Rootconf 2014

On devops and cloud infrastructure

Enable SELinux protection for your Service

Submitted by REJY M CYRIAC (@rejy) on Mar 27, 2014

Section: Workshops Technical level: Intermediate Status: Rejected

Abstract

Provide knowledge to SysAdmins/DevOps , on how to develop new SELinux policy modules, and thereby protect additional services.
The session is also aimed to encourage SysAdmins/DevOps to contribute to building the SELinux policy for wider use and acceptance.

Outline

Most well known services are protected either by the SELinux base policy, or through default shipped policy modules. But many less know services, or custom services, may currently not fall under complete SELinux protection.

The objective of the session is to provide knowledge to SysAdmins/DevOps , on how to develop new SELinux policy modules, and thereby protect additional services. The session is also aimed to encourage SysAdmins/DevOps to contribute to building the SELinux policy for wider use and acceptance.

This session will consist of
Examine current SELinux policy rules Analyze SELinux logs Discuss SELinux policy module syntax Use SELinux policy macros * Tools to make SELinux policy module building easier

Requirements

Familiarity with using the Linux command line
Knowledge about SELinux basics
Pledge to never disable SELinux ;-)

Speaker bio

Working at Red Hat, Bangalore - Engineering - Quality Engineering
User and Evangelist of SELinux for over 8 years
Have trained and assisted SysAdmins/DevOps to use SELinux on servers
Passionate about Open Source

Red Hat Certified Architect
Red Hat Certified Data Center Specialist
Red Hat Certified Security Specialist

Links

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('You need to be a participant to comment.') }}

{{ formTitle }}
{{ gettext('Post a comment...') }}
{{ gettext('New comment') }}

{{ errorMsg }}