=====Context=====

everything has a label. Each label is divided into 5 components

^  user _u$  |  **role _r$**  ^  type _t  |  **^sensitivity s**  ^  ^category c  |

These define what you can do in the selinux landscape

You can see the context using the **-Z** option 

**Examples**

To see options of a process
<code>
[root@host ~]# ps -ZC httpd
LABEL                               PID TTY          TIME CMD
system_u:system_r:httpd_t:s0       1550 ?        00:00:00 httpd
</code>

Your ID selinux context 
<code>
[brindleyp@dubrhsatserver62 ~]$ id -Z
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
</code>

Selinux of files and directories
<code>
[brindleyp@Test-RHEL9-01 ~]$ ls -lZ /etc/ssh
total 600
-rw-r--r--. 1 root root     system_u:object_r:etc_t:s0        1921 Jan 16  2023 ssh_config
drwxr-xr-x. 2 root root     system_u:object_r:etc_t:s0          28 Aug 23 12:44 ssh_config.d
</code>

to see Selinux context of a port
<code>
[root@Test-RHEL9-01 ~]# semanage port -l | grep ssh
ssh_port_t                     tcp      22
</code>

Changing Selinux mode

^  enforcing   1 | Selinux is enabled and working |
^  Permissive  0  | Selinux is enabled but not enforcing just logging |
^  Disabled  | Selinux is not working  |

to see your current mode use **getenforce**

You can change your selinux mode using **setenforce**

Selinux can now only be disabled by passing the **selinux=0** at the kernel level