Bash Wiki
Pages (Latest 10 updated) :
- README.md
- [Linux] Bash zip cách sử dụng: Nén và lưu trữ tệp
- [Linux] Bash zip Kullanımı: Dosyaları sıkıştırma aracı
- [Linux] Bash zip การใช้งาน: การบีบอัดไฟล์
- [台灣] Bash zip 使用法: 壓縮檔案
- [Linux] Bash zip uso: Comprimir archivos y directorios
- [Linux] Bash zip использование: Сжатие файлов и папок
- [Linux] Bash zip Uso: Compactar arquivos e diretórios
- [Linux] Bash zip użycie: Kompresja plików
- [لینوکس] Bash zip استفاده: فشردهسازی فایلها
[Linux] Bash getenforce用法: Check SELinux status
Overview
The getenforce command is used to check the current mode of SELinux (Security-Enhanced Linux) on a system. It returns the status of SELinux, which can be either Enforcing, Permissive, or Disabled. This command is essential for system administrators to understand the security context of their Linux environment.
Usage
The basic syntax of the getenforce command is as follows:
getenforce [options]
Common Options
The getenforce command has no options; it simply returns the current SELinux mode.
Common Examples
Here are some practical examples of using the getenforce command:
- Check SELinux Status
To check the current status of SELinux, simply run:
getenforce - Using in a Script
You can use
getenforcein a script to take action based on the SELinux status. For example:if [ "$(getenforce)" == "Enforcing" ]; then echo "SELinux is in Enforcing mode." else echo "SELinux is not in Enforcing mode." fi - Redirecting Output
You can redirect the output to a file for logging purposes:
getenforce > selinux_status.log
Tips
- Always check the SELinux status after making changes to the system configuration to ensure that security policies are being enforced as expected.
- Use
getenforcein combination with other SELinux management commands likesetenforceto manage SELinux modes effectively. - Consider incorporating
getenforceinto your monitoring scripts to alert you if the SELinux status changes unexpectedly.