• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • VCS
  • Interview Questions
  • Database
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

sestatus: command not found

by admin

SELinux can either be in an enabled or a disabled state. In order to check in which state it is running, we can make use of the getenforce command. There are two modes in which SELinux runs:

There are two modes in which SELinux runs:

  • Enforcing: This is the enabled state where all rules are applied.
  • Permissive: In this state, SELinux will not deny any access; however, denials are logged.

sestatus is used to get the status of a system running SELinux. It displays data about whether SELinux is enabled, disabled, the loaded policy and whether it is in enforcing or permissive mode. It can also be used to display the security context of files and processes listed in the /etc/sestatus.conf file.

To show the state of SELinux, you can use the sestatus command:

sestatus command sample output

If you encounter below error, while running the sestatus command:

sestatus: command not found

you may try installing the below package as per your choice of distribution.

Distribution Command
Debian apt-get install policycoreutils
Ubuntu apt-get install policycoreutils
Kali Linux apt-get install policycoreutils
CentOS yum install policycoreutils
Fedora dnf install policycoreutils
Raspbian apt-get install policycoreutils

sestatus Command Examples

1. To see the SELinux status:

# sestatus

2. To see the current status of the booleans:

# sestatus -b 

3. To check the contexts of files and processes listed in /etc/sestatus.conf file:

# sestatus -v 

4. To see the sestatus help:

# sestatus --help 

Conclusion

There are three different modes when it comes to SELinux. While Enhanced is the only true mode that really protects us and enhances our server’s security, there are two other modes: Disabled and Permissive. Disabled means SELinux is turned off.

Filed Under: Linux

Some more articles you might also be interested in …

  1. CentOS / RHEL : How to make iptable rules persist across reboots
  2. ‘ulimit: max user processes: cannot modify limit:operation not permitted’ Shown When Login
  3. as: command not found
  4. “sudo: /etc/sudoers is world writable” – How to correct the permissions of sudoers file
  5. fastfetch: A CLI tool to display information about your operating system, software and hardware
  6. “You must wait longer to change your password” – error while changing password in CentOS/RHEL
  7. dir Command Examples in Linux
  8. fmt Command Examples in Linux
  9. sacct Command Examples in Linux
  10. aurvote Command Examples

You May Also Like

Primary Sidebar

Recent Posts

  • gml2gv Command Examples
  • glow Command Examples
  • glib-compile-resources Command Examples
  • glances Command Examples

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright