This post lists some of the more commonly used command-line utilities for managing and operating SELinux.

 

utilities provided by policycoreutils package

 

The policycoreutils package installs the following utilities:

  • fixfiles: Fixes the security context on file systems
  • load_policy: Loads a new SELinux policy into the kernel
  • restorecon: Resets the security context on one or more files
  • setfiles: Initializes the security context on one or more files
  • secon: Displays the SELinux context from a file, program, or user input
  • semodule_package: Creates an SELinux policy module package
  • restorecond: Is a daemon that watches for file creation and sets the default file context
  • semodule: Manages SELinux policy modules
  • sestatus: Displays SELinux status
  • setsebool: Sets SELinux Boolean value

 

Utilities provided by libselinux-utils package

 

The libselinux-utils package installs the following utilities:

  • avcstat: Displays SELinux AVC statistics
  • getenforce: Reports the current SELinux mode
  • getsebool: Reports SELinux Boolean values
  • matchpathcon: Queries the system policy and displays the default security context associated with the file path
  • selinuxconlist: Displays all of the SELinux context reachable for a user
  • selinuxdefcon: Displays the default SELinux context for a user
  • selinuxenabled: Indicates whether SELinux is enabled
  • setenforce: Modifies the SELinux mode

 

Utilities provided by setools-console package

 

The setools-console package installs the following utilities:

  • findcon: An SELinux file context search tool
  • sechecker: An SELinux policy checking tool
  • sediff: An SELinux policy difference tool
  • seinfo: An SELinux policy query tool
  • sesearch: An SELinux policy query tool

 

Utilities provided by policycoreutils-python package

 

The policycoreutils-python package installs the following utilities:

  • semanage: Is an SELinux policy management tool
  • audit2allow, audit2why: Generates SELinux policy allow/don’t_audit rules from logs of denied operations
  • chcat: Changes or removes the security category for each file or user
  • sandbox: Runs a command in an SELinux sandbox
  • semodule_package: Creates an SELinux policy module package

 

Utilities provided by policycoreutils-gui package

 

The policycoreutils-gui package installs the following utilities:

  • system-config-selinux: SELinux Administration GUI
  • selinux-polgengui: SELinux policy generation tool

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to install SQLite3 in CentOS 7?

Introduction SQLite is a C library that implements an SQL database engine. A complete database...
How to install the Sentora Web Hosting Control Panel on Centos/Ubuntu?

Sentora is a completely free web hosting control panel for Linux, UNIX and BSD based servers...
How To Install Webmin on CentOS 7

Webmin is a web-based interface for system administration for Linux-based servers. Step 1: Login...
How to install Drupal with PHP 7 on CentOS 7?

Drupal is a free and open source content management framework written in PHP and distributed...
How to install Laravel 5.5 + PHP 7.1 with Apache on CentOS 7

Laravel is a powerful MVC-PHP framework, designed for developers who need a simple and elegant...