OpenSUSE MicroOS, SLE Micro and the SUSE Adaptable Linux Platform (ALP) have moved to using SELinux for Mandatory Access Control (MAC).
There are some key differences between a traditional Linux system without MAC, and one with SELinux.
Furthermore, using SELinux on transactional systems such as openSUSE MicroOS and ALP-based distributions has its own peculiarities.
In this talk we will introduce SELinux, describe what it does, and show how to work with it.
We will then see how it's used on a transactional immutable system such as an ALP-based distribution, where most workloads are run inside containers.
This talk is for a beginner to intermediate-level audience.
You should have a general understanding of both traditional and immutable Linux systems, but won't need specific SELinux expertise.
OpenSUSE MicroOS, SLE Micro and the SUSE Adaptable Linux Platform (ALP) have moved to using SELinux for Mandatory Access Control (MAC).
There are some key differences between a traditional Linux system without MAC, and one with SELinux.
Furthermore, using SELinux on transactional systems such as openSUSE MicroOS and ALP-based distributions has its own peculiarities.
In this talk we will introduce SELinux, describe what it does, and show how to work with it.
We will then see how it's used on a transactional immutable system such as an ALP-based distribution, where most workloads are run inside containers.
This talk is for a beginner to intermediate-level audience.
You should have a general understanding of both traditional and immutable Linux systems, but won't need specific SELinux expertise.