Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

runcon

v(uutils coreutils) 0.8.0 
runcon CONTEXT COMMAND [ARG...]
runcon [-c] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [ARG...]

Run command with specified security context under SELinux enabled systems.

Options

--compute, -c

Compute process transition context before modifying.

--user=<USER>, -u <USER>

Set user USER in the target security context.

--role=<ROLE>, -r <ROLE>

Set role ROLE in the target security context.

--type=<TYPE>, -t <TYPE>

Set type TYPE in the target security context.

--range=<RANGE>, -l <RANGE>

Set range RANGE in the target security context.

Run COMMAND with completely-specified CONTEXT, or with current or transitioned security context modified by one or more of LEVEL, ROLE, TYPE, and USER.

If none of –compute, –type, –user, –role or –range is specified, then the first argument is used as the complete context.

Note that only carefully-chosen contexts are likely to successfully run.

If neither CONTEXT nor COMMAND is specified, the current security context is printed.

Examples

Print the security context of the current execution context:

runcon

Specify the domain to run a command in:

runcon {{[-t|--type]}} {{domain}}_t {{command}}

Specify the context role to run a command with:

runcon {{[-r|--role]}} {{role}}_r {{command}}

Specify the full context to run a command with:

runcon {{user}}_u:{{role}}_r:{{domain}}_t {{command}}

The examples are provided by the tldr-pages project under the CC BY 4.0 License.

Please note that, as uutils is a work in progress, some examples might fail.