System-controlling services such as D-Bus and systemd are core components of a Linux system, now more than ever. Where D-Bus offers system- and session-wide cross-service communication and process life cycle management, systemd is a core daemon offering multiple features. Both services use SELinux to further harden their operations, and allow administrators to fine-tune the access controls applicable.
In this chapter, we will learn about:
SELinux's policy implementation for D-Bus and systemd
Tuning service access controls on D-Bus
Handling access permissions for services
We will end the chapter with an explanation of how D-Bus can use SELinux as its policy source for tightening the authorizations on its services.