The policy book can be thought of as a really big text book, which contains 3 chapters.
AnnouncementYou can find all my latest posts on medium.
Chapter 1 – Contains a list of all available security attributes. There are actually 4 lists, one for each type of the differnt types of suecurity attributes user:role:type:level. In the targeted policy, the “type” list is by far the longest, containing about 4500 entries.
Chapter 2 – lists mapping rules about which security attribute can access to which other security attributes.
chapter 3 – list selinux context assignment rules. This chapter gives info about what SELinux needs, in order to determine what selinux context values every object in your machine should have.
By the end of this article you should be able to answer the following questions:
seinfo # this retrieves info from the policy book
semanage # this retrieves info from the policy book