In the last tutorial I wrote about two commands: chcon and restorecon.
Today I will show you one list with some of the more commonly used command-line utilities for managing and operating SELinux provided by utilities:
by policycoreutils package:
- fixfiles: Fixes the security context on file systems
- load_policy: Loads a new SELinux policy into the kernel
- restorecon: Resets the security context on one or more files
- setfiles: Initializes the security context on one or more files
- secon: Displays the SELinux context from a file, program, or user input
- semodule_package: Creates an SELinux policy module package
- restorecond: Is a daemon that watches for file creation and sets the default file context
- semodule: Manages SELinux policy modules
- sestatus: Displays SELinux status
- setsebool: Sets SELinux Boolean value
by libselinux-utils package:
- avcstat: Displays SELinux AVC statistics
- getenforce: Reports the current SELinux mode
- getsebool: Reports SELinux Boolean values
- matchpathcon: Queries the system policy and displays the default security context associated with the file path
- selinuxconlist: Displays all of the SELinux context reachable for a user
- selinuxdefcon: Displays the default SELinux context for a user
- selinuxenabled: Indicates whether SELinux is enabled
- setenforce: Modifies the SELinux mode
by setools-console package
- findcon: An SELinux file context search tool
- sechecker: An SELinux policy checking tool
- sediff: An SELinux policy difference tool
- seinfo: An SELinux policy query tool
- sesearch: An SELinux policy query tool
by policycoreutils-python package:
- semanage: Is an SELinux policy management tool
- audit2allow, audit2why: Generates SELinux policy allow/don’t_audit rules from logs of denied operations
- chcat: Changes or removes the security category for each file or user
- sandbox: Runs a command in an SELinux sandbox
- semodule_package: Creates an SELinux policy module package
by policycoreutils-gui package:
- system-config-selinux: SELinux Administration GUI
- selinux-polgengui: SELinux policy generation tool