SELinux


Book Description

Offers a readable, practical introduction and step-by-step procedural manual for the installation, configuration, and use of SELinux, a kernel module and set of Linux programs developed by the National Security Agency to help protect computers running on Linux. Original. (All users).




SELinux by Example


Book Description

SELinux: Bring World-Class Security to Any Linux Environment! SELinux offers Linux/UNIX integrators, administrators, and developers a state-of-the-art platform for building and maintaining highly secure solutions. Now that SELinux is included in the Linux 2.6 kernel—and delivered by default in Fedora Core, Red Hat Enterprise Linux, and other major distributions—it’s easier than ever to take advantage of its benefits. SELinux by Example is the first complete, hands-on guide to using SELinux in production environments. Authored by three leading SELinux researchers and developers, it illuminates every facet of working with SELinux, from its architecture and security object model to its policy language. The book thoroughly explains SELinux sample policies— including the powerful new Reference Policy—showing how to quickly adapt them to your unique environment. It also contains a comprehensive SELinux policy language reference and covers exciting new features in Fedora Core 5 and the upcoming Red Hat Enterprise Linux version 5. • Thoroughly understand SELinux’s access control and security mechanisms • Use SELinux to construct secure systems from the ground up • Gain fine-grained control over kernel resources • Write policy statements for type enforcement, roles, users, and constraints • Use optional multilevel security to enforce information classification and manage users with diverse clearances • Create conditional policies that can be changed on-the-fly • Define, manage, and maintain SELinux security policies • Develop and write new SELinux security policy modules • Leverage emerging SELinux technologies to gain even greater flexibility • Effectively administer any SELinux system




SELinux System Administration


Book Description

Ward off traditional security permissions and effectively secure your Linux systems with SELinux About This Book Leverage SELinux to improve the secure state of your Linux system A clear approach to adopting SELinux within your organization Essential skills and techniques to help further your system administration career Who This Book Is For This book is for Linux administrators who want to control the secure state of their systems. It's packed with the latest information on SELinux operations and administrative procedures so you'll be able to further harden your system through mandatory access control (MAC) – a security strategy that has been shaping Linux security for years. What You Will Learn Analyze SELinux events and selectively enable or disable SELinux enforcement Manage Linux users and associate them with the right role and permission set Secure network communications through SELinux access controls Tune the full service flexibility by dynamically assigning resource labels Handle SELinux access patterns enforced through the system Query the SELinux policy in depth In Detail Do you have the crucial job of protecting your private and company systems from malicious attacks and undefined application behavior? Are you looking to secure your Linux systems with improved access controls? Look no further, intrepid administrator! This book will show you how to enhance your system's secure state across Linux distributions, helping you keep application vulnerabilities at bay. This book covers the core SELinux concepts and shows you how to leverage SELinux to improve the protection measures of a Linux system. You will learn the SELinux fundamentals and all of SELinux's configuration handles including conditional policies, constraints, policy types, and audit capabilities. These topics are paired with genuine examples of situations and issues you may come across as an administrator. In addition, you will learn how to further harden the virtualization offering of both libvirt (sVirt) and Docker through SELinux. By the end of the book you will know how SELinux works and how you can tune it to meet your needs. Style and approach This book offers a complete overview of SELinux administration and how it integrates with other components on a Linux system. It covers the majority of SELinux features with a mix of real life scenarios, descriptions, and examples. This book contains everything an administrator needs to customize SELinux.




SELinux Cookbook


Book Description

If you are a Linux system administrator or a Linux-based service administrator and want to fine-tune SELinux to implement a supported, mature, and proven access control system, then this book is for you. Basic experience with SELinux enabled distributions is expected.




SELinux System Administration - Second Edition


Book Description

Ward off traditional security permissions and effectively secure your Linux systems with SELinuxAbout This Book* Leverage SELinux to improve the security of your Linux system* An easy-to-follow approach and instructions to help you adopt SELinux within your organization* Acquire key skills and techniques in your system administration careerWho This Book Is ForThis book is for both beginners as well as seasoned Linux administrators who want to control the secure state of their systems. Packed with the latest information on SELinux operations and administrative procedures, you will enjoy hardening your system further through the Mandatory Access Control system that has been shaping Linux' security for years.What You Will Learn* Analyse SELinux events and selectively enable or disable SELinux enforcement* Manage Linux users and associate them with the right role and permission set* Secure network communications through SELinux' access controls* Tune the full service flexibility by dynamically assigning resource labels* Handle SELinux' access patterns enforced through the system* Query the SELinux policy in depthIn DetailDo you have the daunting job of protecting your and your company's systems from malicious attacks and undefined application behaviour? Or are you looking to secure your Linux systems with improved access control? Well, look no further! This book gives you all the preliminary know-hows about enhancing your system's security across Linux distributions, helping you keep application vulnerabilities at bay.In this book, we describe the SELinux concepts and show you how to leverage SELinux to improve the secure state of a Linux system. You will learn not only about the fundamental SELinux concepts, but also about all of SELinux's configuration handles including conditional policies, constraints, policy types, and audit capabilities, with genuine examples that you as administrators might come across. In addition, you will learn how to further harden the virtualization offering of both libvirt (sVirt) and Docker through SElinux.By the end of the book, you will know how SELinux works and how it can be tuned to your needs.




SELinux System Administration


Book Description

A step-by-step guide to learn how to set up security on Linux servers by taking SELinux policies into your own hands.Linux administrators will enjoy the various SELinux features that this book covers and the approach used to guide the admin into understanding how SELinux works. The book assumes that you have basic knowledge in Linux administration, especially Linux permission and user management.




CentOS Quick Start Guide


Book Description

A concise walk-through of CentOS 7, starting from installation to securing it’s environment. Key FeaturesNo previous Linux environment experience needed for reading this bookGet comfortable with a popular and stable Red Hat Enterprise Linux distributionMost of the command line based concepts are explained with graphicsBook Description Linux kernel development has been the worlds largest collaborative project to date. With this practical guide, you will learn Linux through one of its most popular and stable distributions. This book will introduce you to essential Linux skills using CentOS 7. It describes how a Linux system is organized, and will introduce you to key command-line concepts you can practice on your own. It will guide you in performing basic system administration tasks and day-to-day operations in a Linux environment. You will learn core system administration skills for managing a system running CentOS 7 or a similar operating system, such as RHEL 7, Scientific Linux, and Oracle Linux. You will be able to perform installation, establish network connectivity and user and process management, modify file permissions, manage text files using the command line, and implement basic security administration after covering this book. By the end of this book, you will have a solid understanding of working with Linux using the command line. What you will learnUnderstand file system hierarchy and essential command-line skillsUse Vi editor, I/O redirections and how to work with common text manipulating toolsCreate, delete, modify user accounts and manage passwords and their aging policyManage file ownership, permissions, and ACLExecute process management and monitoring on the command lineValidate and manage network configuration using nmcliManage remote logins using SSH and file transfer using SCP and RsyncUnderstand system logging, how to control system services with systemd and systemctl, and manage firewalIdWho this book is for Any individual who wants to learn how to use Linux as server or desktop in his environment. Whether you are a developer, budding system administrator, or tech lover with no previous Linux administration background, you will be able to start your journey in Linux using CentOS 7 with this book.




Enterprise Cloud Security and Governance


Book Description

Build a resilient cloud architecture to tackle data disasters with ease About This Book Gain a firm grasp of Cloud data security and governance, irrespective of your Cloud platform Practical examples to ensure you secure your Cloud environment efficiently A step-by-step guide that will teach you the unique techniques and methodologies of Cloud data governance Who This Book Is For If you are a cloud security professional who wants to ensure cloud security and data governance no matter the environment, then this book is for you. A basic understanding of working on any cloud platform would be beneficial. What You Will Learn Configure your firewall and Network ACL Protect your system against DDOS and application-level attacks Explore cryptography and data security for your cloud Get to grips with configuration management tools to automate your security tasks Perform vulnerability scanning with the help of the standard tools in the industry Learn about central log management In Detail Modern day businesses and enterprises are moving to the Cloud, to improve efficiency and speed, achieve flexibility and cost effectiveness, and for on-demand Cloud services. However, enterprise Cloud security remains a major concern because migrating to the public Cloud requires transferring some control over organizational assets to the Cloud provider. There are chances these assets can be mismanaged and therefore, as a Cloud security professional, you need to be armed with techniques to help businesses minimize the risks and misuse of business data. The book starts with the basics of Cloud security and offers an understanding of various policies, governance, and compliance challenges in Cloud. This helps you build a strong foundation before you dive deep into understanding what it takes to design a secured network infrastructure and a well-architected application using various security services in the Cloud environment. Automating security tasks, such as Server Hardening with Ansible, and other automation services, such as Monit, will monitor other security daemons and take the necessary action in case these security daemons are stopped maliciously. In short, this book has everything you need to secure your Cloud environment with. It is your ticket to obtain industry-adopted best practices for developing a secure, highly available, and fault-tolerant architecture for organizations. Style and approach This book follows a step-by-step, practical approach to secure your applications and data when they are located remotely.




Embedded Linux Development Using Yocto Project Cookbook


Book Description

Over 79 hands-on recipes for professional embedded Linux developers to optimize and boost their Yocto Project know-how Key Features Optimize your Yocto setup to speed up development and debug build issues Use what is quickly becoming the standard embedded Linux product builder framework—the Yocto Project Recipe-based implementation of best practices to optimize your Linux system Book Description The Yocto Project has become the de facto distribution build framework for reliable and robust embedded systems with a reduced time to market.You'll get started by working on a build system where you set up Yocto, create a build directory, and learn how to debug it. Then, you'll explore everything about the BSP layer, from creating a custom layer to debugging device tree issues. In addition to this, you’ll learn how to add a new software layer, packages, data, scripts, and configuration files to your system. You will then cover topics based on application development, such as using the Software Development Kit and how to use the Yocto project in various development environments. Toward the end, you will learn how to debug, trace, and profile a running system. This second edition has been updated to include new content based on the latest Yocto release. What you will learn Optimize your Yocto Project setup to speed up development and debug build issues Use Docker containers to build Yocto Project-based systems Take advantage of the user-friendly Toaster web interface to the Yocto Project build system Build and debug the Linux kernel and its device trees Customize your root filesystem with already-supported and new Yocto packages Optimize your production systems by reducing the size of both the Linux kernel and root filesystems Explore the mechanisms to increase the root filesystem security Understand the open source licensing requirements and how to comply with them when cohabiting with proprietary programs Create recipes, and build and run applications in C, C++, Python, Node.js, and Java Who this book is for If you are an embedded Linux developer with the basic knowledge of Yocto Project, this book is an ideal way to broaden your knowledge with recipes for embedded development.




Fedora Linux


Book Description

"Neither a "Starting Linux" book nor a dry reference manual, this book has a lot to offer to those coming to Fedora from other operating systems or distros." -- Behdad Esfahbod, Fedora developer This book will get you up to speed quickly on Fedora Linux, a securely-designed Linux distribution that includes a massive selection of free software packages. Fedora is hardened out-of-the-box, it's easy to install, and extensively customizable - and this book shows you how to make Fedora work for you. Fedora Linux: A Complete Guide to Red Hat's Community Distribution will take you deep into essential Fedora tasks and activities by presenting them in easy-to-learn modules. From installation and configuration through advanced topics such as administration, security, and virtualization, this book captures the important details of how Fedora Core works--without the fluff that bogs down other books and help/how-to web sites. Instead, you can learn from a concise task-based approach to using Fedora as both a desktop and server operating system. In this book, you'll learn how to: Install Fedora and perform basic administrative tasks Configure the KDE and GNOME desktops Get power management working on your notebook computer and hop on a wired or wireless network Find, install, and update any of the thousands of packages available for Fedora Perform backups, increase reliability with RAID, and manage your disks with logical volumes Set up a server with file sharing, DNS, DHCP, email, a Web server, and more Work with Fedora's security features including SELinux, PAM, and Access Control Lists (ACLs) Whether you are running the stable version of Fedora Core or bleeding-edge Rawhide releases, this book has something for every level of user. The modular, lab-based approach not only shows you how things work-but also explains why--and provides you with the answers you need to get up and running with Fedora Linux. Chris Tyler is a computer consultant and a professor of computer studies at Seneca College in Toronto, Canada where he teaches courses on Linux and X Window System Administration. He has worked on systems ranging from embedded data converters to Multics mainframes.