Translations:SELinux/11/en

SELinux uses a modular approach on its policies. Core permissions are contained within the "base" policy whereas additional privileges are defined in SELinux modules. You can list the currently loaded SELinux modules through semodule -l. As a policy module contains definitions (what domains are provided by the module, which resources are labeled and how are they labeled), privileges (what interactions are allowed), optional privileges (which are triggered through SELinux booleans) and more, it is sometimes warranted to have a more elaborate document on the specifics of that module.