The policy book can be thought of as a really big text book, which contains 3 chapters.
AnnouncementI have released my new course on Udemy, Kubernetes By Example. Sign up now to get free lifetime access!
Chapter 1 – Contains a list of all available security attributes. There are actually 4 lists, one for each type of the differnt types of suecurity attributes user:role:type:level. In the targeted policy, the “type” list is by far the longest, containing about 4500 entries.
Chapter 2 – lists mapping rules about which security attribute can access to which other security attributes.
chapter 3 – list selinux context assignment rules. This chapter gives info about what SELinux needs, in order to determine what selinux context values every object in your machine should have.
By the end of this article you should be able to answer the following questions:
seinfo # this retrieves info from the policy book
semanage # this retrieves info from the policy book