SELinux is a Linux feature that provides a mechanism for supporting access control security policies in the Linux kernel. In this post, i will share on how to check Security-Enhanced Linux (SELinux) status on linux CentOS 5.8 server. First method to check the SELinux status is using sestatus command. Another method is check through configuration file.
1. Simply run sestatus command to immediately display the SELinux status :
[[email protected] ~]# sestatus
SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 21 Policy from config file: targeted
2. Display “/etc/selinux/config” config file to get SELINUX status :
[[email protected] ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of these two values: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. # mls - Multi Level Security protection. SELINUXTYPE=targeted # SETLOCALDEFS= Check local definition changes SETLOCALDEFS=0
In above configuration file, SELinux is set to “SELINUX=enforcing”, meaning that SELinux is enabled.