SELinux System Administration, 3rd Edition

Book Description

Enhance Linux security, application platforms, and virtualization solutions with SELinux to work within your boundaries, your rules, and your policies

Key Features

• Learn what SELinux is, and how it acts as a mandatory access control system on Linux
• Apply and tune SELinux enforcement to users, applications, platforms, and virtualization solutions
• Use real-life examples and custom policies to strengthen the security posture of your systems

Book Description

Linux is a dominant player in many organizations and in the cloud. Securing the Linux environment is extremely important for any organization, and Security-Enhanced Linux (SELinux) acts as an additional layer to Linux system security.

SELinux System Administration covers basic SELinux concepts and shows you how to enhance Linux system protection measures. You will get to grips with SELinux and understand how it is integrated. As you progress, you’ll get hands-on experience of tuning and configuring SELinux and integrating it into day-to-day administration tasks such as user management, network management, and application maintenance. Platforms such as Kubernetes, system services like systemd, and virtualization solutions like libvirt and Xen, all of which offer SELinux-specific controls, will be explained effectively so that you understand how to apply and configure SELinux within these applications. If applications do not exert the expected behavior, you’ll learn how to fine-tune policies to securely host these applications. In case no policies exist, the book will guide you through developing custom policies on your own.

By the end of this Linux book, you’ll be able to harden any Linux system using SELinux to suit your needs and fine-tune existing policies and develop custom ones to protect any app and service running on your Linux systems.

What you will learn

• Understand what SELinux is and how it is integrated into Linux
• Tune Linux security using policies and their configurable settings
• Manage Linux users with least-privilege roles and access controls
• Use SELinux controls in system services and virtualization solutions
• Analyze SELinux behavior through log events and policy analysis tools
• Protect systems against unexpected and malicious behavior
• Enhance existing policies or develop custom ones

Who this book is for

This Linux sysadmin book is for Linux administrators who want to control the secure state of their systems using SELinux, and for security professionals who have experience in maintaining a Linux system and want to know about SELinux. Experience in maintaining Linux systems, covering user management, software installation and maintenance, Linux security controls, and network configuration is required to get the most out of this book.

Table of Contents

1. Fundamental SELinux Concepts
2. Understanding SELinux Decisions and Logging
3. Managing User Logins
4. Using File Contexts and Process Domains
5. Controlling Network Communications
6. Configuring SELinux through Infrastructure-as-Code Orchestration
7. Configuring Application-Specific SELinux Controls
8. SEPostgreSQL – Extending PostgreSQL with SELinux
9. Secure Virtualization
10. Using Xen Security Modules with FLASK
11. Enhancing the Security of Containerized Workloads
12. Tuning SELinux Policies
13. Analyzing Policy Behavior
14. Dealing with New Applications
15. Using the Reference Policy
16. Developing Policies with SELinux CIL

中文：

书名：SELinux系统管理，第三版

使用SELinux增强Linux安全性、应用程序平台和虚拟化解决方案，以在您的边界、规则和策略范围内工作

Key Features

• 了解SELinux是什么，以及它如何作为Linux上的强制访问控制系统
• 针对用户、应用程序、平台和虚拟化解决方案应用和调整SELinux实施
• 使用现实生活中的示例和自定义策略来加强系统的安全状态

Book Description

Linux在许多组织和云计算中占据主导地位。保护Linux环境对任何组织来说都是极其重要的，而安全增强型Linux(SELinux)则是Linux系统安全的一个附加层。

SELinux系统管理介绍了SELinux的基本概念，并向您展示了如何增强Linux系统保护措施。您将掌握SELinux并了解它是如何集成的。在您的学习过程中，您将获得调整和配置SELinux并将其集成到日常管理任务(如用户管理、网络管理和应用程序维护)中的实践经验。将有效地解释Kubernetes等平台、system d等系统服务以及libvirt和Xen等虚拟化解决方案，所有这些平台都提供特定于SELinux的控制，以便您了解如何在这些应用程序中应用和配置SELinux。如果应用程序没有发挥预期的行为，您将学习如何微调策略以安全地托管这些应用程序。如果不存在策略，本书将指导您自行开发自定义策略。

到本书结束时，您将能够使用SELinux加强任何Linux系统以满足您的需求，并微调现有策略并开发自定义策略来保护您的Linux系统上运行的任何应用程序和服务。

你将学到什么

• 了解什么是SELinux以及如何将其集成到Linux中
• 使用策略及其可配置设置调整Linux安全性
• 管理具有最低权限角色和访问控制的Linux用户
• 在系统服务和虚拟化解决方案中使用SELinux控件
• 通过日志事件和策略分析工具分析SELinux行为
• 保护系统免受意外和恶意行为的影响
• 增强现有策略或制定定制策略

这本书是为谁而写的

这本Linux sysadmin书面向希望使用SELinux控制其系统的安全状态的Linux管理员，以及具有维护Linux系统经验并想了解SELinux的安全专业人员。需要维护Linux系统的经验，包括用户管理、软件安装和维护、Linux安全控制和网络配置，才能最大限度地了解本书。

目录表

1. Fundamental SELinux Concepts
2. 了解SELinux决策和日志记录
3. 管理用户登录
4. 使用文件上下文和进程域
5. Controlling Network Communications
6. 通过基础架构即代码编排配置SELinux
7. Configuring Application-Specific SELinux Controls
8. SEPostgreSQL – Extending PostgreSQL with SELinux
9. 安全的虚拟化
10. 将Xen安全模块与烧瓶配合使用
11. Enhancing the Security of Containerized Workloads
12. Tuning SELinux Policies
13. Analyzing Policy Behavior
14. Dealing with New Applications
15. Using the Reference Policy
16. 使用SELinux CIL开发策略