1sestatus.conf(5) sestatus configuration file sestatus.conf(5)
2
6 sestatus.conf - The sestatus(8) configuration file.
7
10 The sestatus.conf file is used by the sestatus(8) command with the -v
11 option to determine what file and process security contexts should be
12 displayed.
13 The fully qualified path name of the configuration file is:
15 /etc/sestatus.conf
16 The file consists of two optional sections as described in the FILE
18 FORMAT section. Whether these exist or not, the following will always
19 be displayed:
20 The current process context
21 The init process context
22 The controlling terminal file context
23
26 The format consists of two optional sections as follows:
27 [files]
28 file_name
29 [file_name]
30 ...
31 [process]
33 executable_file_name
34 [executable_file_name]
35 ...
36 Where:
38 [files]
39 The start of the file list block.
40 file_name
41 One or more fully qualified file names, each on a new
42 line will that will have its context displayed. If the
43 file does not exist, then it is ignored. If the file is a
44 symbolic link, then sestatus -v will also display the
45 target file context.
46 [process]
48 The start of the process list block.
49 executable_file_name
50 One or more fully qualified executable file names that
51 should it be an active process, have its context dis‐
52 played. Each entry is on a new line.
53
56 # /etc/sestatus.conf
57 [files]
58 /etc/passwd
59 /etc/shadow
60 /bin/bash
61 /bin/login
62 /lib/libc.so.6
63 /lib/ld-linux.so.2
64 /lib/ld.so.1
65 [process]
67 /sbin/mingetty
68 /sbin/agetty
69 /usr/sbin/sshd
70
73 selinux(8), sestatus(8)
74Security Enhanced Linux 26-Nov-2011 sestatus.conf(5)