| chcon(1) | General Commands Manual | chcon(1) |
NAME¶
chcon - Change the SELinux security context of each FILE to CONTEXT. With --reference, change the security context of each FILE to that of RFILE.
SYNOPSIS¶
chcon [--dereference] [-h|--no-dereference] [--help] [--preserve-root] [--no-preserve-root] [--reference] [-u|--user] [-r|--role] [-t|--type] [-l|--range] [-R|--recursive] [-H ] [-L ] [-P ] [-v|--verbose] [-V|--version] [FILE]
DESCRIPTION¶
Change the SELinux security context of each FILE to CONTEXT. With --reference, change the security context of each FILE to that of RFILE.
OPTIONS¶
- --dereference
- Affect the referent of each symbolic link (this is the default), rather than the symbolic link itself.
- -h, --no-dereference
- Affect symbolic links instead of any referenced file.
- --help
- help
- --preserve-root
- Fail to operate recursively on '/'.
- --no-preserve-root
- Do not treat '/' specially (the default).
- --reference <RFILE>
- Use security context of RFILE, rather than specifying a CONTEXT value.
- -u, --user <USER>
- Set user USER in the target security context.
- -r, --role <ROLE>
- Set role ROLE in the target security context.
- -t, --type <TYPE>
- Set type TYPE in the target security context.
- -l, --range <RANGE>
- Set range RANGE in the target security context.
- -R, --recursive
- Operate on files and directories recursively.
- -H
- If a command line argument is a symbolic link to a directory, traverse it. Only valid when -R is specified.
- -L
- Traverse every symbolic link to a directory encountered. Only valid when -R is specified.
- -P
- Do not traverse any symbolic links (default). Only valid when -R is specified.
- -v, --verbose
- Output a diagnostic for every file processed.
- -V, --version
- Print version
- [FILE]
VERSION¶
v(uutils coreutils) 0.7.0
EXAMPLES¶
View security context of a file:
ls [-lZ|-l --context] path/to/file
Change the security context of a target file, using a reference file:
chcon --reference reference_file target_file
Change the full SELinux security context of a file:
chcon user:role:type:range/level filename
Change only the user part of SELinux security context:
chcon [-u|--user] user filename
Change only the role part of SELinux security context:
chcon [-r|--role] role filename
Change only the type part of SELinux security context:
chcon [-t|--type] type filename
Change only the range/level part of SELinux security context:
chcon [-l|--range] range/level filename
The examples are provided by the tldr-pages project <https://tldr.sh> under the CC BY 4.0 License. Please note that, as uutils is a work in progress, some examples might fail.
| chcon (uutils coreutils) 0.7.0 |