enable SEPostgreSQL in a regular PostgreSQL deployment, and how to use the SELinux controls within the database engine.
⦁ Chapter 9, Secure Virtualization, uses libvirt and other virtualization technologies together with SELinux to further protect and isolate virtual guests from each other.
⦁ Chapter 10, Using Xen Security Modules with FLASK, teaches you how Xen uses an SELinux-like approach to isolate its guests using Xen Security Modules, and how administrators can tweak and tune isolation further.
⦁ Chapter 11, Enhancing the Security of Containerized Workloads, shows how container platforms such as Docker, podman, and Kubernetes use SELinux as a means to secure the host system from potentially untrusted containers and provide isolation between containers.
⦁ Chapter 12, Tuning SELinux Policies, expands on SELinux booleans and their effect on the system and shows how to deal with different SELinux policy modules.
⦁ Chapter 13, Analyzing Policy Behavior, explains how administrators and analysts can interpret the SELinux policy and use policy analysis tooling to learn what a policy will allow.
⦁ Chapter 14, Dealing with New Applications, informs you how to apply SELinux on new applications that are not yet supported by the current SELinux policies.
⦁ Chapter 15, Using the Reference Policy, explains how to use the reference policy to create and adjust SELinux policies.
⦁ Chapter 16, Developing Policies with SELinux CIL, introduces you to the Common Intermediate Language and how to apply it to develop custom policies.
