Red Hat Enterprise Linux 4

Red Hat SELinux Guide

Table of Contents
Introduction to the Red Hat SELinux Guide
1. What Is SELinux?
2. Prerequisites for This Guide
3. Conventions for SELinux Directories and Files
4. Document Conventions
5. Code Presentation Conventions
6. Activate Your Subscription
6.1. Provide a Red Hat Login
6.2. Provide Your Subscription Number
6.3. Connect Your System
7. More to Come
7.1. Send in Your Feedback
I. Understanding SELinux
1. SELinux Architectural Overview
1.1. Flask Security Architecture and SELinux
1.2. SELinux, an Implementation of Flask
2. SELinux Policy Overview
2.1. What Is Policy?
2.2. Where is the Policy?
2.3. Policy Role in Boot
2.4. File System Security Contexts
2.5. Object Classes and Permissions
2.6. TE Rules - Attributes
2.7. TE Rules - Types
2.8. TE Rules - Access Vectors
2.9. Policy Macros
2.10. SELinux Users and Roles
2.11. TE Rules - Constraints
2.12. Special Interfaces and File Systems
3. Targeted Policy Overview
3.1. What is the Targeted Policy?
3.2. Files and Directories of the Targeted Policy
3.3. Understanding the File Contexts Files
3.4. Common Macros in the Targeted Policy
3.5. Understanding the Roles and Users in the Targeted Policy
4. Example Policy Reference - dhcpd
4.1. Policy File Locations
4.2. Policy Types - dhcpd
4.3. Boolean Values for dhcpd
II. Working With SELinux
5. Controlling and Maintaining SELinux
5.1. End User Control of SELinux
5.2. Administrator Control of SELinux
5.3. Analyst Control of SELinux
5.4. Policy Writer Control of SELinux
6. Tools for Manipulating and Analyzing SELinux
6.1. Information Gathering Tools
6.2. Using seaudit for Audit Log Analysis
6.3. Using apol for Policy Analysis
6.4. Performance Tuning
7. Compiling SELinux Policy
7.1. Policy Compile Procedure
7.2. What Happens During Policy Build
8. Customizing and Writing Policy
8.1. General Policy Troubleshooting Guidelines
8.2. Minor Customizations of the Existing Policy
8.3. Writing New Policy for a Daemon
8.4. Deploying Customized Binary Policy
9. References
III. Appendix
A. Brief Background and History of SELinux