Hi everyone, I've been working on bringing the SELinux handbook as currently available on http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml more up2date. It's somewhat of a rewrite, but with all elements of the original SELinux handbook still inside it (apart from the troubleshooting as I guess those are quite outdated, being from 2006 and older).
The draft is currently available in the hardened-docs.git repository. In http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=tree;f=html/selinux;hb=HEAD you should be able to select individual chapters (HTML format) in the "raw" tree to view them somewhat like they would on the Gentoo site, but for your convenience there's also a PDF available at http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=tree;f=pdf;hb=HEAD The new draft is structed in three parts: Part A - Introduction to Gentoo/Hardened SELinux Chapter 1. Enhancing Linux Security Chapter 2. SELinux Concepts Chapter 3. The SELinux (Reference) Policy Part B - Using Gentoo/Hardened SELinux Chapter 1. Gentoo SELinux Installation / Conversion Chapter 2. SELinux Commands Chapter 3. Running in Permissive Mode Chapter 4. Switching to Enforcing Mode Chapter 5. Adding SELinux Policy Modules Part C - Appendices Chapter 1. Troubleshooting SELinux Chapter 2. SELinux Reference Material If time permits, part A will have a fourth chapter on virtualization and SELinux, but I gather that's more for the next update on the documentation. The document is currently written with the ebuilds in hardened-development overlay in mind, so everyone interested in giving Gentoo Hardened with SELinux a try can use the draft documentation with the "hardened-development" overlay. For the time being the document only supports the type enforcement features of SELinux. MLS/MCS has not been touched yet. Feedback is always welcome, including language mistakes, typos or just plain lies. Wkr, Sven Vermeulen
pgpkLHTDcvYaK.pgp
Description: PGP signature
