-
Products
JBoss Enterprise Middleware
Red Hat JBoss Fuse Developer Studio Portfolio Edition Web Framework Kit Application Platform Web Server Data Grid Portal Platform Red Hat JBoss A-MQ SOA Platform Business Rules Management System (BRMS) Data Services Platform Messaging JBoss Operations Network JBoss Community or JBoss enterprise -
Solutions
Migration Center
Migrate to Red Hat Enterprise Linux Migration Center Systems management Upgrading to Red Hat Enterprise Linux JBoss Enterprise Middleware IBM AIX to Red Hat Enterprise Linux HP-UX to Red Hat Enterprise Linux Solaris to Red Hat Enterprise Linux UNIX to Red Hat Enterprise Linux Start a conversation with Red Hat Migration services -
Training
Courses and training paths
Popular and new courses JBoss Middleware Administration curriculum Core System Administration curriculum JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing and Virtualization curriculum Cloud Computing, Virtualization, and Storage curriculum
Red Hat Enterprise SELinux Policy Administration (RHS429) outline
Skills required for SELinux policy writing
Introduction to SELinux
- Discretionary access control vs. mandatory access control
- SELinux history and architecture overview
- Elements of the SELinux security model: user identity and role; domain and type; sensitivity and categories; security context
- SELinux policy and Red Hat's targeted policy
- Configuring policy with Booleans
- Archiving
- Setting and displaying extended attributes
Using SELinux
- Controlling SELinux
- File contexts
- Relabeling files and file systems
- Mount options
The Red Hat targeted policy
- Identifying and toggling protected services
- Apache security contexts and configuration Booleans
- Name service contexts and configuration Booleans
- NIS client contexts
- Other services
- File context for special directory trees
- Troubleshooting and avc denial messages
- SE troubleshooting and logging
Introduction to policies
- Policy overview and organization
- Compiling and loading the monolithic policy and policy modules
- Policy type enforcement module syntax
- Object classes
- Domain transition
Policy utilities
- Tools available for manipulating and analyzing policies: apol, seaudit and seaudit_report, checkpolicy, sepcut, sesearch, sestatus, audit2allow and audit2why, sealert, avcstat, seinfo, semanage and semodule, man pages
User and role security
- Role-based access control
- Multicategory security
- Defining a security administrator
- Multilevel security
- The strict policy
- User identification and declaration
- Role identification and declaration
- Roles in use in transitions
- Role dominance
Anatomy of a policy
- Policy macros
- Type attributes and aliases
- Type transitions
- When and how files get labeled
- restorecond
- Customizable types
Manipulating policies
- Installing and compiling policies
- The policy language
- Access vector
- SELinux logs
- Security Identifiers - SIDs
- File-system labeling behavior
- Context on network objects
- Creating and using new Booleans
- Manipulating policy by example
- Macros
- Enableaudit
Project
- Best practices
- Creating file contexts, types, and typealiases
- Editing and creating network contexts
- Editing and creating domains
Note: Course outline is subject to change with technology advances and as the nature of the underlying job evolves. For questions or confirmation on a specific objective or topic, please contact a training specialist via the web or at 1-866-626-2994.
