SElinux is a Security-Enhanced Linux – a framework for securely managing processes, users and files on your Red Hat Enterprise Linux OS.
If you’re using a Red Hat based system or one of the distros based on it – CentOS Linux or Fedora Linux desktop, you probably have SELinux enabled by default.
First of all, confirm SELinux status: it’s going to be in one of these three modes:
Everything under SELinux control is managed by SELinux policy and its objects. Processes, users and files have SELinux contexts. It’s easy enough to list SELinux contexts for files and to show SELinux contexts for processes.
SELinux context is the combination of such additional information:
You can review audit logs for SELinux events to understand requirements of a particular application and later use the same logs to create SELinux module – special set of rules that can be compiled and activated to expand existing SELinux policy.
SELinux has its own users – identities that you can create and map to existing real Linux users in your system.
Learn how to use sestatus command for reporting SELinux state of key OS files – you get a listing of important configuration files and indication whether their SELinux contexts are what they should be.