I am totally new to Linux yet your video made it extremely simple. I wish all instructors would take some lessons from you :) Thanks so much!!!

Hi Randall, See Thomas's reply below. Pleas go to the Red Hat Summit website, you can find them there. Thanks for checking out the video!

Link to the slides: people.redhat.com/tcameron/Summit2012/SELinux/cameron_w_120_selinux_for_mere_mortals.pdf

This video was a life saver. The chcon command was driving me nuts because I didn't quite understand what I was doing when I was using it. All I knew was at times there would be instructions giving me a chcon command to enter verbatim into to the terminal which is easy enough when its given to you but if I was in a situation where it wasn't laid out for me I was screwed. Now at the very least I know what types I need to be looking for when using chcon if I want a file to possess certain attributes. Not to mention when I use ls -Z I don't feel like a complete idiot. Obviously I still have a lot more to learn but a lot of the key fundamentals for SELinux clicked with this lecture. So in short many thanks for having this lecture posted on the channel.

I used to turn off SELinux on RHEL/CentOS for a few years, but this presentation really made me want to dive into it and get a grasp. Thanks a lot, Thomas Cameron!

Hi Abhijit - You could use regular old permissions (DAC) to grant access to files in /proc. Then if you are still getting avc denials, use the steps I described in the video to grant privileges.

Would be nice to hear the questions asked by audience members (or see a transcript on screen), but very good presentation.

This was extremely helpful, thank you very much.

Thank you for comprehensive and entertaining presentation! I was also always scared about whole this MAC concept, but sometime you've got to learn and use it :)

I like this helpful & clear presentation. @Thomas Cameron thank you!

Excellent. This made SELinux so easy for me to deal with.

Dear camera man, If he's pointing at / reading the screen, It probably is something you shuold want to point the camera at.

Look at the Red Hat Summit web site, the slides are available there.

Thank you so much for explaining it so simply. It really isnt' as confusing as it seemed to be. Thank you for simplifying the core concepts so well :-)

This has come a really long way since I last played with it. Mayne I won't get a headache this time! :D

This is SO GOOD that I wish I could give it a 100 thumbs up

One area that SE Liniux can have an impact is really time sensitive stuff. A guy I worked with ran into it with network connections for cross site RAC. Even in permissive mode - as the permissive mode is still running the checks.

Simply superb! I liked the video very much

The presenter did an excellent job with describing each area thoroughly to ensure the simplest person can understand it and kept my attention throughout. This has been an excellent overview of SELinux and I feel much more confident tackling it in the future. Thank You Thomas. Is it possible to get the PowerPoint presentation?

One important thing to note: the logging location for most selinux events is no longer /var/log/messages but /var/log/audit/audit.log? Want to do a quick check? # grep AVC /var/log/audit/audit.log

Great talk Thomas. Made me accept to get along with SELinux.

Does it not suffice to use Linux's built-in DAC to allow httpd to only read its own data and only write its own logs?

I wish the director would leave up the slides -- where the useful information is. Not much point in seeing the speaker.

I had mentioned a location for slides that turned out to be for an older presentation. The slides for this one can be found using the concatentation of these path components without any spaces: rhsummit.files.wordpress. com /2012/03/ cameron_selinux_for_mere_mortals.pdf When I cut'n'paste path strings from these comments I end up with extraneous junk in them not visible in the actual comments...? It's easy to remove as each instance is typically a percent char followed by 2 hex chars.

Thanks, brainst0rmVideo!

If possible, could you guys subtitle the question? i can't hear them....

This was needed, thank you

Very clear. Thank you so much sir.

Thank you Charles Atlas!! ;)

Hey Thomas!! thanks for the session. I really wouldlike t oknow one thing here. Isit really possible to read or set any modes on the /proc file ssytem so that i can grant privilege to a non root user to check the pfiles ?

Can you put a link to those slides in your videos description/info? thanks

change xom and put com and remove the extra space for the correct link

it is really good indeed ! thanks buddy

Anyone get a copy of his presentation slides?

Thank u so much that was really helpful 🙂

file not found

Thanks for the video!

very cool, nice one!!

Super, very funny says Thomas. Great job!

good stuff !

NSAlinux ? you sure ?

Camera guy please, look at the god damned slides... holyshit

SELinux unfortunately does not play well with Oracle!

I understand selinux now

Camera guy.... Get a clue! WE WANT TO SEE AAALLLL OF THE SLIDES!!!!!

For the slides, go to people redhat com / tcameron Thanks

i want this t-shirt

"so easy a windows admin could do it" hahaha

bla bla bla - one hour completely wasted. And these guys even seem to proud of this kind of bull...

Windows >>>>>>>>>>>> this shit