Preface

SELinux can be seen as a daunting beast to tame. For many, it is considered to be a complex security system on the already versatile environment that Linux can be. But as with most IT-related services, it is the unfamiliarity with the technology that is causing the notion of having a complicated system.

It is, however, nothing like that. SELinux is not all that difficult to understand. If it were, then Linux distributions such as Red Hat Enterprise Linux wouldn't enable it by default.

To support everyone in their daily operations with SELinux-enabled systems, this book came to life. It contains numerous chapters on the various aspects of SELinux handling and policy development in a recipe-based approach that allows every person to quickly dive into the details and challenges that making a system more secure brings forth.

What this will not present are administration-related commands and examples. For that, I have written another better-suited SELinux resource, SELinux System Administration, Packt Publishing, which covers the system administration tasks of SELinux-enabled systems, such as dealing with SELinux Booleans and file context changes as well as an introduction to the SELinux technology.

This book is also not a reference for the SELinux policy language in all its glory. Although the most common statements will be mentioned and used several times, it should be noted that the SELinux policy language and its internal architecture has a much wider scope. For a good language and component reference, The SELinux Notebook – The Foundations, Richard Haines, is recommended. This resource is available online at http://www.freetechbooks.com/the-selinux-notebook-the-foundations-t785.html.