SlideShare a Scribd company logo

How to use SELINUX (No I don't mean turn it off)

Chuck Reeves, profile picture
Chuck Reeves

The document provides an overview of using SELinux, highlighting its multi-level security features, context management, and the role of policies in access control. It discusses how each inode has a context that defines user, role, type, and level, and outlines mechanisms for troubleshooting and managing SELinux booleans. Key topics include setting contexts, checking access decisions, and resources for further information.

Technology
1 of 34
Downloaded 21 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
HOWTOUSE SELINUX CHUCK REEVES @MANCHUCK NO I DON'T MEAN TURN IT OFF
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF ABOUT ▸ Built using Kernel Modules ▸ More permissions than CRUD and Access ▸ Allows Multi-Level Security using BLP and Biba Models ▸ Permissions set on the inode instead of the file ▸ Mandatory Access Control (MAC)
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF WHAT YOU NEED TO KNOW ▸ Each iNode is given a single context ▸ Each context identifies a user, role, type and level ▸ SELINUX then allows (or denies) access using the context with a policy ▸ Decision is cached in the Access Vector Cache (AVC) ▸ Decisions is made after the DAC access is checked
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF WHAT YOU NEED TO KNOW ▸ SELINUX manages: ▸ Users ▸ Sockets ▸ Memory ▸ Directories ▸ TCP/UDP connections
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF PROCESS TYPES ▸ Confined ▸ Runs in own domain (role) ▸ Resources are limited to the roles and policy ▸ Un-Confined ▸ fallback to the DAC policies
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF CONTEXTS ▸ Policy checks context of inode for access ▸ "If a process is running with <context_foo> then anything with <context_foo_type> is allowed access" ▸ Four parts: user, role, type and level (optional)
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF CONTEXTS ▸ Set automatically based on the parent context (mostly) ▸ RPM ▸ Management tools (ansible, chef, puppet) ▸ When a File transitions (moving an uploaded file) ▸ By the sysadmin with chcon, restorecon
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF FINDING CONTEXT ls -alZ /home
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF FINDING CONTEXT ps -Z
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS ▸ On off settings for policies ▸ Allow HTTPD to make network connections ▸ Allow FTP to access home directories ▸ Overcomes issues with over labeling contexts
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON ▸ TARGETED ▸ PERMISSIVE ▸ DISABLED (You already know this one)
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON <edit> /etc/selinux/config
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON sudo yum install setroubleshoot setroubleshoot-server sudo service auditd restart
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON ls -alZ sudo touch /.autorelabel
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON ls -alZ
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: DATABASE tail -f /var/log/audit/audit.log
ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: DATABASE tail -f /var/log/messages
ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: DATABASE sealert -l <message id>
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS setsebool -P httpd_can_network_connect 1
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS semanage boolean -l | grep httpd_enable_ftp_server
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS getsebool -a getsebool <boolean>
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS semanage boolean -l | grep httpd_enable_ftp_server
ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: FILE UPLOAD ls -Z
ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: FILE UPLOAD sealert -l <message id>
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF SETTING CONTEXT chcon -R -t httpd_sys_content_t web/ ls -Z web
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF SETTING CONTEXT mkdir web/ touch web/file{1,2,3} ls -Z web
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF RESOURCES ▸ RedHat Documentation for SELINUX: https://access.redhat.com/ documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security- Enhanced_Linux/index.html ▸ Servers for Hackers, Batteling SELINUX: https://serversforhackers.com/video/ battling-selinux-cast ▸ SELinux For Mere Mortals: https://www.youtube.com/watch?v=MxjenQ31b70
THANKS CHUCK REEVES @MANCHUCK

More Related Content

PPT
Introduction To SELinux
Rene Cunningham
 
PPTX
Selinux
Mohitgupta8560
 
ODP
SELinux Basic Usage
Dmytro Minochkin
 
PDF
SELinux introduction
Michael Nazzareno Trimarchi
 
PDF
Understanding SELinux For the Win
bmbouter
 
PDF
Selinux
Ankit Raj
 
PDF
MR201406 A Re-introduction to SELinux
FFRI, Inc.
 
ODP
Introduction to Selinux
Atul Jha
 
Introduction To SELinux
Rene Cunningham
 
Selinux
Mohitgupta8560
 
SELinux Basic Usage
Dmytro Minochkin
 
SELinux introduction
Michael Nazzareno Trimarchi
 
Understanding SELinux For the Win
bmbouter
 
Selinux
Ankit Raj
 
MR201406 A Re-introduction to SELinux
FFRI, Inc.
 
Introduction to Selinux
Atul Jha
 

What's hot (20)

PDF
The SElinux Notebook :the foundations - Vol 1
Eliel Prado
 
PPTX
Security Enhanced Linux Overview
Emre Can Kucukoglu
 
ODP
chroot and SELinux
Shay Cohen
 
PDF
SELinux basics
Lubomir Rintel
 
ODP
SELinux for Everyday Users
PaulWay
 
PDF
How to not disable SELinux
Rémy Gottschalk
 
PDF
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
Shawn Wells
 
PDF
How Many Linux Security Layers Are Enough?
Michael Boelen
 
PDF
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Anne Nicolas
 
PPTX
Linux security introduction
Mohamed Gad
 
PPT
Linux Security
nayakslideshare
 
PPT
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti
 
PPT
Linux Operating System Vulnerabilities
Information Technology
 
PPT
Basic Linux Security
pankaj009
 
PPT
Security and Linux Security
Rizky Ariestiyansyah
 
ODP
Security, Hack1ng and Hardening on Linux - an Overview
Kaiwan Billimoria
 
ODP
Introduction To Linux Security
Michael Boman
 
PDF
2008 08-12 SELinux: A Key Component in Secure Infrastructures
Shawn Wells
 
ODP
Linux Network Security
Amr Ali
 
PPTX
Ssh (The Secure Shell)
Mehedi Farazi
 
The SElinux Notebook :the foundations - Vol 1
Eliel Prado
 
Security Enhanced Linux Overview
Emre Can Kucukoglu
 
chroot and SELinux
Shay Cohen
 
SELinux basics
Lubomir Rintel
 
SELinux for Everyday Users
PaulWay
 
How to not disable SELinux
Rémy Gottschalk
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
Shawn Wells
 
How Many Linux Security Layers Are Enough?
Michael Boelen
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Anne Nicolas
 
Linux security introduction
Mohamed Gad
 
Linux Security
nayakslideshare
 
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti
 
Linux Operating System Vulnerabilities
Information Technology
 
Basic Linux Security
pankaj009
 
Security and Linux Security
Rizky Ariestiyansyah
 
Security, Hack1ng and Hardening on Linux - an Overview
Kaiwan Billimoria
 
Introduction To Linux Security
Michael Boman
 
2008 08-12 SELinux: A Key Component in Secure Infrastructures
Shawn Wells
 
Linux Network Security
Amr Ali
 
Ssh (The Secure Shell)
Mehedi Farazi
 
Ad

Similar to How to use SELINUX (No I don't mean turn it off) (20)

PDF
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
 
PPTX
drupal ci cd concept cornel univercity.pptx
rukuntravel
 
PDF
Fosdem_Using_SELinux_with_container_runtimes.pdf
nicerussianpainter
 
PDF
Securing Cassandra for Compliance
DataStax
 
PDF
Hardening cassandra q2_2016
zznate
 
PPTX
Introduction to ansible
Dharmit Shah
 
PDF
[Devconf.cz][2017] Understanding OpenShift Security Context Constraints
Alessandro Arrichiello
 
PDF
Installation guide
laonap166
 
PDF
Avoid the Vendor Lock-in Trap (with App Deployment)
Peter Bittner
 
PDF
WordPress Security
Jennifer Riehle McFarland
 
PPT
Professional deployment
Ivelina Dimova
 
PDF
Big data Analytics hands-on sessions
Praveen Hanchinal
 
PDF
4 effective methods to disable se linux temporarily or permanently
chinkshady
 
PPT
ZenPack Development with Jane Curry
Zenoss
 
PDF
Red Hat Linux 5 Hardening Tips - National Security Agency
sanchetanparmar
 
ODP
Configuration Management and Salt
55020
 
PDF
Introduction to WP-CLI: Manage WordPress from the command line
Behzod Saidov
 
PDF
Real-World DevOps — 20 Practical Developers Tips for Tightening Your Operatio...
VictorSzoltysek
 
PPTX
Hadoop 2.4 installing on ubuntu 14.04
baabtra.com - No. 1 supplier of quality freshers
 
PDF
Lean Drupal Repositories with Composer and Drush
Pantheon
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
 
drupal ci cd concept cornel univercity.pptx
rukuntravel
 
Fosdem_Using_SELinux_with_container_runtimes.pdf
nicerussianpainter
 
Securing Cassandra for Compliance
DataStax
 
Hardening cassandra q2_2016
zznate
 
Introduction to ansible
Dharmit Shah
 
[Devconf.cz][2017] Understanding OpenShift Security Context Constraints
Alessandro Arrichiello
 
Installation guide
laonap166
 
Avoid the Vendor Lock-in Trap (with App Deployment)
Peter Bittner
 
WordPress Security
Jennifer Riehle McFarland
 
Professional deployment
Ivelina Dimova
 
Big data Analytics hands-on sessions
Praveen Hanchinal
 
4 effective methods to disable se linux temporarily or permanently
chinkshady
 
ZenPack Development with Jane Curry
Zenoss
 
Red Hat Linux 5 Hardening Tips - National Security Agency
sanchetanparmar
 
Configuration Management and Salt
55020
 
Introduction to WP-CLI: Manage WordPress from the command line
Behzod Saidov
 
Real-World DevOps — 20 Practical Developers Tips for Tightening Your Operatio...
VictorSzoltysek
 
Hadoop 2.4 installing on ubuntu 14.04
baabtra.com - No. 1 supplier of quality freshers
 
Lean Drupal Repositories with Composer and Drush
Pantheon
 
Ad

More from Chuck Reeves (9)

PDF
Stop multiplying by 4 Laracon
Chuck Reeves
 
PDF
Stop multiplying by 4 Lone Star PHP
Chuck Reeves
 
PDF
Single page Apps with Angular and Apigility
Chuck Reeves
 
PDF
Zend Framework Foundations
Chuck Reeves
 
PPTX
Stop multiplying by 4 nyphp
Chuck Reeves
 
PPTX
Stop multiplying by 4 PHP Tour 2014
Chuck Reeves
 
PPTX
Stop multiplying by 4: Practical Software Estimation
Chuck Reeves
 
PPTX
Software requirements and estimates
Chuck Reeves
 
PPTX
How x debug restored partial sanity to the insane
Chuck Reeves
 
Stop multiplying by 4 Laracon
Chuck Reeves
 
Stop multiplying by 4 Lone Star PHP
Chuck Reeves
 
Single page Apps with Angular and Apigility
Chuck Reeves
 
Zend Framework Foundations
Chuck Reeves
 
Stop multiplying by 4 nyphp
Chuck Reeves
 
Stop multiplying by 4 PHP Tour 2014
Chuck Reeves
 
Stop multiplying by 4: Practical Software Estimation
Chuck Reeves
 
Software requirements and estimates
Chuck Reeves
 
How x debug restored partial sanity to the insane
Chuck Reeves
 

Recently uploaded (20)

PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
KodekX | Application Modernization Development
KodekX
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 

How to use SELINUX (No I don't mean turn it off)

  • 2. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF ABOUT ▸ Built using Kernel Modules ▸ More permissions than CRUD and Access ▸ Allows Multi-Level Security using BLP and Biba Models ▸ Permissions set on the inode instead of the file ▸ Mandatory Access Control (MAC)
  • 3. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
  • 4. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF WHAT YOU NEED TO KNOW ▸ Each iNode is given a single context ▸ Each context identifies a user, role, type and level ▸ SELINUX then allows (or denies) access using the context with a policy ▸ Decision is cached in the Access Vector Cache (AVC) ▸ Decisions is made after the DAC access is checked
  • 5. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF WHAT YOU NEED TO KNOW ▸ SELINUX manages: ▸ Users ▸ Sockets ▸ Memory ▸ Directories ▸ TCP/UDP connections
  • 6. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF PROCESS TYPES ▸ Confined ▸ Runs in own domain (role) ▸ Resources are limited to the roles and policy ▸ Un-Confined ▸ fallback to the DAC policies
  • 7. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF CONTEXTS ▸ Policy checks context of inode for access ▸ "If a process is running with <context_foo> then anything with <context_foo_type> is allowed access" ▸ Four parts: user, role, type and level (optional)
  • 8. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF CONTEXTS ▸ Set automatically based on the parent context (mostly) ▸ RPM ▸ Management tools (ansible, chef, puppet) ▸ When a File transitions (moving an uploaded file) ▸ By the sysadmin with chcon, restorecon
  • 9. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF FINDING CONTEXT ls -alZ /home
  • 10. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF FINDING CONTEXT ps -Z
  • 11. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS ▸ On off settings for policies ▸ Allow HTTPD to make network connections ▸ Allow FTP to access home directories ▸ Overcomes issues with over labeling contexts
  • 12. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON ▸ TARGETED ▸ PERMISSIVE ▸ DISABLED (You already know this one)
  • 13. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON <edit> /etc/selinux/config
  • 14. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON sudo yum install setroubleshoot setroubleshoot-server sudo service auditd restart
  • 15. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON ls -alZ sudo touch /.autorelabel
  • 16. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF TURNING IT BACK ON ls -alZ
  • 17. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
  • 18. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
  • 19. ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: DATABASE tail -f /var/log/audit/audit.log
  • 20. ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: DATABASE tail -f /var/log/messages
  • 21. ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: DATABASE sealert -l <message id>
  • 22. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS setsebool -P httpd_can_network_connect 1
  • 23. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS semanage boolean -l | grep httpd_enable_ftp_server
  • 24. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS getsebool -a getsebool <boolean>
  • 25. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF BOOLEANS semanage boolean -l | grep httpd_enable_ftp_server
  • 27. ZendCon 2016 TEXT TROUBLESHOOTING EXAMPLE: FILE UPLOAD sealert -l <message id>
  • 28. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF SETTING CONTEXT chcon -R -t httpd_sys_content_t web/ ls -Z web
  • 29. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF SETTING CONTEXT mkdir web/ touch web/file{1,2,3} ls -Z web
  • 30. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
  • 31. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
  • 32. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF
  • 33. ZendCon 2016 HOW TO USE SELINUX - NO I DON'T MEAN TURN IT OFF RESOURCES ▸ RedHat Documentation for SELINUX: https://access.redhat.com/ documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security- Enhanced_Linux/index.html ▸ Servers for Hackers, Batteling SELINUX: https://serversforhackers.com/video/ battling-selinux-cast ▸ SELinux For Mere Mortals: https://www.youtube.com/watch?v=MxjenQ31b70