chcon

v0.0.28 
chcon [OPTION]... CONTEXT FILE...
chcon [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE...
chcon [OPTION]... --reference=RFILE FILE...

Change the SELinux security context of each FILE to CONTEXT. With --reference, change the security context of each FILE to that of RFILE.

Options

--help

Print help information.

--dereference

Affect the referent of each symbolic link (this is the default), rather than the symbolic link itself.

--no-dereference, -h

Affect symbolic links instead of any referenced file.

--preserve-root

Fail to operate recursively on '/'.

--no-preserve-root

Do not treat '/' specially (the default).

--reference=<RFILE>

Use security context of RFILE, rather than specifying a CONTEXT value.

--user=<USER>, -u <USER>

Set user USER in the target security context.

--role=<ROLE>, -r <ROLE>

Set role ROLE in the target security context.

--type=<TYPE>, -t <TYPE>

Set type TYPE in the target security context.

--range=<RANGE>, -l <RANGE>

Set range RANGE in the target security context.

--recursive, -R

Operate on files and directories recursively.

-H

If a command line argument is a symbolic link to a directory, traverse it. Only valid when -R is specified.

-L

Traverse every symbolic link to a directory encountered. Only valid when -R is specified.

-P

Do not traverse any symbolic links (default). Only valid when -R is specified.

--verbose, -v

Output a diagnostic for every file processed.

Examples

View security context of a file:

ls -lZ {{path/to/file}}

Change the security context of a target file, using a reference file:

chcon --reference={{reference_file}} {{target_file}}

Change the full SELinux security context of a file:

chcon {{user}}:{{role}}:{{type}}:{{range/level}} {{filename}}

Change only the user part of SELinux security context:

chcon -u {{user}} {{filename}}

Change only the role part of SELinux security context:

chcon -r {{role}} {{filename}}

Change only the type part of SELinux security context:

chcon -t {{type}} {{filename}}

Change only the range/level part of SELinux security context:

chcon -l {{range/level}} {{filename}}

The examples are provided by the tldr-pages project under the CC BY 4.0 License.

Please note that, as uutils is a work in progress, some examples might fail.