sam.hadow/website-hadow.fr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Sam Hadow
2025-12-17 15:28:07 +01:00
parent 15924c988b
commit 7170ade8e2
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
_posts/2025-12-17-why-you-should-use-SELinux-and-how.md
View File

@@ -3,6 +3,8 @@ layout: post
author: Sam Hadow author: Sam Hadow
--- ---
In this blog post I'll explain why you should use SELinux (or at least an implementation of Mandatory Access Control) and how you can use SELinux, administer it, install it on an existing system.
# SELinux origin # SELinux origin
## History ## History
@@ -56,13 +58,14 @@ unconfined_u:object_r:config_home_t:s0
``` ```
What each field means What each field means
| Field | Meaning | | Field | Meaning |
| :- | :- | | :- | :- |
| **user** | SELinux user (different from UNIX users) | **user** | SELinux user (different from UNIX users)
| **role** | Mainly used with MLS policies | **role** | Mainly used with MLS policies
| **type** | The most important element as it's used by the **type enforcement** | **type** | The most important element as it's used by the **type enforcement**
| **level** | MLS/MCS levels, for example `s0:c1,c2` | **level** | MLS/MCS levels, for example `s0:c1,c2`
|
In the targeted policy (which we'll see later in the policies section), only the type really matters. In the targeted policy (which we'll see later in the policies section), only the type really matters.
@@ -119,7 +122,7 @@ To inspect the active policy, several tools exist. You might need to install the
| **semanage** | SELinux user (different from UNIX users) | **semanage** | SELinux user (different from UNIX users)
| **sesearch** | Searching a specific rules in the policy | **sesearch** | Searching a specific rules in the policy
| **seinfo** | Getting statistics on the policy | **seinfo** | Getting statistics on the policy
|
For example: For example: