Search This Blog

Sunday, July 31, 2011

List and identify SELinux file and process context

List file context
#ll -Z filename

SELinux uses three different contexts to enforce security: user, role, and domain

User context:
unconfined_u Unprotected user
system_u System user
user_u Normal user

Role context:
object_r File
system_r Users and processes

Domain context:
unconfined_r Unprotected file or process

To see Process context
#ps -Zl