The sestatus.conf file is used by the sestatus(8) command with the -v option to determine what file and process security contexts should be displayed.
The fully qualified path name of the configuration file is:
The file consists of two optional sections as described in the File Format section. Whether these exist or not, the following will always be displayed:
The current process context
The init process context
The controlling terminal file context
The format consists of two optional sections as follows:
The start of the file list block.
One or more fully qualified file names, each on a new line will that will have its context displayed. If the file does not exist, then it is ignored. If the file is a symbolic link, then sestatus -v will also display the target file context.
The start of the process list block.
One or more fully qualified executable file names that should it be an active process, have its context displayed. Each entry is on a new line.