.TH "sestatus" "8" "26 Nov 2011" "Security Enhanced Linux" "SELinux command line documentation"
.SH "NAME"
sestatus \- SELinux status tool

.SH "SYNOPSIS"
.B sestatus
.I [\-v] [\-b]  
.P
This tool is used to get the status of a system running SELinux.

.SH "DESCRIPTION"
This manual page describes the
.BR sestatus
program.
.sp
This tool is used to get the status of a system running SELinux. It displays data about whether SELinux is enabled or disabled, location of key directories, and the loaded policy with its status as shown in the example:
.RS
> sestatus
.br
SELinux status:              enabled
.br
SELinuxfs mount:             /selinux
.br
SELinux root directory:      /etc/selinux
.br
Loaded policy name:          targeted
.br
Current mode:                permissive
.br
Mode from config file:       enforcing
.br
Policy MLS status:           enabled
.br
Policy deny_unknown status:  allow
.br
Max kernel policy version:   26
.RE
.sp
\fBsestatus\fR can also be used to display:
.RS
.IP "-" 4
The security context of files and processes listed in the \fI/etc/sestatus.conf\fR file. The format of this file is described in \fBsestatus.conf\fR(5).
.IP "-" 4
The status of booleans.
.RE

.SH "OPTIONS"
.B \-v
.RS
Displays the contexts of files and processes listed in the \fI/etc/sestatus.conf\fR file. It also checks whether the file is a symbolic link, if so then the context of the target file is also shown.
.sp
The following contexts will always be displayed:
.RS
The current process context
.br
The init process context
.br
The controlling terminal file context
.RE
.RE
.sp
.B \-b
.RS
Display the current state of booleans.
.RE

.SH "FILES"
.I /etc/sestatus.conf

.SH "AUTHOR"
This man page was written by Daniel Walsh <dwalsh@redhat.com>.
.br
The program was written by Chris PeBenito <pebenito@gentoo.org>

.SH "SEE ALSO"
.BR selinux "(8), " sestatus.conf "(5)