Brief guide to using SELinux

Here is a brief guide to using SELinux by example.

To turn SELinux on or off:

setenforce 1
setenforce 0

To show a list of SELinux labels on a file or directory:

ls -Z

Changing SELinux context labels:

chcon -R -u system_u -r object_r -t httpd_sys_content_t /srv/svn

Resetting context labels recursively on a directory:

/sbin/restorecon -vr public_html

Set SELinux tags using another directory as reference:

chcon -R --reference=/var/www/ /home/user1/www

Last updated: 03/02/2010