You are here SELinux / SELinux Context
SELinux labels all of its subjects and objects with a context. SELinux rules may be written that determine which context an object receives at creation. Additionally, rules may be written that determine which operations a user may perform on an object given the context of the subject and the context of the object. The RBAC features of SELinux determine which contexts a given subject may acquire.
The SELinux context consists of four components:
The following diagram shows the structure of a typical SELinux context and gives further information about the characteristics of each component.
SELinux Context Diagram