SELinux – Necessary and Not Evil! w/ Hal Pomeranz (8 Hours)

SELinux – Necessary and Not Evil! w/ Hal Pomeranz
2 Sessions – 4 Hour Classes

Instructor: Hal Pomeranz

Includes: Students will receive course slides, author notes, lab exercises, and virtual machine, all via electronic download. All students will get a certificate of participation. Students paying $195 or more will get six months of complimentary access to the BHIS Antisyphon Cyber Range.

This is a Pay What You Can course. Please see the registration page here for the Pay What You Can discount codes.

In most organizations the only thought given to SELinux is remembering to turn it off when installing new systems. And yet as I respond to intrusion after intrusion on Linux systems, I know that most of them would never have happened had SELinux been properly deployed.

SELinux has been hampered by a suspicious pedigree (“It comes from the NSA—fear it!”) and a horrible initial roll-out (“This breaks everything—kill it with fire!”). But largely the issue is that the SELinux universe stands outside the normal Linux security model and troubleshooting strategy. Things break in mysterious ways when you enable SELinux, and the fixes are not obvious.

This two-part, hands-on course attempts to break down some of the barriers to SELinux adoption in your organization. Part One focuses on a high-speed introduction to SELinux and a troubleshooting strategy to help you diagnose and correct issues due to SELinux. Part Two gets into the guts of SELinux and provides guidance on developing SELinux policies for new services.


Students will learn basic commands for interacting with the SELinux universe as well as how to:

  • Troubleshoot system issues where SELinux is enabled
  • Correct issues so your applications can work safely with SELinux
  • Extend the default SELinux policy to work with new applications


  • Linux SREs and System Admins
  • Security Engineers/Architects
  • Linux Developers/DevOps
  • SOC Analysts, Incident Responders


Experience with Linux and the Linux command-line is preferred. No experience with SELinux is necessary or assumed.


Students should be comfortable working with the Linux command line.


  • High speed Internet access
  • A BitTorrent client for downloading course materials (e.g., Transmission)
  • A computer with at least 150GB of free space and capable of running a 64-bit VMware virtual machine using 4GB of RAM


Students will receive course slides, author notes, lab exercises, and virtual machine, all via electronic download.


Hal Pomeranz has spent more than thirty years providing pragmatic Information Technology and Security solutions for some of the world’s largest commercial, government, and academic institutions. He is a frequent presenter at national and local technical gatherings and the author of numerous books and articles in the field of Information Security and Digital Forensics.

I. Welcome to SELinux!
A. What is SELinux?
B. Navigating the SELinux Universe
C. Troubleshooting SELinux Errors
D. Resolving Access Control Issues
E. Rough Spots and Glitches
<<LAB: SELinux Is Eating My Logs!>>
II. SELinux Policy
A. Reference Policy and Tools
B. Preparing the Development Environment
C. Creating an Initial Policy
D. Testing and Refinement
E. Dirty Tricks
<<LAB: Build Your Own Policy>>


Tues, July 13, 2021 11:00 AM – 4:00 PM ET

Wed, July 14, 2021 12:00 PM – 4:00 PM ET

Register to attend this course virtually in July here

Join the Wild West Hackin’ Fest Discord server to stay updated on future training and webcasts: Join Our Server!