• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

CONCEPTS | BASICS | HOWTO

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • Linux Services
    • VCS
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Interview Questions
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

List of SELinux Utilities

By admin

This post lists some of the more commonly used command-line utilities for managing and operating SELinux.

utilities provided by policycoreutils package

The policycoreutils package installs the following utilities:

  • fixfiles: Fixes the security context on file systems
  • load_policy: Loads a new SELinux policy into the kernel
  • restorecon: Resets the security context on one or more files
  • setfiles: Initializes the security context on one or more files
  • secon: Displays the SELinux context from a file, program, or user input
  • semodule_package: Creates an SELinux policy module package
  • restorecond: Is a daemon that watches for file creation and sets the default file context
  • semodule: Manages SELinux policy modules
  • sestatus: Displays SELinux status
  • setsebool: Sets SELinux Boolean value

Utilities provided by libselinux-utils package

The libselinux-utils package installs the following utilities:

  • avcstat: Displays SELinux AVC statistics
  • getenforce: Reports the current SELinux mode
  • getsebool: Reports SELinux Boolean values
  • matchpathcon: Queries the system policy and displays the default security context associated with the file path
  • selinuxconlist: Displays all of the SELinux context reachable for a user
  • selinuxdefcon: Displays the default SELinux context for a user
  • selinuxenabled: Indicates whether SELinux is enabled
  • setenforce: Modifies the SELinux mode

Utilities provided by setools-console package

The setools-console package installs the following utilities:

  • findcon: An SELinux file context search tool
  • sechecker: An SELinux policy checking tool
  • sediff: An SELinux policy difference tool
  • seinfo: An SELinux policy query tool
  • sesearch: An SELinux policy query tool

Utilities provided by policycoreutils-python package

The policycoreutils-python package installs the following utilities:

  • semanage: Is an SELinux policy management tool
  • audit2allow, audit2why: Generates SELinux policy allow/don’t_audit rules from logs of denied operations
  • chcat: Changes or removes the security category for each file or user
  • sandbox: Runs a command in an SELinux sandbox
  • semodule_package: Creates an SELinux policy module package

Utilities provided by policycoreutils-gui package

The policycoreutils-gui package installs the following utilities:

  • system-config-selinux: SELinux Administration GUI
  • selinux-polgengui: SELinux policy generation tool
Beginners Guide to SELinux
How to Disable or set SELinux to Permissive mode
How to Check whether SELinux is Enabled or Disabled

Filed Under: CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Understanding mpathconf Utility to configure DM-Multipath
  2. How to obtain virtual/physical CPU information in Oracle VM (XEN)
  3. What are Shell Scripts? How to Create Shell Scripts?
  4. NFSv4 Client Shows “nobody” As Owner And Group For Mount Point (CentOS/RHEL)
  5. How to install and configure MariaDB in CentOS / RHEL 7
  6. CentOS / RHEL : How to change password hashing algorithm
  7. How to recover from deleted root entry in /etc/shadow and/or /etc/passwd files in CentOS / RHEL 6
  8. Understanding linux fdisk utility
  9. “yum history” command examples to display, rollback, redo, undo yum transactions
  10. How to Create Yum Repository For System Packages Installation in CentOS/RHEL

You May Also Like

Primary Sidebar

Recent Posts

  • How to Disable IPv6 on Ubuntu 18.04 Bionic Beaver Linux
  • How to Capture More Logs in /var/log/dmesg for CentOS/RHEL
  • Unable to Start RDMA Services on CentOS/RHEL 7
  • How to rename a KVM VM with virsh
  • Archives
  • Contact Us
  • Copyright

© 2021 · The Geek Diary