This article is a Draft. Help us to complete it.
wikipedia:Security-Enhanced Linux
semanage
and restorecon
command line utilities can be used to manage SELinux configuration and behavior.
SELinux is available in RHEL 4 since 2005 and in Ubuntu. As of 2018 Ubuntu 18.04 LTS do not install SELinux by default.
Command-line utilities include:[1]
chcon
,[2]
restorecon
,[3]
restorecond
,[4]
runcon
,[5]
secon
,[6]
fixfiles
,[7]
setfiles
,[8]
load_policy
,[9]
booleans
,[10]
getsebool
,[11]
setsebool
,[12]
togglesebool
[13]
setenforce
,
semodule
,
postfix-nochroot
,
check-selinux-installation
,
semodule_package
,
checkmodule
,
selinux-config-enforcing
,[14]
selinuxenabled
,[15]
and selinux-policy-upgrade
[16]
sestatus
setenforce enforcing
See also
- AppArmor,
/etc/apparmor.d/libvirt
, apparmor_status
- Seccomp
- SELinux,
semanage
, sestatus
, getenforce
, chcon
, security context, setsebool
- Mandatory access control: AppArmor, SELinux, seccomp, System Integrity Protection (macOS)
↑ "SELinux/Commands - FedoraProject". Retrieved 2015-11-25.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "chcon". Linuxcommand.org. Archived from the original on 2004-10-24. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "restorecon(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "restorecond(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "runcon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "secon(1) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "fixfiles(8): fix file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "setfiles(8): set file SELinux security contexts - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "load_policy(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "booleans(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "getsebool(8): SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "setsebool(8): set SELinux boolean value - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "togglesebool(8) - Linux man page". Linux.die.net. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "Ubuntu Manpage: selinux-config-enforcing - change /etc/selinux/config to set enforcing". Canonical Ltd. Archived from the original on 2012-12-20. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "Ubuntu Manpage: selinuxenabled - tool to be used within shell scripts to determine if". Canonical Ltd. Archived from the original on 2013-02-09. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
↑ "Ubuntu Manpage: selinux-policy-upgrade - upgrade the modules in the SE Linux policy". Canonical Ltd. Archived from the original on 2012-04-04. Retrieved 2013-02-06.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>