Some selinux notes

ls -Z file1
-rwxrw-r-- user1 group1 unconfined_u:object_r:user_home_t:s0 file1
  • SELinux contexts follow the SELinux user:role:type:level syntax.
  • Use the ps -eZ command to view the SELinux context for processes
  • and id -Z for users
  • seinfo -r (part of setools-console): shows all available user roles: such as guest, unconfined, webadm, sysadm, dbadm, etc.

also see /etc/selinux/targeted/context/users

Leave a Reply