Book Image

Linux Utilities Cookbook

By : James Kent Lewis
Book Image

Linux Utilities Cookbook

By: James Kent Lewis

Overview of this book

<p>Linux is a stable, reliable and extremely powerful operating system. It has been around for many years, however, most people still don't know what it can do and the ways it is superior to other operating systems. Many people want to get started with Linux for greater control and security, but getting started can be time consuming and complicated. <br /><br />A practical, hands-on guide that provides you with a number of clear step-by-step examples to help you solve many of the questions that crop up when using an operating system you may not be familiar with.</p> <p>Presenting solutions to the most common Linux problems in a clear and concise way, this helpful guide starts with spicing up the terminal sessions by command retrieval and line editing, and shell prompt variables. We will then get to know the different desktops (GUIs) available for Linux systems and which is the best fit for you. We will then explore the world of managing files and directories, connectivity, and what to do when it goes wrong. We will also learn a range of skills, from creating and managing user accounts to securing your system, managing and limiting processes, and letting information flow from one process to another using pipes. Later, we will master disk management, working with scripts and automating tasks quickly, and finally, understand the need for a custom kernel and tips on how to build one.</p> <p><br />Based on the author's extensive experience, there is a section on best practices that every Linux user should be familiar with.</p>
Table of Contents (19 chapters)
Linux Utilities Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Working with Secure Linux – SELinux


This section will serve as an overview of Security Enhanced Linux (SELinux). In the Working with file permissions section, we discussed how standard Linux provides protection for the system. This method is called Discretionary Access Control (DAC), and has some limitations. For example, a typical user could open his files up, either accidentally or on purpose, for any other user to read or write. This could allow unauthorized access to sensitive information. To provide more security, SELinux uses MAC (Mandatory Access Control). MAC uses a security policy that covers all processes and files in the system. All files in SELinux have labels that contain security-relevant information.

For example, the following is a normal listing of a file under DAC:

ls -la ifcfg-eth0
-rw-r--r--. 1 root root 73 Apr 22  2011 ifcfg-eth0

Same file, but with the Z (security context) option to ls:

ls -Z ifcfg-eth0
-rw-r--r--. root root unconfined_u:object_r:default_t:s0ifcfg-eth0...