Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

replcon(1) [centos man page]

replcon(1)                                                    General Commands Manual                                                   replcon(1)

NAME

       replcon - SELinux file context replacement tool

SYNOPSIS

       replcon NEW_CONTEXT DIR [OPTIONS] [EXPRESSION]

DESCRIPTION

       replcon allows the user to find and replace file contexts.  Replacements can be filtered by object class as described below.

REQUIRED ARGUMENTS

       NEW_CONTEXT
              The replacement context as expressed as a partial context, described below.

       DIR    Initial directory to begin searching.  The tool will recurse into any subdirectories, so be sure there are no circular mounts within
              it.

EXPRESSION

       The following options allow the user to specify which files to find.  A file must meet  all  specified  criteria  for  its  context  to  be
       replaced.  If no expression is provided, all files' contexts are replaced.

       -t TYPE, --type=TYPE
              Search for files with a context containing the type TYPE.

       -u USER, --user=USER
              Search for files with a context containing the user USER.

       -r ROLE, --role=ROLE
              Search for files with a context containing the role ROLE.

       -m RANGE, --mls-range=RANGE
              Search for files with a context with the MLS range of RANGE.  Note that replcon ignores the SELinux translation library, if present.
              In addition, this flag is ignored if DIR has no MLS information.

       --context=CONTEXT
              Search for files matching this partial context.  This flag overrides -t, -u, -r, and -m.

       -p PATH, --path=PATH
              Search for files which include PATH.

       -c CLASS, --class=CLASS
              Search only files of object class CLASS.

OPTIONS

       -v, --verbose
              Display context info during replacement.

       -h, --help
              Print help information and exit.

       -V, --version
              Print version information and exit.

PARTIAL CONTEXT

       The --context flag and NEW_CONTEXT argument specify a partial context, which is a a colon separated list of user, role, and type.   If  the
       system  supports  MLS, the context may have a fourth field that gives the range.  With --context if a field is not specified or is the lit-
       eral asterisk, then the query will always match the field.  With NEW_CONTEXT if a field is not specified or is the literal  asterisk,  then
       that portion of the context will not be modified.

OBJECT CLASSES

       Valid object class strings are

       block, char, dir, fifo, file, link, or sock.

NOTE

       The replcon utility always operates on "raw" SELinux file contexts.  If the system has an installed translation library (i.e., libsetrans),
       those translations are ignored in favor of reading the original contexts from the filesystem.

EXAMPLES

       replcon ::type_t: .
              Replace every context's type in the current directory with type_t.  The user and role portion remain unchanged.

       replcon -u user_u *:role_r:* .
              Replace every context's role with user user_u in the current directory with role_r.  The user and type portion remain unchanged.

       replcon --context ::type_t:s0 :::s0:c0 /tmp
              Replace every context with type type_t and MLS range s0 in /tmp with MLS range s0:c0.

AUTHOR

       This manual page was written by Jeremy A. Mowery <jmowery@tresys.com>.

COPYRIGHT

       Copyright(C) 2003-2007 Tresys Technology, LLC

BUGS

       Please report bugs via an email to setools-bugs@tresys.com.

SEE ALSO

       findcon(1), indexcon(1)

                                                                                                                                        replcon(1)

Check Out this Related Man Page

CHCON(1)							   User Commands							  CHCON(1)

NAME

       chcon - change file SELinux security context

SYNOPSIS

       chcon [OPTION]... CONTEXT FILE...
       chcon [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE...
       chcon [OPTION]... --reference=RFILE FILE...

DESCRIPTION

       Change the SELinux security context of each FILE to CONTEXT.  With --reference, change the security context of each FILE to that of RFILE.

       Mandatory arguments to long options are mandatory for short options too.

       --dereference
	      affect the referent of each symbolic link (this is the default), rather than the symbolic link itself

       -h, --no-dereference
	      affect symbolic links instead of any referenced file

       -u, --user=USER
	      set user USER in the target security context

       -r, --role=ROLE
	      set role ROLE in the target security context

       -t, --type=TYPE
	      set type TYPE in the target security context

       -l, --range=RANGE
	      set range RANGE in the target security context

       --no-preserve-root
	      do not treat '/' specially (the default)

       --preserve-root
	      fail to operate recursively on '/'

       --reference=RFILE
	      use RFILE's security context rather than specifying a CONTEXT value

       -R, --recursive
	      operate on files and directories recursively

       -v, --verbose
	      output a diagnostic for every file processed

       The  following  options	modify how a hierarchy is traversed when the -R option is also specified.  If more than one is specified, only the
       final one takes effect.

       -H     if a command line argument is a symbolic link to a directory, traverse it

       -L     traverse every symbolic link to a directory encountered

       -P     do not traverse any symbolic links (default)

       --help display this help and exit

       --version
	      output version information and exit

       GNU coreutils online help: <http://www.gnu.org/software/coreutils/> Report chcon translation bugs to <http://translationproject.org/team/>

AUTHOR

       Written by Russell Coker and Jim Meyering.

COPYRIGHT

       Copyright (C) 2013 Free Software Foundation, Inc.  License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
       This is free software: you are free to change and redistribute it.  There is NO WARRANTY, to the extent permitted by law.

SEE ALSO

       The full documentation for chcon is maintained as a Texinfo manual.  If the info and chcon programs are properly installed  at  your  site,
       the command

	      info coreutils 'chcon invocation'

       should give you access to the complete manual.

GNU coreutils 8.22						     June 2014								  CHCON(1)
Man Page