127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
Writing your own SELinux policies doesn’t have to be a terrifying prospect! This workshop will walk you through the process of creating a custom policy for a source-compiled application, using the advanced tooling present in Red Hat Enterprise Linux.
Where to find SELinux reference information
How to create a new policy framework
How to analyze AVC messages generated by SELinux
When to use and not use audit2allow
How to use system userspace tools to assist in troubleshooting SELinux
The SELinux policy workshop is meant for anyone who needs to create application policies for applications that lack them. Some previous experience with SELinux is expected, but you don’t have to be a master. Also, knowledge of RHEL and general Linux functionality is required. We are going to start with a short overview and then we’ll get into the lab as soon as possible. That is where we will spend most of our time.
Have a Discussion. This will be boring if it’s just us, up here talking for over 4 hours.
Participate. We are going to cut you loose with SELinux, in just a little while. Have questions. Have opinions.
Bring a laptop. It doesn’t matter what OS it runs, but you will need either the Firefox or Chrome web browser installed. If, for some reason, you don’t have a laptop, let your instructor know, or try to find someone to share with.
When we want you to type something in, we’ll use a frame like this:
When we want to show you the output from a command, we’ll use a different frame, like this one: