sestatus.conf(5) sestatus configuration file sestatus.conf(5)
NAME
sestatus.conf - The sestatus(8) configuration file.
DESCRIPTION
The sestatus.conf file is used by the sestatus(8) command with the -v
option to determine what file and process security contexts should be
displayed.
The fully qualified path name of the configuration file is:
/etc/sestatus.conf
The file consists of two optional sections as described in the FILE
FORMAT section. Whether these exist or not, the following will always
be displayed:
The current process context
The init process context
The controlling terminal file context
FILE FORMAT
The format consists of two optional sections as follows:
[files]
file_name
[file_name]
...
[process]
executable_file_name
[executable_file_name]
...
Where:
[files]
The start of the file list block.
file_name
One or more fully qualified file names, each on a new
line will that will have its context displayed. If the
file does not exist, then it is ignored. If the file is a
symbolic link, then sestatus -v will also display the
target file context.
[process]
The start of the process list block.
executable_file_name
One or more fully qualified executable file names that
should it be an active process, have its context dis-
played. Each entry is on a new line.
EXAMPLE
# /etc/sestatus.conf
[files]
/etc/passwd
/etc/shadow
/bin/bash
/bin/login
/lib/libc.so.6
/lib/ld-linux.so.2
/lib/ld.so.1
[process]
/sbin/mingetty
/sbin/agetty
/usr/sbin/sshd
SEE ALSO
selinux(8), sestatus(8)
Security Enhanced Linux 26-Nov-2011 sestatus.conf(5)
Linux-Distributionen
Huschi als Linux-Admin