This command displays the SE Linux status for this SLX-OS device.
Privilege Execution Mode
The following information is displayed:
| Output field | Description |
|---|---|
| SE Linux status | This field shows whether the SE Linux module is enabled or disabled on the system. |
| SE Linuxfs mount | This field shows the SE Linux temporary file system mount point. |
| SE Linux root directory | This field shows the location where all the SE Linux configuration files are stored. |
| Loaded policy name | This field shows the type of SE Linux policy that is currently loaded. |
| Current mode | This field shows current active SE Linux mode |
| Mode from config file | This field shows the mode from the selinux config
file (/etc/selinux/config).
|
| Policy MLS status | This field shows the current status of MLS policy, which is enabled by default. |
| Policy deny_unknown status | This field shows the current status of the deny_unknown
flag flag in the policy, which is set to allowed by
default. |
| Memory protection checking | This field shows whether SE Linux checks the protection requested by
the application or the protection that is applied by the kernel for
mmap and mprotect
calls. |
| Max kernel policy version | This field shows the current version of the SE Linux policy. |
The following example shows the use of this command to view the current SE Linux status.
SLX # show selinux status SE Linux status: enabled SE Linuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: mls Current mode: permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Memory protection checking: actual (secure) Max kernel policy version: 31