How to understand the security context in "ls -Z"?
10,021
SELinux provides a user (unconfined_u), a role (object_r), a type (user_home_t), and a level (s0). This information is used to make access control decisions. On DAC systems, access is controlled based on Linux user and group IDs. SELinux policy rules are checked after DAC rules. SELinux policy rules are not used if DAC rules deny access first.
This link can give you more information for your question.
Related videos on Youtube
06 : 13
6. Linux - List files, directoris and permissions using "ls" commands
09 : 56
Kubernetes Security Context | Kubernetes For Beginners
13 : 08
Learn useContext In 13 Minutes
33 : 41
Cisco ASA Training Zero To Hero | Security Context | Part 1 | Lesson 16
05 : 01
Kubernetes Quick Hits: SecurityContext and why not to run as root
Author by
Nan Xiao
Updated on September 18, 2022Comments
-
Nan Xiao almost 2 years
After referring "
man ls", it shows "ls -Z" can display the security context:-Z, --context Display security context so it fits on most displays. Displays only mode, user, group, security context and file name.Executing the "
ls -Z" command, the output likes this:[root@localhost ~]# ls -Z -rw-------. root root system_u:object_r:admin_home_t:s0 anaconda-ks.cfg drwxrwxrwx. root root unconfined_u:object_r:admin_home_t:s0 backupHow to understand the security context:
unconfined_u:object_r:admin_home_t:s0? The "man ls" doesn't provide the info.