RHEL 9 Expert
Expert knowledge base for Red Hat Enterprise Linux 9 system administration, security, and operations. Contains 613 justified beliefs covering SELinux, cryptographic policies, Identity Management (IdM), kernel configuration, networking, storage, virtualization, provisioning, and lifecycle management.
What is this?
This is an External Epistemic Memory (EEM) โ a model-agnostic knowledge base that any LLM can use via the reasons CLI or tool calling. Unlike a LoRA or fine-tune, this knowledge is not baked into model weights. It is external, inspectable, correctable, and works with any model.
Stats
| Metric | Value |
|---|---|
| Total beliefs | 613 |
| Status | 613 IN / 0 OUT |
| Premises (observations) | 457 |
| Derived (justified conclusions) | 156 |
| Nogoods (contradictions) | 0 |
| Retraction rate | 0% |
| Max derivation depth | 6 |
Top Topics
| Topic | Beliefs |
|---|---|
| rhel9 | 330 |
| idm | 49 |
| default | 46 |
| selinux | 33 |
| kernel | 23 |
| security | 21 |
| rhel94 | 20 |
| management | 19 |
| rhel | 19 |
| deprecated | 18 |
| identity | 18 |
| kickstart | 18 |
| install | 17 |
| lifecycle | 17 |
| crypto | 14 |
| logging | 14 |
| appstream | 13 |
| boot | 13 |
Domain Coverage
- RHEL 9 Core Platform: content delivery architecture (BaseOS/AppStream), DNF package management, module streams, minor release lifecycle, deprecations (317 beliefs)
- Identity Management (IdM): 389 Directory Server, MIT Kerberos, Dogtag CA, SSSD, DNS integration, trust relationships, complete identity stack (37 beliefs)
- SELinux: enforcing mode, policy management, booleans, file contexts, container MCS isolation, troubleshooting (27 beliefs)
- RHEL 9.4 Specifics: minor release changes, new features, updated defaults (20 beliefs)
- Kickstart & Provisioning: automated installation, Kickstart directives, PXE boot, Image Builder, end-to-end provisioning pipeline (15 beliefs)
- Security Framework: defense-in-depth across four integrated layers, cryptographic policies (DEFAULT/LEGACY/FUTURE/FIPS), crypto policy lifecycle, audit subsystem (21 beliefs)
- Kernel & Boot: kernel module management, GRUB2 configuration, bootloader, kdump crash recovery, kernel parameters (23 beliefs)
- Networking: NetworkManager, firewalld, nftables, bonding, teaming, network configuration (included in core beliefs)
- Storage: LVM, Stratis, VDO deduplication, XFS/ext4, LUKS encryption, layered data protection (included in core beliefs)
- Virtualization: KVM/QEMU/libvirt managed stack, virsh, virt-install, VM lifecycle management (included in core beliefs)
- Containers: Podman, rootless containers, container SELinux policies, MCS isolation model (included in core beliefs)
- Audit & Logging: unified audit subsystem, rsyslog, systemd journal, file watch rules, log dispatch (14 beliefs)
How to Use
Import into a reasons database
reasons init
reasons import-json network.json
Query beliefs
reasons search "SELinux container isolation"
reasons explain rhel9-defense-in-depth-security-framework
reasons show rhel9-four-predefined-crypto-policies
Use as an MCP tool or CLI
Any LLM agent that can call reasons search, reasons show, and reasons explain can use this knowledge base. The agent does not need to be told it is an expert โ the knowledge base speaks for itself.
Key Beliefs
| Node | Summary |
|---|---|
rhel9-four-predefined-crypto-policies |
RHEL 9 provides four predefined system-wide cryptographic policies: DEFAULT, LEGACY, FUTURE, and FIPS |
rhel9-audit-subsystem-integrated |
Unified audit subsystem with integrated dispatcher, file watch rules, and original log format |
rhel9-container-mcs-isolation |
Container isolation leverages the full MCS restrictive access control model |
rhel9-crypto-policy-lifecycle |
Complete crypto policy lifecycle management: four predefined policies with set/show CLI |
idm-complete-identity-stack |
IdM bundles 389 Directory Server, MIT Kerberos, Dogtag CA, and SSSD into a unified stack |
rhel9-defense-in-depth-security-framework |
Defense-in-depth through four integrated security layers: hardened defaults, SELinux, crypto policies, audit |
rhel9-end-to-end-provisioning-pipeline |
End-to-end provisioning from Image Builder through Kickstart to configured system |
rhel9-managed-virtualization-stack |
Fully managed KVM/QEMU/libvirt virtualization stack with virsh/virt-install tooling |
rhel9-content-delivery-architecture |
Content split into BaseOS (core OS) and AppStream (applications) mandatory repositories |
rhel9-layered-data-protection |
Data at rest protected through two independent layers: cryptographic and access control |
Sources
Built from exploration of Red Hat Enterprise Linux 9 documentation, release notes, and operational experience across security, identity management, networking, storage, and platform administration.
Files
| File | Description |
|---|---|
network.json |
Full belief network (machine-readable, portable) |
reasons.db |
SQLite database (gitignored, regenerate with reasons import-json network.json) |
CLAUDE.md |
Agent instructions for using this knowledge base |
entries/ |
329 exploration entries โ raw observations behind the premises |
Quality
- All 613 beliefs are IN (none retracted)
- 457 premises grounded in direct observations of RHEL 9 behavior and documentation
- 156 derived beliefs justified from premises via SL justifications
- 0 nogoods โ no contradictions detected
- Max derivation depth of 6, indicating multi-step reasoning chains
- Built and reviewed using ftl-reasons derive and review-beliefs pipeline
Limitations
- Focused on RHEL 9.x as of mid-2026
- RHEL evolves across minor releases; some beliefs may become stale
- Heavier coverage of security, IdM, and SELinux than storage or performance tuning
- Does not cover RHEL 8 or earlier versions
- No ATMS or assumption-based beliefs (single-context TMS only)
Authors
- Ben Thomasson (@benthomasson)
License
mit
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support