8

I'm trying to get an existing application running under SELinux which is causing endless pain. Matters would be eased somewhat if I knew what contexts the various components were running in - users have contexts, files have contexts but it seems that a process can also have a context which is only loosely related to the user and file (by an arbitrary set of rules in the policy).

Making some sense of the morass wold be facilitated if I knew what context a process was executing in - is there a command providing this as part of a standard installation?

I could look for the current process id in the output of ps auxZ, but these seems a somewhat ugly solution.

Improve this question

2 Answers 2

Reset to default
13

You can use id -Z or getpidcon $$

Improve this answer
5

The secon(1) command can print the current context in full or abbreviated formats:

$ secon --self user: staff_u role: unconfined_r type: unconfined_t sensitivity: s0 clearance: s0:c0.c1023 mls-range: s0-s0:c0.c1023 $ secon -P --self staff_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.