• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
 "sestatus.conf" "5" "26-Nov-2011" "Security Enhanced Linux" "sestatus configuration file"


 "NAME"
sestatus.conf - The sestatus(8) configuration file.


 "DESCRIPTION"
The sestatus.conf file is used by the sestatus(8) command with the -v option to determine what file and process security contexts should be displayed.
The fully qualified path name of the configuration file is:


/etc/sestatus.conf



The file consists of two optional sections as described in the FILE FORMAT section. Whether these exist or not, the following will always be displayed:


The current process context


The init process context


The controlling terminal file context




 "FILE FORMAT"
The format consists of two optional sections as follows:


 [files] 

 file_name 

 [file_name] 

 ...  [process] 

 executable_file_name 

 [executable_file_name] 

 ... 

Where:


 [files] 

The start of the file list block.


 file_name 

One or more fully qualified file names, each on a new line will that will have its context displayed. If the file does not exist, then it is ignored. If the file is a symbolic link, then sestatus -v will also display the target file context.


 [process] 

The start of the process list block.


 executable_file_name 

One or more fully qualified executable file names that should it be an active process, have its context displayed. Each entry is on a new line.






 "EXAMPLE"
# /etc/sestatus.conf


[files]


/etc/passwd


/etc/shadow


/bin/bash


/bin/login


/lib/libc.so.6


/lib/ld-linux.so.2


/lib/ld.so.1
[process]


/sbin/mingetty


/sbin/agetty


/usr/sbin/sshd




 "SEE ALSO"
 selinux "(8), " sestatus "(8) "