This is "How To" guide to show us, how one can check the status of SELinux whether it is enabled or not. If you would like to know more about SELinux like what is SELinux, why one should use SELinux and how does it work then click here.
Following are three different ways to check the status of SELinux:
Thank you for reading this article. Hope you would like it. If you have any suggestion or have any question do let me know in the comments. Happy Learning!!
Following are three different ways to check the status of SELinux:
- Use the getenforce command
[vagrant@vagrantdev ~]$ getenforce Permissive
- Use the sestatus command
[vagrant@vagrantdev ~]$ sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: permissive Mode from config file: permissive Policy version: 24 Policy from config file: targeted
- Use the SELinux Configuration File i.e. cat /etc/selinux/config to view the status
[vagrant@vagrantdev ~]$ cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=permissive # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted
- Enforcing - Security policy is enforced. Any unauthorized access attempts by users and applications / processes are denied and respective logs are written.
- Permissive - Security policy is not enforced and unauthorized access attempts are not denied but respective logs are written. One can can use this mode for testing before enforcing the security policy.
- Disabled - No security policy is enforced and no logs. Disabled state.
Thank you for reading this article. Hope you would like it. If you have any suggestion or have any question do let me know in the comments. Happy Learning!!
No comments:
Post a Comment