It has finally arrived: SELinux System Administration


Sven Vermeulen Fri 27 September 2013

Almost everyone has it - either physical or in their heads: a list of things you want to do or achieve before you... well, stop existing. Mine still has numerous things on it (I should get on it, I know) but one of the items on that list has recently been removed: write and have a book published. And the result is a book called SELinux System Administration.

Somewhere in the second quarter of this year, Packt Publishing contacted me to see if I am interested in authoring a book about SELinux, focusing on the usage of SELinux (you know - handling booleans, dealing with file contexts, etc.) in a short technical book (the aim was 100 pages). Considering that I'm almost always busy with documentation and editing (for instance, I joined Gentoo as documentation translator and editor beginning of 2003 if I remember correctly) and am busy keeping SELinux support within Gentoo on a good level, I of course said yes to the request.

Now, 100 pages is not a lot for a topic as complex and diverse as SELinux so was really challenging, but I do think I managed to get everything in it while keeping it practical. The book first starts with the fundamentals of SELinux - concepts you really need to grasp before diving into SELinux. Then, it goes on about switching SELinux state (disabling, permissive, granular permissive, etc.), logging, managing SELinux users and roles, handling process domains, etc. Just take a look at the table of contents and you'll see what I mean ;-)

Inside the book, examples are given based on Fedora (and thus also RedHat Enterprise Linux) and Gentoo Hardened while ensuring that there are few distribution specific sections in it, making it usable for Linux administrators of systems with a different Linux distribution installed to it. Take a look at the sample chapter and, if you like it, put it on your wish list and let everyone know ;-)