SELinux Interview Questions

1) What are Booleans?

Answer: Booleans are SELinux policy rules which changes behaviour of selinux policies. Booleans can be enabled/disabled.

2) What parameter can be set at boot time to enable/disable SELinux?


For Enableling SELinux: selinux=1 OR enforcing=1

For Disabling SELinux: selinux=0 OR enforcing=0

3) What is the main configuration file for SELinux where the SELinux status can be changed permanently?

Answer: /etc/selinux/config

4) Where SELinux violation logs are generated?

Answer: /var/log/audit/audit.log

5) How to enable SELinux logs to be sent to /var/log/messages?

Answer: Install setroubleshoot-server package. setroubleshootd services will generate SELinux logs in /var/log/messages.

6) How to display SELinux policies which are manually changed/modified?

Answer: # semanage boolean -l -C

7) What is the importance of hidden file /.autorelabel?

Answer: At boot time, init.rc checks for the existence of /.autorelabel. If this file exists, SELinux performs a complete file system relabel (using the /sbin/fixfiles -f -F relabel command), and then deletes /.autorelabel.