SELinux System Administration
By Sven Vermeulen
Publisher: Packt Publishing
Final Release Date: September 2013
Pages: 120

In Detail

NSA Security-Enhanced Linux (SELinux) is a set of patches and added utilities to the Linux kernel to incorporate a strong, flexible, mandatory access control architecture into the major subsystems of the kernel. With its fine-grained yet flexible approach, it is no wonder Linux distributions are firing up SELinux as a default security measure.

SELinux System Administration covers the majority of SELinux features through a mix of real-life scenarios, descriptions, and examples. Everything an administrator needs to further tune SELinux to suit their needs are present in this book.

This book touches on various SELinux topics, guiding you through the configuration of SELinux contexts, definitions, and the assignment of SELinux roles, and finishes up with policy enhancements. All of SELinux's configuration handles, be they conditional policies, constraints, policy types, or audit capabilities, are covered in this book with genuine examples that administrators might come across.

By the end, SELinux System Administration will have taught you how to configure your Linux system to be more secure, powered by a formidable mandatory access control.


A step-by-step guide to learn how to set up security on Linux servers by taking SELinux policies into your own hands.

Who this book is for

Linux administrators will enjoy the various SELinux features that this book covers and the approach used to guide the admin into understanding how SELinux works. The book assumes that you have basic knowledge in Linux administration, especially Linux permission and user management.

Product Details
Recommended for You
Customer Reviews


by PowerReviews
oreillySELinux System Administration

(based on 1 review)

Ratings Distribution

  • 5 Stars



  • 4 Stars



  • 3 Stars



  • 2 Stars



  • 1 Stars



Reviewed by 1 customer

Displaying review 1

Back to top

(3 of 3 customers found this review helpful)


Straightens out SELinux!

By Some Network Nerd

from Stuttgart, Germany

About Me Sys Admin

Verified Buyer


  • Accurate
  • Easy to understand
  • Helpful examples
  • Well-written


  • Difficult to understand

Best Uses

  • Intermediate

Comments about oreilly SELinux System Administration:

This book does a good job of explaining how SE Linux works, the theory behind it, and provides a good organizational framework for an advanced Linux user. This book is not for novices, as the book assumes the reader has a good familiarity with the Linux DAC, file-system, and network operations. It fills in the gap between the hundreds of "New To SELinux" tutorials and the actual project documentation which can be at a very low, and detailed level. It provides a good shove in the right direction as far as how to troubleshoot and maintain a Linux system with the security module enabled. Discussion topics are how it fits in with Linux, how the module works, the labeling operations, using it for role based access control, logging, maintaining, troubleshooting, maintaining users within the SELinux framework, as well as managing files an network objects. The book also makes some good contrasts with some other MAC Linux Security Modules like AppArmor and makes some good arguments on why, when and how SELinux should be used. It touches on using the MLS features, and some of the things to expect the framework to provide in the future. However, when it moves into actually writing and interpreting policies it doesn't go very deep, and you will probably need to dig into the documentation from the project.

In order to understand this book more effectively, and made the information stick it is a must that you need to follow along with a SELinux enabled system (preferably a Redhat or Centos VM with a snapshotting capability).

Displaying review 1

Back to top

Buy 2 Get 1 Free Free Shipping Guarantee
Buying Options
Immediate Access - Go Digital what's this?
Ebook:  $19.99
Formats:  ePub, Mobi, PDF