This is an Ansible playbook and related files to set up a SELinux Lab on Redhat Enterprise Linux for educational purposes.
- Lukas Vrabec [email protected]
- Luc de Louw [email protected]
- Setting wromg permissions to /etc/shadow and see that SELinux prevents information disclosure by a CGI script trying to read the shadow file
- Setting up an NFS Server with protocol version 4.2 which exports SElinux file contexts
- Setting up a simple SMB Server for two use cases: Home directory mount and mount of a generic share
- Installation of a Tomcat server with a example application to be confined
This playbook and lab has been tested with the following Operating Systems:
- RHEL8
- RHEL9
- RHEL10 (actually with CentOS Stream 10 which is the upstream project of the upcomming RHEL10 system)
ansible-play -u root -k setup-lab.ymlThis repo will be updated as the lab will evolve. We are happy to get input from other contributers.