NOTE: CentOS Enterprise Linux is built from the Red Hat Enterprise Linux source code. Other than logo and name changes CentOS Enterprise Linux is compatible with the equivalent Red Hat version. This document applies equally to both Red Hat and CentOS Enterprise Linux.
The technical skills required for this guide are not very
extensive. The most important skill to have is an ability to learn
technical theories and put them into practice. It helps if you come
into this guide with an idea of what you want to do, such as
administrating a set of common services, making user content from
/home/ served via Apache HTTP,
manipulating policy to get a custom PHP Web application running, or
writing a policy from to enable a custom application to be
protected by SELinux. The following is helpful to have as you read
through this guide:
Strong working understanding of Linux, especially Red Hat
If you are going to be administrating services, manipulating or
analyzing policy, junior- to mid-level system administration skills
and experience is necessary, such as being a Red Hat Certified
Technician (RHCT) or Red Hat Certified Engineer (RHCE)..
To work with SELinux at that level, you must have the
An understanding of traditional Linux/UNIX security.
An understanding of how a Linux/UNIX system operates on a
lower-level, such as how the kernel has system calls for various
operations (open, close, read, write, ioctl, poll, etc.) An
understanding of programming and system theory is useful in writing
A familiarity with the m4 macro language, which is helpful in
understanding some parts of the SELinux policy.
Read many of the NSA papers, listed in Chapter 9 References.
Administrator privileges on the system you have Red Hat
Enterprise Linux installed on is necessary to perform many of the
operations in this guide. However, there is plenty of useful
information for end-users.
Somewhere you can examine and work with the policy sources. This
can be a test or development machine, or possibly a workstation.
Many of the examples and explanations in this book assume that you
have the system in front of you to explore while you read.
Some additional patience. SELinux is a different way of handling
access control than many administrators and users are familiar
Information about Red Hat training can be obtained via https://www.redhat.com/training/.