2025-06-13 –, A113 (capacity 64)
Let's be honest: managing a SELinux policy is not the easiest thing in the world. With so many modules, rules, and packages, sometimes it's hard to keep track of every little change you made to prevent that one niche application from crashing. Or even worse, you're not the one who made the changes, and now you're left with a problem to fix.
WhimSE (What Have I Modified in SELinux) is a new tool I developed as my master's thesis and will help you find all whims your SELinux policy has. It scans your current policy and lists changes made compared to a clean policy contained in the installed packages. That includes changed, removed, or added policy modules, modifications introduced via userspace tools (semanage, setsebool, etc.), or manual changes to SELinux configuration files. Distributed SELinux Policy is also supported.
Intermediate - attendees should be familiar with the subject
I am a software engineer at Red Hat and a master's student at FI MUNI in Brno, CZ interested in open-source, Linux, C, and self-hosting. At Red Hat, I started as an intern in the SELinux Team and have since moved to a position as a software engineer in the RHEL Virtualization Team focusing on QEMU and Live Migration.