Fedora 11 SELinux Guide - 3.2. SELinux Contexts for Processes

3.2. SELinux Contexts for Processes

$9.99

Use the ps -eZ command to view the SELinux context for processes. For example:

Open a terminal, such as Applications → System Tools → Terminal .
Run the /usr/bin/passwd command. Do not enter a new password.
Open a new tab, or another terminal, and run the ps -eZ | grep passwd command. The output is similar to the following:
```
unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 13212 pts/1 00:00:00 passwd
```
In the first tab, press Ctrl+C to cancel the passwd application.

In this example, when the /usr/bin/passwd application (labeled with the passwd_exec_t type) is executed, the user's shell process transitions to the passwd_t domain. Remember: the type defines a domain for processes, and a type for files.

Use the ps -eZ command to view the SELinux contexts for running processes. The following is a limited example of the output, and may differ on your system:

system_u:system_r:setroubleshootd_t:s0 1866 ?  00:00:08 setroubleshootd
system_u:system_r:dhcpc_t:s0     1869 ?        00:00:00 dhclient
system_u:system_r:sshd_t:s0-s0:c0.c1023 1882 ? 00:00:00 sshd
system_u:system_r:gpm_t:s0       1964 ?        00:00:00 gpm
system_u:system_r:crond_t:s0-s0:c0.c1023 1973 ? 00:00:00 crond
system_u:system_r:kerneloops_t:s0 1983 ?       00:00:05 kerneloops
system_u:system_r:crond_t:s0-s0:c0.c1023 1991 ? 00:00:00 atd

The system_r role is used for system processes, such as daemons. Type Enforcement then separates each domain.