Role-based access control in SELinux
Learn your way around this admin-friendly security administration layer
From the developerWorks archives
Date archived: April 22, 2019 | First published: February 13, 2008
Role-based access control (RBAC) is a general security model that simplifies administration by assigning roles to users and then assigning permissions to those roles. RBAC in Security-Enhanced Linux (SELinux) acts as a layer of abstraction between the user and the underlying type-enforcement (TE) model, which provides highly granular access control but is not geared for ease of management. Learn how the three pieces of an SELinux context (policy, kernel, and userspace) work together to enforce the RBAC and tie Linux® users into the TE policy.
This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some content, steps, or illustrations may have changed.