SELinux or Security Enhanced Linux provides extra security for Linux distributions. SELinux is generally installed on enterprise Linux distributions like Ubuntu Server, RHEL, CentOS, etc., and generally enabled by default. But this case may change according to different situations. SELinux provides 3 modes called Enforcing , Permissive and Disabled . In this tutorial, we explain how to check the SELinux status.
Check SELinux Status with sestatus Command
The easiest and most popular way is using the sestatus command in order to print the SELinux status. There is no need for an extra privilege where a regular user can execute the sestatus command.
$ sestatus
Check SELinux Status with getenforce Command
Another useful command to check SELinux status is getenforce command. It is very similar to the sestatus command. But the getenforce command outputs a very simple description that only shows the current mode.
$ getenforceEnforcing
Check SELinux Status via /etc/selinux/config File
The /etc/selinux/config file is used to store SELinux configuration. This configuration file also stores the status of the SELinux. By printing this file the SELinux status can be displayed. The SELINUX line shows the SELinux status.
$ cat /etc/selinux/config