Modifying file contexts

We now know how to set SELinux contexts, both directly through tools such as chcon as well as through the restorecon application, which queries the SELinux context list to know what context a file should have. But restorecon is not the only application that considers this context list.

Using setfiles, rlpkg, and fixfiles

Using semanage fcontext and restorecon is the preferred method for changing file contexts, but other tools exist that impact file contexts on a system.

The setfiles application is an older one, which requires the path to the context list file itself in order to reset contexts. Although it is often used under the hood of other applications, most administrators do not need to call setfiles directly anymore: ...

Get SELinux System Administration - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SELinux System Administration - Second Edition by Sven Vermeulen

Modifying file contexts

Using setfiles, rlpkg, and fixfiles

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly