Package libselinux-utils

SELinux libselinux utilies

https://github.com/SELinuxProject/selinux/wiki

The libselinux-utils package contains the utilities

File Formats (Section 5)
booleans
The booleans file, if present contains booleans to support a specific distribution. The booleans.local file, if present contains locally generated booleans...
customizable_types
The customizable_types file contains a list of types that can be customised in some way by SELinux-aware applications. Generally this is a file context type...
default_contexts
The SELinux default contexts configuration file
default_type
The default_type file contains entries that allow SELinux-aware applications such as newrole(1) to select a default type for a role if one is not supplied...
failsafe_context
The failsafe_context file allows SELinux-aware applications such as PAM(8) to obtain a known valid login context for an administrator if no valid default...
local.users
The file contains local user definitions in the form of policy language user statements and is only found on older SELinux systems as it has been deprecated and...
removable_context
This file contains the default label that should be used for removable devices that are not defined in the media file (that is described in selabel_media(5))...
secolor.conf
This optional file controls the color to be associated to the context components associated to the raw context passed by selinux_raw_context_to_color(3), when...
securetty_types
The securetty_types file contains a list of types associated to secure tty type that are defined in the policy for use by SELinux-aware applications...
selabel_db
The DB contexts backend maps from a pair of object name and class into security contexts. It is used to find the appropriate context for database objects when...
selabel_file
The file contexts backend maps from pathname/mode combinations into security contexts. It is used to find the appropriate context for each file when relabeling...
selabel_media
The media contexts backend maps from media device names such as "cdrom" or "floppy" into security contexts. It is used to find the appropriate context for...
selabel_x
The X contexts backend maps from X Window System object names into security contexts. It is used to find the appropriate context for X Window System objects...
service_seusers
These are optional files that allow services to define an SELinux user when authenticating via SELinux-aware login applications such as PAM(8). There is one...
seusers
The seusers file contains a list GNU/Linux user to SELinux user mapping for use by SELinux-aware login applications such as PAM(8). selinux_usersconf_path(3)...
user_contexts
These optional user context configuration files contain entries that allow SELinux-aware login applications such as PAM(8) (running in their own process...
virtual_domain_context
The virtual_domain_context file contains a list of domain contexts that are available for use by the SELinux-aware virtulization API libvirt (see libvirtd(8))...
virtual_image_context
The virtual_image_context file contains a list of image contexts for use by the SELinux-aware virtulization API libvirt (see libvirtd(8))...
System Administration (Section 8)
avcstat
Display SELinux AVC statistics. If the interval parameter is specified, the program will loop, displaying updated statistics every interval seconds. Relative...
booleans
This manual page describes SELinux policy booleans. The SELinux policy can include conditional rules that are enabled or disabled based on the current values of...
getenforce
getenforce reports whether SELinux is enforcing, permissive, or disabled.
getsebool
getsebool reports where a particular SELinux boolean or all SELinux booleans are on or off In certain situations a boolean can be in one state with a pending...
matchpathcon
matchpathcon queries the system policy and outputs the default security context associated with the filepath. Note: Identical paths can have different security...
sefcontext_compile
sefcontext_compile is used to compile file context regular expressions into pcre(3) format. The compiled file is used by libselinux file labeling functions. By...
selinux
NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating system. The SELinux...
selinuxconlist
selinuxconlist reports the list of context reachable for user from the current context or specified context -l level mcs/mls level
selinuxdefcon
selinuxdefcon reports the default context for the specified user from the specified context -l level mcs/mls level
selinuxenabled
Indicates whether SELinux is enabled or disabled.
selinuxexeccon
selinuxexeccon reports the SELinux process context for the specified command from the specified context or the current context.
setenforce
Use Enforcing or 1 to put SELinux in enforcing mode. Use Permissive or 0 to put SELinux in permissive mode. If SELinux is disabled and you want to enable it, or...