Next: , Up: SELinux context


22.1 chcon: Change SELinux context of file

chcon changes the SELinux security context of the selected files. Synopses:

     chcon [option]... context file...
     chcon [option]... [-u user] [-r role] [-l range] [-t type] file...
     chcon [option]... --reference=rfile file...

Change the SELinux security context of each file to context. With --reference, change the security context of each file to that of rfile.

The program accepts the following options. Also see Common options.

--dereference
Do not affect symbolic links but what they refer to; this is the default.
-h
--no-dereference
Affect the symbolic links themselves instead of any referenced file.
--reference=rfile
Use rfile's security context rather than specifying a context value.
-R
--recursive
Operate on files and directories recursively.
--preserve-root
Refuse to operate recursively on the root directory, /, when used together with the --recursive option. See Treating / specially.
--no-preserve-root
Do not treat the root directory, /, specially when operating recursively; this is the default. See Treating / specially.
-H
If --recursive (-R) is specified and a command line argument is a symbolic link to a directory, traverse it. See Traversing symlinks.
-L
In a recursive traversal, traverse every symbolic link to a directory that is encountered. See Traversing symlinks.
-P
Do not traverse any symbolic links. This is the default if none of -H, -L, or -P is specified. See Traversing symlinks.
-v
--verbose
Output a diagnostic for every file processed.
-u user
--user=user
Set user user in the target security context.
-r role
--role=role
Set role role in the target security context.
-t type
--type=type
Set type type in the target security context.
-l range
--range=range
Set range range in the target security context.

An exit status of zero indicates success, and a nonzero value indicates failure.