home blog portfolio Ian Fisher

SELinux

Security-Enhanced Linux – a Linux kernel module and userspace tools for stronger access controls in the kernel.

I won't pretend to know anything about SELinux, but as I've sometimes had to deal with it on Arch Linux, I've taken down some notes here.

Cheatsheet

# view a file's context
$ secon --file FILE

# change a file's type to 'bin_t'
$ sudo chcon -t bin_t FILE

# see recent 'avc' (= denial) audit events
$ sudo ausearch -ts recent -m avc -i