From Fedora Project Wiki
m (Fix mismatched code tags)
m (internal link cleaning)
 
(66 intermediate revisions by 2 users not shown)
Line 7: Line 7:
* '''Project Plan:''' an estimation of the time and resources required to complete the project.
* '''Project Plan:''' an estimation of the time and resources required to complete the project.


= Information Plan =
=== Information Sources ===
=== Information Sources ===


* [http://www.nsa.gov/selinux/ National Security Agency]
* Russell Coker: <http://www.coker.com.au/selinux/>, [http://www.linuxjournal.com/article/9408 Multi-Category Security in SELinux in Fedora Core 5], <http://www.coker.com.au/selinux/talks/auug-2005/auug2005-paper.html>
* James Morris: [http://namei.org/ols-2008-selinux-paper.pdf Have You Driven an SELinux Lately?], [http://james-morris.livejournal.com/5020.html An Overview of Multilevel Security and LSPP under Linux].
* [http://selinux-symposium.org/ SELinux Symposium and Developer Summit]
* [http://docs.fedoraproject.org/selinux-apache-fc3/ Fedora Core 3: Understanding and Customizing the Apache HTTP SELinux Policy (Beta Document)]
* [http://www.redhat.com/magazine/001nov04/features/selinux/ What is Security-Enhanced Linux?]
* [https://www.redhat.com/training/security/courses/rhs429.html RHS429 course].
* [https://www.redhat.com/training/security/courses/rhs429.html RHS429 course].
* [http://www.redhat.com/magazine/006apr05/features/selinux/ Taking advantage of SELinux in Red Hat® Enterprise Linux®]
* [http://selinuxproject.org/page/Documentation_TODO Current SELinux project documentation todo list].
* [http://selinuxproject.org/page/Documentation_TODO Current SELinux project documentation todo list].
* [http://gentoo-wiki.com/HOWTO_Understand_SELinux Gentoo Wiki HOWTO Understand SELinux]
* [http://oss.tresys.com/projects/refpolicy SELinux Reference Policy]
* [http://www.cs.stthomas.edu/faculty/resmith/r/mls/index.html Introduction to Multilevel Security, Dr. Rick Smith].
* Red Hat Enterprise Linux 5 Deployment Guide:
* Red Hat Enterprise Linux 5 Deployment Guide:
** [http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/rhlcommon-chapter-0017.html End User Control of SELinux].
** [http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/rhlcommon-chapter-0017.html End User Control of SELinux].
* [http://docs.fedoraproject.org/selinux-faq-fc5/ Fedora Core 5 SELinux FAQ]
* [[SELinux/FAQ|Fedora SELinux/FAQ]]
* Red Hat Enterprise Linux 4 SELinux Guide: [http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-part-0062.html Working with SELinux].
* Red Hat Enterprise Linux 4 SELinux Guide: [http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-part-0062.html Working with SELinux].
* Mailing lists: <selinux@tycho.nsa.gov> and <fedora-selinux-list@redhat.com>.
* Mailing lists: <selinux@tycho.nsa.gov> and <fedora-selinux-list@redhat.com>.
Line 22: Line 35:
* [http://www.redhat.com/v/swf/SELinux/ SELinux webcast.]
* [http://www.redhat.com/v/swf/SELinux/ SELinux webcast.]
* [http://www.redhatmagazine.com/2008/07/02/writing-policy-for-confined-selinux-users Confining Users.]
* [http://www.redhatmagazine.com/2008/07/02/writing-policy-for-confined-selinux-users Confining Users.]
* [http://www.niap-ccevs.org/cc-scheme/st/st_vid10286-vr.pdf Common Criteria Evaluation and Validation Scheme Validation Report]
* [http://www.redhatmagazine.com/2008/02/26/risk-report-three-years-of-red-hat-enterprise-linux-4/ Risk report: Three years of Red Hat Enterprise Linux 4]
* [http://www.tresys.com/innovation.php Tresys (Mitigation News).]
* [http://www.nsa.gov/selinux/papers/freenix01/freenix01.html Integrating Flexible Support for Security Policies into the Linux Operating System.]
* [http://www.nsa.gov/selinux/papers/ottawa01/index.html Meeting Critical Security Objectives with Security-Enhanced Linux.]


=== Purpose of the Documentation ===
=== Purpose of the Documentation ===
Line 38: Line 56:


=== What the Documentation Covers (in no particular order, and subject to change) ===
=== What the Documentation Covers (in no particular order, and subject to change) ===
 
* [[Docs/Drafts/SELinux User Guide/Previous TOC Ideas| Previous TOC Ideas]]
* Basic access control concepts.
* SELinux concepts:
** Domains and Types.
** Contexts.
** Targets/Processes/Files.
* How do I find out if SELinux is enabled on my system?
* Confined and unconfined processes (<code>ps auxZ</code>).
* Main files: <code>/selinux/</code> and <code>/etc/selinux/config</code>.
* How to correctly disable SELinux (not sure if we want this ;) )
* Maintaining correct labels:
** View labels using <code>ls -Z</code>
** Copying Vs moving files.
** Using user_home_t files on other machines, such as a user moving their <code>~/.ssh/authorized_keys</code> file to another machine.
** Relabeling an entire file system.
** Possible problems caused from running in permissive mode, such as having permissions to mislabel files.
** [https://www.redhat.com/archives/fedora-selinux-list/2008-July/msg00000.html mislabeled files], relabeled but still problems, <code>touch /.autorelabel</code> (Dans journal).
* Red Hat Enterprise Linux 5 Deployment Guide: [http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.2/html/Deployment_Guide/rhlcommon-chapter-0017.html End User Control of SELinux].
* SELinux and virtualization (relabeling images if images are not in <code>/etc/xen/</code>).
* Logging:
** Are SELinux denials taking up too much space? This came from #selinux.
** Amount of denials in permissive mode Vs enforcing mode.
** Searching for specific denials (from #selinux, <code>"/sbin/ausearch -m avc -ts today | grep search | head -n 1", "sealert -l \*"</code>).
** Where are the log files kept? (<code>/var/log/audit/audit.d</code>, <code>/var/log/messages</code>, etc. Basic explanation of which one will be used).
* Basic interpretation of SELinux denials, and where to get help, (maybe mail <fedora-selinux-list@redhat.com>). From #selinux:
<pre>
(06:19:50 PM) hatty: Hi , I get this in my log audit(1216043069.444:37): avc: 
denied  { search } for  pid=726 comm="busybox" name="" , what is the meaning of name="" ?
 
"(08:58:22 PM) domg472: anyways hatty consider this: target objects can be any objects,
object arent just file object but there also other kimds of object that may not carry a
name for example ports interfaces or the ojects of subject ( process objects )"
</pre>
* Controlling system daemons with booleans:
** <code>getsebool -a</code>, <code>setsebool -P</code>; how to find information about booleans listed from getsebool.
** Common items people want to change.
* [https://www.redhat.com/archives/fedora-selinux-list/2008-July/msg00061.html Installing and upgrading SELinux packages.]
** Upgrade problems if you start from a non-SELinux labeled file system?
** Missing SELinux users (<code>semanage user -l</code>)
* Not running X : <code>setroubleshoot-server</code>, run <code>sealert -l \*</code>, <https://www.redhat.com/archives/fedora-selinux-list/2008-July/msg00004.html>.
* Confining Users
** <http://www.redhatmagazine.com/2008/07/02/writing-policy-for-confined-selinux-users/>.
** <http://www.redhatmagazine.com/2008/04/17/fedora-9-and-summit-preview-confining-the-user-with-selinux>.
* Mounting:
** Do mount points need to be <code>mnt_t</code>?
 
Commands:
<pre>
getsebool -a
setsebool -P
sestatus -v
restorecon
fixfiles
newrole
</pre>
 
From the current [http://selinuxproject.org/page/Documentation_TODO SELinux documentation todo list]:
From the current [http://selinuxproject.org/page/Documentation_TODO SELinux documentation todo list]:
* "Explain how to interpret an AVC message and how to get additional information via SYSCALL audit, including how to add a simple syscall audit filter to enable collection of PATH information".
* "Explain how to interpret an AVC message and how to get additional information via SYSCALL audit, including how to add a simple syscall audit filter to enable collection of PATH information".
Line 101: Line 64:
* "Describe Audit2allow and how it can just Fix the machine".
* "Describe Audit2allow and how it can just Fix the machine".
* "Update and organize the Fedora SELinux FAQ".
* "Update and organize the Fedora SELinux FAQ".
-----------------------------------------
'''SELinux Introduction:'''
* Brief overview.
* What SELinux can and can't do.
* Examples to explain how SELinux works (e.g., Apache HTTP).
'''SELinux Contexts and Attributes:'''
* Brief overview of objects, subjects, and object classes.
* Explain each part of SELinux labels.
'''Targeted Policy Overview:'''
* Confined and Unconfined processes.
* Confined system and user domains.
'''Working with SELinux:'''
* Installing and Upgrading packages.
* Configuration Files.
* Enable and Disable SELinux.
* semanage: booleans, labeling files, adding users, translations.
* Managing and Maintaining SELinux Labels.
'''Managing Users:'''
* Linux and SELinux user account mappings.
* Adding confined and unconfined users.
* Modifying existing users.
'''System Services:'''
* Examples, sharing content between services.
'''SELinux Log Files and Denials:'''
* auditd and setroubleshoot.
* Searching log files (ausearch).
* Interpreting AVC Denials.
* sealeart -l \*
* What to check for after a denial (DAC permissions...)
* audit2allow and audit2why.
'''Access Control'''
* Concepts of DAC, MAC, Type Enforcement®, etc.
'''Working with MCS and MLS'''
* Examples from domg472.
= Project Plan =
== Schedule ==
Updated 30 September 2008 to reflect slip in Fedora 10 schedule.
==='''Information Plan:''' July 14 -> July 24 (9 days)===
Deliverables: Information Project Plans
==='''Content Specification:''' July 25 -> August 14 (15 days)===
Deliverables:
* Individual publications that are planned for the final document. These publications are done on the Wiki. This occurs after extensive research into topics.
* Table of contents.
* Phase review: subject matter experts approve the plan or request modifications to content.
==='''Implementation:''' August 15 -> November 8 (70 days) ===
Designs for style, prototype sections, first, second, and approved drafts, weekly reports sent to <selinux@tycho.nsa.gov>.
==='''<strike>Localization and</strike> Production:''' November 16 -> November 24 (9 days)===
<strike>Translation</strike>, preparing final copies/PDFs.
==='''Evaluation:''' <strike>October 29 -> October 30 (1 day)</strike>===
* Evaluate the project.
* Plan maintenance cycles.
* Plan next release.
= Subject Matter Experts =
* Daniel Walsh
* James Morris
* Eric Paris
* domg472
* Russell Coker
* Stephen Smalley
* Karl MacMillan
* Joshua Brindle
* Christopher J. PeBenito
[[Category:SELinux docs]]

Latest revision as of 13:50, 18 September 2016

Phase 1: Information Planning

Deliverables and Milestones

  • Information Plan: documents findings after the initial investigation is complete. Generates an idea about where the project is heading, and what it requires.
  • Project Plan: an estimation of the time and resources required to complete the project.

Information Plan

Information Sources

Purpose of the Documentation

  • Provide a short, simple introduction to access control (MAC, MLS, MCS), and SELinux.
  • Use examples to describe how SELinux operates (such as Apache HTTP server not reading user_home_t files).
  • Give users information needed to do what they want without turning SELinux off.
  • From the current SELinux documentation todo list, "Translate danwalsh.livejounal.com in to a beginner user guide".

Audience

  • Familiar with using a Linux computer and a command line.
  • No system administration experience is necessary; however, content may be geared towards system administration tasks.
  • No previous SELinux experience.
  • People who are never going to write their own SELinux policy.

What the Documentation Covers (in no particular order, and subject to change)

From the current SELinux documentation todo list:

  • "Explain how to interpret an AVC message and how to get additional information via SYSCALL audit, including how to add a simple syscall audit filter to enable collection of PATH information".
  • Document Confined Users".
  • "Update FC5 FAQ".
  • "Document the use of the mount command for overriding file context".
  • "Describe Audit2allow and how it can just Fix the machine".
  • "Update and organize the Fedora SELinux FAQ".

SELinux Introduction:

  • Brief overview.
  • What SELinux can and can't do.
  • Examples to explain how SELinux works (e.g., Apache HTTP).

SELinux Contexts and Attributes:

  • Brief overview of objects, subjects, and object classes.
  • Explain each part of SELinux labels.

Targeted Policy Overview:

  • Confined and Unconfined processes.
  • Confined system and user domains.

Working with SELinux:

  • Installing and Upgrading packages.
  • Configuration Files.
  • Enable and Disable SELinux.
  • semanage: booleans, labeling files, adding users, translations.
  • Managing and Maintaining SELinux Labels.

Managing Users:

  • Linux and SELinux user account mappings.
  • Adding confined and unconfined users.
  • Modifying existing users.

System Services:

  • Examples, sharing content between services.

SELinux Log Files and Denials:

  • auditd and setroubleshoot.
  • Searching log files (ausearch).
  • Interpreting AVC Denials.
  • sealeart -l \*
  • What to check for after a denial (DAC permissions...)
  • audit2allow and audit2why.

Access Control

  • Concepts of DAC, MAC, Type Enforcement®, etc.

Working with MCS and MLS

  • Examples from domg472.

Project Plan

Schedule

Updated 30 September 2008 to reflect slip in Fedora 10 schedule.

Information Plan: July 14 -> July 24 (9 days)

Deliverables: Information Project Plans

Content Specification: July 25 -> August 14 (15 days)

Deliverables:

  • Individual publications that are planned for the final document. These publications are done on the Wiki. This occurs after extensive research into topics.
  • Table of contents.
  • Phase review: subject matter experts approve the plan or request modifications to content.

Implementation: August 15 -> November 8 (70 days)

Designs for style, prototype sections, first, second, and approved drafts, weekly reports sent to <selinux@tycho.nsa.gov>.

Localization and Production: November 16 -> November 24 (9 days)

Translation, preparing final copies/PDFs.

Evaluation: October 29 -> October 30 (1 day)

  • Evaluate the project.
  • Plan maintenance cycles.
  • Plan next release.

Subject Matter Experts

  • Daniel Walsh
  • James Morris
  • Eric Paris
  • domg472
  • Russell Coker
  • Stephen Smalley
  • Karl MacMillan
  • Joshua Brindle
  • Christopher J. PeBenito