4.10. How do I view the status of my LIDS system?

In order to use the "-V" option, you must have compiled lidsadm with the view option enabled. (which is standard behaviour, see above). At the command line, enter:
bash# lidsadm -V
This will produce output similar to the following on a 2.4.x kernel:
VIEW
                     CAP_CHOWN 0
              CAP_DAC_OVERRIDE 0
           CAP_DAC_READ_SEARCH 0
                    CAP_FOWNER 0
                    CAP_FSETID 0
                      CAP_KILL 0
                    CAP_SETGID 0
                    CAP_SETUID 0
                   CAP_SETPCAP 0
           CAP_LINUX_IMMUTABLE 0
          CAP_NET_BIND_SERVICE 0
             CAP_NET_BROADCAST 0
                 CAP_NET_ADMIN 0
                   CAP_NET_RAW 0
                  CAP_IPC_LOCK 0
                 CAP_IPC_OWNER 0
                CAP_SYS_MODULE 0
                 CAP_SYS_RAWIO 0
                CAP_SYS_CHROOT 0
                CAP_SYS_PTRACE 0
                 CAP_SYS_PACCT 0
                 CAP_SYS_ADMIN 0
                  CAP_SYS_BOOT 1
                  CAP_SYS_NICE 0
              CAP_SYS_RESOURCE 1
                  CAP_SYS_TIME 0
            CAP_SYS_TTY_CONFIG 0
                     CAP_MKNOD 0
                     CAP_LEASE 0
                    CAP_HIDDEN 1
            CAP_KILL_PROTECTED 0
                 CAP_PROTECTED 0
                          LIDS 0
                   LIDS_GLOBAL 1
                   RELOAD_CONF 0
As you can see from the output above, this system has an LFS active. However, LIDS is enabled globally. The items with a "1" next to them are enabled, and those items with a "0" next to them are disabled. Except for the last two capabilities, root normally has all of the above capabilities. Thanks to LIDS, root only has capabilities CAP_SYS_BOOT, CAP_SYS_RESOURCE, and CAP_HIDDEN in this particular case (NOTE: CAP_HIDDEN isn't a capability provided by the standard Linux kernel).