What is the best way to find out (in a script) whether SElinux is used?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I want to have a script that acts slightly differently depending on whether SELinux is being used or not. What is the best way to do it?

My initial attempts to use "-e /etc/security/selinux" or "-e /selinux/enforce" all create log messages:

audit(1079689937.170:0): avc: denied { getattr } for pid=2662 exe=/bin/bash path=/etc/security/selinux dev=hda2 ino=3712021 scontext=aleksey:staff_r:staff_t tcontext=system_u:object_r:policy_config_t tclass=dir
audit(1079690744.526:0): avc: denied { getattr } for pid=3577 exe=/bin/bash path=/selinux/enforce dev= ino=4 scontext=aleksey:staff_r:staff_t tcontext=system_u:object_r:security_t tclass=file

--
Aleksey Nogin

Home Page: http://nogin.org/
E-Mail: nogin@xxxxxxxxxxxxxx (office), aleksey@xxxxxxxxx (personal)
Office: Jorgensen 70, tel: (626) 395-2907
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux