The sestatus.conf file is used by the sestatus(8) command with the -v
option to determine what file and process security contexts should be
The fully qualified path name of the configuration file is:
The file consists of two optional sections as described in the FILEFORMAT section. Whether these exist or not, the following will always
The current process context
The init process context
The controlling terminal file context
The format consists of two optional sections as follows:
The start of the file list block.
One or more fully qualified file names, each on a new
line will that will have its context displayed. If the
file does not exist, then it is ignored. If the file is
a symbolic link, then sestatus -v will also display the
target file context.
The start of the process list block.
One or more fully qualified executable file names that
should it be an active process, have its context
displayed. Each entry is on a new line.
This page is part of the selinux (Security-Enhanced Linux user-space
libraries and tools) project. Information about the project can be
found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you
have a bug report for this manual page, see
page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2017-03-13. If you
discover any rendering problems in this HTML version of the page, or
you believe there is a better or more up-to-date source for the page,
or you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
Security Enhanced Linux 26-Nov-2011 sestatus.conf(5)