Security Enhanced Linux
Package “Security Enhanced Linux” has 38 man pages.
audit2allow(1) This utility scans the logs for messages logged when the system denied permission for operations, and generates a snippet of policy rules which, if loaded into... newrole(1) Run a new shell in a new context. The new context is derived from the old context in which newrole is originally executed. If the -r or --role option is... secon(1) See a part of a context. The context is taken from a file, pid, user input or the context in which secon is originally executed. selabel_lookup_best_match(3) selabel_lookup_best_match() performs a best match lookup operation on the handle hnd, returning the result in the memory pointed to by context, which must be... selabel_partial_match(3) selabel_partial_match() performs a partial match operation on the handle hnd, returning TRUE or FALSE. The key parameter is a file path to check for a direct or... selinux_restorecon(3) selinux_restorecon() restores file default security contexts on filesystems that support extended attributes (see xattr(7)), based on: pathname containing a... booleans(5) The booleans file, if present contains booleans to support a specific distribution. The booleans.local file, if present contains locally generated booleans... customizable_types(5) The customizable_types file contains a list of types that can be customised in some way by SELinux-aware applications. Generally this is a file context type... default_contexts(5) The default contexts configuration file default_contexts contains entries that allow SELinux-aware login applications such as PAM(8) SELinux-aware login... default_type(5) The default_type file contains entries that allow SELinux-aware applications such as newrole(1) to select a default type for a role if one is not supplied... failsafe_context(5) The failsafe_context file allows SELinux-aware applications such as PAM(8) to obtain a known valid login context for an administrator if no valid default... local.users(5) The file contains local user definitions in the form of policy language user statements and is only found on older SELinux systems as it has been deprecated and... removable_context(5) This file contains the default label that should be used for removable devices that are not defined in the media file (that is described in selabel_media(5))... securetty_types(5) The securetty_types file contains a list of types associated to secure tty type that are defined in the policy for use by SELinux-aware applications... selabel_db(5) The DB contexts backend maps from a pair of object name and class into security contexts. It is used to find the appropriate context for database objects when... selabel_file(5) The file contexts backend maps from pathname/mode combinations into security contexts. It is used to find the appropriate context for each file when relabeling... selabel_media(5) The media contexts backend maps from media device names such as "cdrom" or "floppy" into security contexts. It is used to find the appropriate context for... selabel_x(5) The X contexts backend maps from X Window System object names into security contexts. It is used to find the appropriate context for X Window System objects... service_seusers(5) These are optional files that allow services to define an SELinux user when authenticating via SELinux-aware login applications such as PAM(8). There is one... sestatus.conf(5) The sestatus.conf file is used by the sestatus(8) command with the -v option to determine what file and process security contexts should be displayed. The fully... seusers(5) The seusers file contains a list GNU/Linux user to SELinux user mapping for use by SELinux-aware login applications such as PAM(8). selinux_usersconf_path(3)... user_contexts(5) These optional user context configuration files contain entries that allow SELinux-aware login applications such as PAM(8) (running in their own process... virtual_domain_context(5) The virtual_domain_context file contains a list of domain contexts that are available for use by the SELinux-aware virtulization API libvirt (see libvirtd(8))... genhomedircon(8) genhomedircon is a script that executes semodule to rebuild the currently active SELinux policy (without reloading it) and to create the labels for each user... load_policy(8) load_policy loads the installed policy file into the kernel. The existing policy boolean values are automatically preserved across policy reloads rather than... semodule(8) semodule is the tool used to manage SELinux policy modules, including installing, upgrading, listing and removing modules. semodule may also be used to force a... semodule_deps(8) semodule_deps is a developer tool for showing the dependencies between policy packages. For each module it prints a list of modules that must be present for a... semodule_expand(8) semodule_expand is a developer tool for manually expanding a base policy module package into a kernel binary policy file. This tool is not necessary for normal... semodule_link(8) semodule_link is a developer tool for manually linking together a set of SELinux policy module packages into a single policy module package. This tool is not... semodule_package(8) semodule_package is the tool used to create a SELinux policy module package from a binary policy module and optionally other data such as file contexts... semodule_unpackage(8) semodule_unpackage is the tool used to extract the SELinux policy module and file context file from an SELinux Policy Package. sestatus(8) This manual page describes the sestatus program. This tool is used to get the status of a system running SELinux.