Skip to main content

SELinux (Security Enhanced)

====================================================================================

What is SELinux?

SELinux is a kernel-level access control system. SELinux acts like a gatekeeper, enforcing rules about what users, programs, and services can access on a system. SELinux is a complex but effective security tool. While it might seem like overkill for some users, it offers a strong layer of defense for those who need to seriously tighten up system security.

------------------------------------------------------------------------------------------------------------------------------------------------

SELinux comes pre-installed on most new RHEL systems (most likely not enabled, or set into an inactive mode).

Check SELinux status

sestatus

SELinux has 3 modes:

enforcing

 the strictest security setting. When enabled, SELinux actively enforces the security policies it has been configured with.

permissive

 SELinux logs attempted violations of the security policy but doesn't block them. This can be useful for troubleshooting purposes or when initially configuring SELinux policies for new applications.
disabled SELinux is disabled and it is not having any impact.
Back to top