How To List All SELinux Contexts [2023]

Tutorial To List All SELinux Contexts

Security-Enhanced Linux (SELinux) is a Linux security model where administrators can determine the access of the system for other users. SELinux defines access controls for the applications, processes, and files on Linux. It uses a set of rules or policies that tell SELinux what can or can’t be accessed.  It was originally developed by the United States National Security Agency (NSA) and was released to the open-source community in 2000. It was integrated into the upstream Linux kernel in 2003.

In this SELinux tutorial post, we will show you the simple way to list all Security Enhanced Linux (SE) or SELinux Contexts.

How to List the SELinux Contexts

Let’s have a look into the solution to list every SELinux context on the Linux operating system. Most of the Linux commands have the -Z option to display SELinux contexts.

For example, The ps command can be used to view processes along with their SELinux contexts:

ps axZ

Or you can also use the ps command with option -ZC, to view the SELinux context of a process specified as an argument.

ps -ZC sleep

You can also run the following command to view the SELinux context of files and directories:

ls -Z filename2
-rwxrw-r-- user1 group1 unconfined_u:object_r:user_home_t:s0 filename2

You can also use the “stat” command to display the information regarding the file and the SELinux context.

stat filename.txt