The seinfo command is a tool used to query information about the SELinux policy on a CentOS, Red Hat Enterprise Linux, or other Linux system. SELinux (Security-Enhanced Linux) is a kernel-level security feature that provides fine-grained control over access to resources on the system.
To display basic information about the SELinux policy, you can use the seinfo command with the -a option:
seinfo -a
This will display output similar to the following:
Policy Version: 28 Policy from config file: /etc/selinux/config Policy Type: targeted Policy MLS Status: enabled Policy Enabled: true Current Mode: enforcing
To display a list of all SELinux users, you can use the seinfo command with the -u option:
seinfo -u
This will display a list of all SELinux users, such as system_u, user_u, and unconfined_u.
To display a list of all SELinux roles, you can use the seinfo command with the -r option:
seinfo -r
This will display a list of all SELinux roles, such as object_r, system_r, and unconfined_r.
To display a list of all SELinux types, you can use the seinfo command with the -t option:
seinfo -t
This will display a list of all SELinux types, such as bin_t, etc_t, and home_t.
You can also use the seinfo command to display the permissions granted to a specific SELinux user, role, or type. For example, to display the permissions granted to the system_u user, you can use the following command:
seinfo -p -s system_u
This will display a list of all the permissions granted to the system_u user.
You can use the seinfo command with various options to query different aspects of the SELinux policy on your system. For more information, you can refer to the seinfo man page or the documentation for SELinux.