home blog portfolio Ian Fisher
wiki > selinux
44 words + 10 lines of code
Published 31 Aug 2025
Last updated 21 Sep 2025

SELinux

Security-Enhanced Linux – a Linux kernel module and userspace tools for stronger access controls in the kernel.

I won't pretend to know anything about SELinux, but as I've sometimes had to deal with it on Arch Linux, I've taken down some notes here.

Cheatsheet

# view a file's context
$ secon --file FILE
# or just
$ ls -Z FILE

# change a file's type to 'bin_t'
$ sudo chcon -t bin_t FILE

# see recent 'avc' (= denial) audit events
$ sudo ausearch -ts recent -m avc -i