More and more system tools have built-in support for SELinux or use SELinux's features to further harden their own service offerings. When we look at virtualization, two open source projects will definitely come to mind: libvirt and Docker. While the former supports full virtualization, the latter focuses on container management. In this chapter, administrators will:
Learn how SELinux can help reduce the risks of virtualization
Understand how SELinux's policy is tuned to support these services
Deal with the secure virtualization option supported through the libvirt API
We'll end the chapter with a section on Securing Docker containers with SELinux.