{"id":27399,"date":"2017-03-08T12:18:47","date_gmt":"2017-03-08T10:18:47","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=27399"},"modified":"2017-03-08T12:19:42","modified_gmt":"2017-03-08T10:19:42","slug":"selinux-concepts-but-for-humans","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2017\/03\/08\/selinux-concepts-but-for-humans\/","title":{"rendered":"SELinux Concepts &#8211; but for humans"},"content":{"rendered":"<!-- google_ad_section_start -->\n<p><a href=\"https:\/\/github.com\/SELinuxProject\/selinux\">SELinux<\/a> has been an annoyance for me since the early days of Fedora and Red Hat bringing it into the distribution and enabling by default (see <a href=\"https:\/\/mamchenkov.net\/wordpress\/2004\/11\/11\/fedora-selinux-faq\/\">this blog post<\/a>, for example, from 2004 about Fedora 3).<\/p>\n<p>Over the years, I&#8217;ve tried to learn it, make it useful, and find benefits in using it, but somehow those were never enough and I keep falling back on the disabling it. \u00a0But on the other hand, my understanding of how SELinux works slowly is growing. \u00a0The video in <a href=\"https:\/\/mamchenkov.net\/wordpress\/2013\/04\/16\/2012-red-hat-summit-selinux-for-mere-mortals\/\">this blog post<\/a> helped a lot.<\/p>\n<p>And now I&#8217;m glad to add <a href=\"https:\/\/learntemail.sam.today\/blog\/selinux-concepts-but-for-humans\/\">another useful resource<\/a> to the &#8220;SELinux for mere mortals&#8221; collection. \u00a0The blog mostly focuses on the terminology in the SELinux domain, and what means what. \u00a0It&#8217;s so simple and straight-forward, that it even uses examples of HTML and CSS &#8211; something I&#8217;ve never seen before. \u00a0 If you are making your way through the &#8220;how the heck do I make sense of SELinux&#8221; land, check it out. \u00a0I&#8217;m sure it&#8217;ll help.<\/p>\n<!-- google_ad_section_end -->\n","protected":false},"excerpt":{"rendered":"<!-- google_ad_section_start -->\n<p>SELinux has been an annoyance for me since the early days of Fedora and Red Hat bringing it into the distribution and enabling by default (see this blog post, for example, from 2004 about Fedora 3). Over the years, I&#8217;ve tried to learn it, make it useful, and find benefits in using it, but somehow &hellip; <a href=\"https:\/\/mamchenkov.net\/wordpress\/2017\/03\/08\/selinux-concepts-but-for-humans\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SELinux Concepts &#8211; but for humans<\/span><\/a><\/p>\n<!-- google_ad_section_end -->\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"SELinux Concepts - but for humans #SELinux #Linux #security #SysAdmin","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,6,133,62],"tags":[200,3501],"keyring_services":[],"class_list":["post-27399","post","type-post","status-publish","format-standard","hentry","category-general","category-linux","category-sysadmin","category-technology","tag-security","tag-selinux"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":8192,"url":"https:\/\/mamchenkov.net\/wordpress\/2004\/11\/11\/fedora-selinux-faq\/","url_meta":{"origin":27399,"position":0},"title":"Fedora SELinux FAQ","author":"Leonid Mamchenkov","date":"November 11, 2004","format":false,"excerpt":"If you have upgraded to Fedora Linux Core 3 recently (or planning to do so), there are probably a couple of questions you have about SELinux. If you have, then check out SELinux FAQ. Maybe it will help you. Maybe it will not. At least I tried. :)","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":18033,"url":"https:\/\/mamchenkov.net\/wordpress\/2013\/04\/16\/2012-red-hat-summit-selinux-for-mere-mortals\/","url_meta":{"origin":27399,"position":1},"title":"2012 Red Hat Summit: SELinux For Mere Mortals","author":"Leonid Mamchenkov","date":"April 16, 2013","format":"video","excerpt":"http:\/\/www.youtube.com\/watch?v=MxjenQ31b70 This, though not enough for me to stop disabling SELinux, is still eye-opening.","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/MxjenQ31b70\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9183,"url":"https:\/\/mamchenkov.net\/wordpress\/2005\/07\/02\/selinux-fixes\/","url_meta":{"origin":27399,"position":2},"title":"SELinux fixes","author":"Leonid Mamchenkov","date":"July 2, 2005","format":false,"excerpt":"If you are anything like me and don't want to disable SELinux upon installation of Fedora Linux, then I have a hint for you. List all files from selinux-policy-targeted and look at the output. You will the list of all files in the RPM package. Few of those files are\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8194,"url":"https:\/\/mamchenkov.net\/wordpress\/2004\/11\/11\/first-look-at-fedora-core-3\/","url_meta":{"origin":27399,"position":3},"title":"First look at Fedora Core 3","author":"Leonid Mamchenkov","date":"November 11, 2004","format":false,"excerpt":"I've upgraded my office workstation to Fedora Core 3 today. It is the most painless upgrade that I have had so far. The only problem I had was that backspace stopped working in Vim. It turned out that there is a difference between stty erase '^?' and stty erase ^?.\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8499,"url":"https:\/\/mamchenkov.net\/wordpress\/2005\/01\/18\/news-from-fedora-front\/","url_meta":{"origin":27399,"position":4},"title":"News from Fedora front","author":"Leonid Mamchenkov","date":"January 18, 2005","format":false,"excerpt":"The preliminary schedule for Fedora Linux Core 4 has been released. In short: test1 is scheduled for February 21 test2 is scheduled for March 21 test3 is scheduled for April 18 final release is scheduled for May 16 In terms of features we can expect GCC 4, Xen integration, more\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":42452,"url":"https:\/\/mamchenkov.net\/wordpress\/2019\/04\/10\/how-to-disable-ipv6-on-centos-rhel-7\/","url_meta":{"origin":27399,"position":5},"title":"How to disable IPv6 on CentOS \/ RHEL 7","author":"Leonid Mamchenkov","date":"April 10, 2019","format":false,"excerpt":"Sometimes I miss the good old days ... Recently, I had an issue with one of the servers, where a bunch of services were attaching to IPv6 ports instead of the IPv4 ones. Rather than editing the configuration of each of these services, I wanted to simply disabled IPv6 on\u2026","rel":"","context":"In &quot;All&quot;","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27399","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=27399"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/27399\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=27399"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=27399"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=27399"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=27399"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}