NAME
chcon —
alter SELinux context of files and
directory trees
SYNOPSIS
chcon |
[-v]
[-h|--dereference]|[-R
[-P|-H|-L]
[-x]
[--[no-]preserve-root]]
context file… |
chcon |
[-v]
[-h|--dereference]|[-R
[-P|-H|-L]
[-x]
[--[no-]preserve-root]]
[-u user]
[-r role]
[-t type]
[-l range]
file… (with at least one of
-urtl) |
chcon |
[-v]
[-h|--dereference]|[-R
[-P|-H|-L]
[-x]
[--[no-]preserve-root]]
--reference=ref-file
file… |
DESCRIPTION
Labels files (and, with
-R, their children) with the specified context:
- with context
- context,
- with at least one of
-urtl - the file's current label with the specified fields altered,
- with
--reference - the label of ref-file (symbolic link always followed).
If a file is already labelled with the target context, it is not re-set.
OPTIONS
-v,--verbose- Note each file processed to the standard output stream.
-h,--no-dereference- Label symbolic links themselves, not their targets.
--dereference- Follow symbolic links when labelling. This is the default, unless
-R. -R,--recursive- Also change context of all of files' descendants, depth-first.
-P-hand don't follow any symbolic links during the descent. This is the default.-H--dereferenceand only follow files, but not any of their descendants.-L--dereferenceand follow all symbolic links.-x,--one-file-system- Don't label or descend to filesystems (mount-points) different than their corresponding file.
--preserve-root- With
-R, refuse to process /. --no-preserve-root- Don't. This is the default.
-u,--user=user- Change user (the first field) to user.
-r,--role=role- Change role (the second field) to role.
-t,--type=type- Change type (the third field) to type.
-l,--range=range- Change level-range (the fourth field) to range.
EXIT STATUS
1 if a
file was unlabelled in -urtl mode,
ref-file was unlabelled (or didn't exist), a file
couldn't be labelled, a directory couldn't be read with
-R, or -R
--preserve-root and / was
encountered.
SEE ALSO
STANDARDS
Compatible with the GNU system. -x is an
extension.