Develop complex policies for securing Linux-based devices using SELinux.
The SELinux Essentials course gives engineers the skills they need to develop complex policies for securing Linux-based devices using SELinux. Although Wind River® Linux is used as the reference distribution in the lab environment, the tools and techniques covered are not specific to Wind River Linux.
After this course, participants will be able to perform the following:
- Describe SELinux concepts and terminology
- Use command-line tools to manage SELinux configuration
- Create and manage SELinux policies
- Troubleshoot SELinux policies
- Wind River Linux 6
- The following targets are available: QEMU simulated target (Intel® x86-64)
Who Should Attend
- Developers who want to learn more about securing Linux-based devices
- Customers who have recently purchased or are considering purchasing Wind River Linux
- This two-day expert-led course consists of lectures and lab sessions.
- Attendees use a Wind River Linux 6 target to gain experience with the topics presented.
- Participants examine and exercise simulated network topologies in hands-on labs.
- Participants receive individual guidance from an expert engineer who has extensive experience with Linux technologies.
- SELinux background information
- SELinux in the Wind River Linux product line
- DAC, MAC, RBAC
- MAC implementations
- Linux security: DAC, MAC, LSM
- LAB: Getting started with SELinux
SELinux and MAC
- Type enforcement (TE) security model
- SELinux users and RBAC
- MLS and MCS security models
- LAB: Using SELinux commands
SELinux Security Context
- What’s a security context?
- Policy and access control
- Domain transitions
- LAB: Understanding security contexts
SELinux Security Policy
- The reference policy
- SELinux booleans
- Policy versions
- Wind River Linux policy
- LAB: Using boolean to customize security policies
SELinux Identity and Roles
- SELinux users and Linux users
- Default identities
- SELinux and PAM
- Role switching
- Granting sensitivity/category to users
- LAB: Managing SELinux users
- Configuration files
- Logging and the audit daemon
- Configuring the mode of SELinux
- LAB: Configuring an SELinux system
Creating and Managing SELinux Policy
- The policy development environment
- Policy configuration files
- SELinux policy language
- Compiling security modules
- Loading and testing security modules
- Creating policy sets
- Making changes persist across boots
- LAB: Creating SELinux modules
- Root cause analysis
- Silent denials
- Using permissive modes and domains
- LAB: Using audit tools for troubleshooting
- Basic understanding of operating systems
- Familiarity with the Linux operating system
- One year of experience working with and/or administering a Linux/UNIX system
Interested in our e-Learning? Subscribe with the button below!Subscribe Now
Live Training events coming soon!
Interested in private training?
Get expert training when and how you want it
Wind River Web Seminars
View free, interactive web seminars on the latest embedded software trends and technologies from Wind River®
Access the support network that provides a wide variety of useful information