Thanks for the reply! > Calling /usr/sbin/sestatus should display several interesting > information: > > ====== > SELinux status: enabled > SELinuxfs mount: /sys/fs/selinux > SELinux root directory: /etc/selinux > Loaded policy name: refpolicy > Current mode: permissive > Mode from config file: permissive > Policy MLS status: enabled > Policy deny_unknown status: allowed > Max kernel policy version: 29 > ====== > > But this might be a bit too verbose, and I'm not sure whether the > output is considered stable.
I think that would be an important part to clarify, eventually if there is a parsable way to output this information; this will reduce the maintenance cost on reportbug side. > We could call /usr/sbin/selinuxenabled, but this tool doesn't indicate > if we are running in the permissive mode or not. This information is > important to know to see whether SELinux can be blocking something. > > Or we we could also, if don't want to rely on any external tools do > the following I guess: I'm ok in running sestatus, but it seems this tool is only available if you are using SELinux and thus u have installed the relative binaries, is there a way to identify if SELinux is enabled without using that tool? Regards, -- Sandro Tosi (aka morph, morpheus, matrixhasu) My website: http://matrixhasu.altervista.org/ Me at Debian: http://wiki.debian.org/SandroTosi _______________________________________________ Reportbug-maint mailing list Reportbug-maint@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reportbug-maint