RHEL

Loading Display Pictures/Avatars from Red Hat IDM/FreeIPA into GNOME3

Earlier today I covered adding display images or avatars to your Red Hat IDM/FreeIPA users. If you’re interested in storing user images in Red Hat IDM, you can read more how to do it by following my previous article here. I’ve spent a bit of time this evening working on expanding that new ability into […]

Scaling OwnCloud with Red Hat Storage

Its impossible to be involved in technology these days without knowing what happened in the US with the PRISM program of illegally aquiring private information of people on an international scale. As a result, this has somewhat changed the game and has made businesses start to re-evaluate their stance on putting personal and company data […]

Synchronous Multi-Master Clustering with MariaDB and Galera

With the vast adoption of MySQL over the years by many businesses and software vendors, there has always been a strong driver for resilience, scalability and fault-tolerance. MySQL has always had various methods for achieving this but in my opinion they have never been clean and simple methods for “set it up and forget” type […]

Adding Fedora to Red Hat Satellite / Spacewalk

Anyone who has used Red Hat Satellite, or even the upsteam Spacewalk project will know just how great an asset it is in managing very large scale environments on Red Hat based Linuxes. For someone like me who spends a large amount of time testing Red Hat’s upstream release “Fedora” it is advantageous to be […]

Using SELinux the right way… Leave it turned on!

Yesterday I was having a chat with the lads in the office about properly using SELinux. I realised later that I haven’t written down a short quick start guide on the topic, so here we go.

There seems to be an undesirable corporate standard in many organisations these days to simply disable SELinux because “its too complicated”. This article is designed to give you the information you need to not just challenge that stereotype, but also to change things for the better.

If you are unfamiliar with SELinux, here is a general background from Wikipedia.

“Security-Enhanced Linux (SELinux) is a Linux feature that provides the mechanism for supporting access control security policies, including United States Department of Defense-style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. It is not a Linux distribution, but rather a set of kernel modifications and user-space tools that can be added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement.[1][2] The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency.

It has been integrated into the mainline Linux kernel since version 2.6, on 8 August 2003.”          — Wikipedia.org

Continue reading “Using SELinux the right way… Leave it turned on!” »