.TH "sestatus" "8" "26 Nov 2011" "Security Enhanced Linux" "SELinux command line documentation" .SH "NAME" sestatus \- SELinux status tool .SH "SYNOPSIS" .B sestatus .I [\-v] [\-b] .P This tool is used to get the status of a system running SELinux. .SH "DESCRIPTION" This manual page describes the .BR sestatus program. .sp This tool is used to get the status of a system running SELinux. It displays data about whether SELinux is enabled or disabled, location of key directories, and the loaded policy with its status as shown in the example: .RS > sestatus .br SELinux status: enabled .br SELinuxfs mount: /selinux .br SELinux root directory: /etc/selinux .br Loaded policy name: targeted .br Current mode: permissive .br Mode from config file: enforcing .br Policy MLS status: enabled .br Policy deny_unknown status: allow .br Max kernel policy version: 26 .RE .sp \fBsestatus\fR can also be used to display: .RS .IP "-" 4 The security context of files and processes listed in the \fI/etc/sestatus.conf\fR file. The format of this file is described in \fBsestatus.conf\fR(5). .IP "-" 4 The status of booleans. .RE .SH "OPTIONS" .B \-v .RS Displays the contexts of files and processes listed in the \fI/etc/sestatus.conf\fR file. It also checks whether the file is a symbolic link, if so then the context of the target file is also shown. .sp The following contexts will always be displayed: .RS The current process context .br The init process context .br The controlling terminal file context .RE .RE .sp .B \-b .RS Display the current state of booleans. .RE .SH "FILES" .I /etc/sestatus.conf .SH "AUTHOR" This man page was written by Daniel Walsh <dwalsh@redhat.com>. .br The program was written by Chris PeBenito <pebenito@gentoo.org> .SH "SEE ALSO" .BR selinux "(8), " sestatus.conf "(5)