SELinux Administration Course
SELinux is a core component of any Linux distribution, be it RHEL, CentOS or Oracle Linux. Once you install linux of any of these flavors, you already have SELinux enabled. This course is aimed at providing you an understanding of SELinux MAC and administration of SELinux as per your production requirement.
Furthermore, before the start of this course you must of a good understanding and experience on Linux as an Administrator. For this course, tuning and configuring the security of a system requires administrative privileges on the system.
This course is for Linux System Administrators who have good experience in maintaining Linux systems. For those who want to understand and work with the SELinux Security. Moreover, this course can be very useful for Information Technology System architects to understand how SELinux can be positioned to enhance the security of Linux systems and Linux based services within their environment.
- Good knowledge of RHEL/CentOS or Oracle Linux.
- Linux Administration Skills
- Basic Knowledge of Programming will be an added advantage.
|Introduction and Getting Started with SELinux|
|SELinux 1 Introduction to SELinux||01:30:00|
|SELinux Introduction, What is SELinux and how it works?, Access Control Mechanisms, Labels, Contexts and Type Enforcement Basic Terminology, Users, Roles, Subjects, Objects, Domains and Types, SELinux Policy, Type Enforcement, SELinux Administration – Settings and Modes SELinux Configuration, SELinux Status, SELinux Features and Benefits, SELinux is not..|
|SELinux 2 Getting Started with SELinux||01:30:00|
|Boot Options for SELinux,Enabling user home directories, SELinux Settings for User Home Directories, Targeted Policy Protected Services, Default list of SELinux Protected Services,File Context for Special Directory Trees, Setting Persistent SELinux Contexts on Directory Trees, Example: ftp server with non default directory|
|SELinux 3 SELinux Booleans||00:45:00|
|SELinux Booleans, Why a Service doesn't work?, Boolean Values, Service Categories of SELinux Booleans, Booleans with SELinux Management Tool, CLI V/s GUI Filter,Boolean Settings do not stand alone, SELinux directives for HTTP Services, Name Service, MariaDB, NFS, Samba and SSH|
|SELinux 4 Troubleshooting SELinux||00:45:00|
|Understand and Identify the Problem - SELinux Audits, Using ausearch and sealert, Using audit2allow Utility, SELinux Troubleshoot Browser, The setroubleshootd, Installation, configuration and working, Sending e-mails, Testing setroubleshoot functionality, Binding sshd on a non standard port, SELinux Logging - Interacting with systemd-journal, Policy Rules V/s other Options.|
|SELinux Lab 1 Exploring CGI scripts||1, 00:00|
|SELinux 5 SELinux Policies||00:00:00|
|SELinux Policy, Policy Organization, Confined and Unconfined Domain, SELinux Policy Behavior, Configuring a Policy with semanage, SELinux Port Labeling, Managing Ports with Semanage Using Semanage Permissive, Limiting flows based on the network interface, Generating Policy files for Deployment, Handling device files, Setting a SELinux label on a device node|
|SELinux Lab 2 Understanding SELinux policies||1, 00:00|
|SELinux 6 Working with SELinux Policies||01:00:00|
|SELinux Policy Language, Source Policy Modules in a Monolithic Policy, Loadable Policy Modules, Building and Installing Monolithic Policies, Build and load process for SELinux policy, The make Targets, Generating Policy files for Deployment, Supported user templates with sepolgen, Handling device files, Using udev Rules, Setting a SELinux label on a device node|
|SELinux Lab 3 Modifying an existing policy||1, 00:00|
|SELinux 7 Building and Loading SELinux Policies||01:00:00|
|Downloading and Installing the source and preparing the build area, Build the base policy package, Compiling the Monolithic Policy, Loading the Monolithic Policy, Compiling Policy Modules, Loading Policy Modules, Policy Type-Enforcement Module Syntax, Policy Type-Enforcement Module Example|
|SELinux Lab 4 Compiling and Building Base Policy from Source.||1, 00:00|
|SELinux Lab 5 Using Fixfiles and Setting Mount Contexts for SELinux||1, 00:00|
|Policies, Object Classes and Utilities|
|SELinux 8 Working with semodule and Object Classes||01:00:00|
|High Level SELinux Architecture, semodule, Object Classes and Permissions, Defining common Permissions, Examples|
|SELinux 9 Policy Utilities||01:30:00|
|seaudit, seaudit_report (now aureport), checkpolicy, sesearch, sestatus, audit2allow, audit2why, sealert, avcstat, seinfo and semanage|
|SELinux 10 User and Role Security||02:00:00|
|Role-based Access Control, Multi Category Security - MCS, Multi Category Security: translation and login, The chcat - change file security category, Defining a SecurityAdministrator: sudo, chcat and root|
|SELinux Lab 6. Role Bases Access Control||1, 00:00|
|Advanced SELinux Techniques|
|SELinux 11 MLS, Users, Roles, Domain Transition, Macros and Types||02:00:00|
|Multi-Level Security - MLS, The strict Policy, General Identification User Identification: system_u, users_u and root, Declaring Users, Role Identification - Role Dominance, Domain Transition, Polyinstantiation of Directories, Policy Macros, Types : Enforcement, Attributes, Aliases and Transitions for Objects, restorecond, Customizable Types|
|SELinux Lab 7 Creating a new type||1, 00:00|
|SELinux 12 Contexts, Policies, Access Vector, Logs and Booleans||02:00:00|
|File Contexts, Manipulating Policies, Access Vector, SELinux logs, Security Identifiers-SIDs, Statements: fs_use_* and genfscon, Booleans: Creating and using new booleans, Enableaudit|
|SELinux Lab 8 Creating Policy Module||1, 00:00|
|SELinux Lab 9 Mount Options and Custom port for squid||1, 00:00|
|SELinux Lab 10 SELinux Users and Roles||1, 00:00|
No Reviews found for this course.