Linux Advanced

What is SELinux?

Security-Enhanced Linux — a mandatory access control system that confines programs to minimum required privileges beyond standard file permissions.

SELinux, developed by the NSA, adds a layer of security beyond traditional Unix permissions. It assigns security labels (contexts) to files, processes, and ports, then enforces policies about what each labeled process can access. Even if a process runs as root, SELinux can restrict its capabilities. Three modes exist: Enforcing (blocks and logs violations), Permissive (logs but allows violations), and Disabled. Common commands include getenforce, setenforce, restorecon, and chcon. While SELinux has a steep learning curve, it significantly hardens Linux systems and is enabled by default on RHEL/CentOS/Fedora.

Learn More About This Topic

SELinux & AppArmor Guide

Directly covers this topic

Linux Permissions

Closely related

RHCSA EX200 Bonus Practice Book

Closely related

Related Terms

Linux Kernel Module

A piece of code that can be loaded into the kernel at runtime to extend functionality without rebooting, such as device drivers and filesystems.

A directory in the filesystem where a storage device or partition is attached and made accessible.

Redundant Array of Independent Disks — a technology combining multiple physical drives into a single unit for performance, redundancy, or both.

A Linux security module that restricts program capabilities using per-application profiles, simpler to configure than SELinux.

Network Namespace

A Linux kernel feature that provides isolated network stacks with independent interfaces, routing tables, and firewall rules.

A utility that manages automatic rotation, compression, and removal of log files to prevent disk space exhaustion.

View All Linux Terms →