Using SELinux Utilities

The following table describes the utilities that you can use to administer SELinux and information about the packages that contain each utility.

Utility	Package	Description
`audit2allow`	`policycoreutils-python-utils`	Generates SELinux policy `allow_audit` rules from logs of denied operations.
`audit2why`	`policycoreutils-python-utils`	Generates SELinux policy `don’t_audit` rules from logs of denied operations.
`avcstat`	`libselinux-utils`	Displays statistics for the SELinux Access Vector Cache (AVC).
`chcat`	`policycoreutils-python-utils`	Changes or removes the security category for a file or user.
`findcon`	`setools-console`	Searches for file context.
`fixfiles`	`policycoreutils`	Fixes the security context for file systems.
`getenforce`	`libselinux-utils`	Reports the current SELinux mode.
`getsebool`	`libselinux-utils`	Reports SELinux Boolean values.
`indexcon`	`setools-console`	Indexes file context.
`load_policy`	`policycoreutils`	Loads a new SELinux policy into the kernel.
`matchpathcon`	`libselinux-utils`	Queries the system policy and displays the default security context that's associated with the file path.
`replcon`	`setools-console`	Replaces file context.
`restorecon`	`policycoreutils`	Resets the security context on one or more files.
`restorecond`	`policycoreutils`	Daemon that watches for file creation and sets the default file context.
`sandbox`	`policycoreutils-python-utils`	Runs a command in an SELinux sandbox.
`sealert`	`setroubleshoot-server`, `setroubleshoot`	Acts as the user interface to the `setroubleshoot` system for diagnosing and explaining SELinux AVC denials and providing recommendations on how to prevent such denials.
`sechecker`	`setools-console`	Checks SELinux policies.
`secon`	`policycoreutils`	Displays the SELinux context from a file, program, or user input.
`sediff`	`setools-console`	Compares SELinux polices.
`seinfo`	`setools-console`	Queries SELinux policies.
`selinuxconlist`	`libselinux-utils`	Displays all SELinux contexts that are reachable by a user.
`selinuxdefcon`	`libselinux-utils`	Displays the default SELinux context for a user.
`selinuxenabled`	`libselinux-utils`	Indicates whether SELinux is enabled.
`semanage`	`policycoreutils-python-utils`	Manages SELinux policies.
`semodule`	`policycoreutils`	Manages SELinux policy modules.
`semodule_deps`	`policycoreutils`	Displays the dependencies between SELinux policy packages.
`semodule_expand`	`policycoreutils`	Expands a SELinux policy module package.
`semodule_link`	`policycoreutils`	Links SELinux policy module packages together.
`semodule_package`	`policycoreutils`	Creates a SELinux policy module package.
`sesearch`	`setools-console`	Queries SELinux policies.
`sestatus`	`policycoreutils`	Displays the SELinux mode and the SELinux policy that are in use.
`setenforce`	`libselinux-utils`	Changes the SELinux mode.
`setsebool`	`policycoreutils`	Sets SELinux Boolean values.
`setfiles`	`policycoreutils`	Sets the security context for one or more files.
`togglesebool`	`libselinux-utils`	Flips the current value of an SELinux Boolean.