table of contents
| sestatus.conf(5) | sestatus configuration file | sestatus.conf(5) |
NAME¶
sestatus.conf - The sestatus(8) configuration file.DESCRIPTION¶
The sestatus.conf file is used by the sestatus(8) command with the -v option to determine what file and process security contexts should be displayed.The fully qualified path name of the configuration file is:
/etc/sestatus.conf
The file consists of two optional sections as described in the FILE FORMAT section. Whether these exist or not, the following will always be displayed:
The current process context
The init process context
The controlling terminal file context
The init process context
The controlling terminal file context
FILE FORMAT¶
The format consists of two optional sections as follows:[files]
file_name
[file_name]
...
file_name
[file_name]
...
[process]
executable_file_name
[executable_file_name]
...
Where:
[files]
The start of the file list block.
file_name
One or more fully qualified file names, each on a new
line will that will have its context displayed. If the file does not exist,
then it is ignored. If the file is a symbolic link, then sestatus -v
will also display the target file context.
[process]
The start of the process list block.
executable_file_name
One or more fully qualified executable file names that
should it be an active process, have its context displayed. Each entry is on a
new line.
EXAMPLE¶
# /etc/sestatus.conf[files]
/etc/passwd
/etc/shadow
/bin/bash
/bin/login
/lib/libc.so.6
/lib/ld-linux.so.2
/lib/ld.so.1
[process]
/sbin/mingetty
/sbin/agetty
/usr/sbin/sshd
SEE ALSO¶
selinux(8), sestatus(8)| 26-Nov-2011 | Security Enhanced Linux |