How do I tell if SELinux is working?

Jon August jon at
Wed Jun 22 22:45:25 UTC 2005

httpd is running with type:


What does this mean?  Is httpd a vulnerability on this machine?

On Jun 22, 2005, at 6:35 PM, Colin Walters wrote:

> On Wed, 2005-06-22 at 17:41 -0400, Jon August wrote:
>> I updated the policy after I found that there was a bug with starting
>> DHCP and since then I haven't had any issues getting things to work.
>> Things like a CGI script running sendmail to send an email - which
>> used to show up in the audit log, now work fine.
>> What can I do to see if SELinux is still paying attention?
> You can run 'ps axZ | grep processname' to see the security context  
> that
> a process is running under.  For example,
> [root at nexus walters]# ps axZ | grep httpd
> root:system_r:httpd_t            2723 ?        Ss     0:00 /usr/ 
> sbin/httpd
> If you see httpd_t then you can be pretty sure your CGI script is
> confined.  The only way it could not be, off the top of my head, is if
> you have a script labeled with the type  
> httpd_unconfined_script_exec_t.

More information about the fedora-selinux-list mailing list