chcon 命令

常用示例

说明

chcon changes the SELinux security context of files. An SELinux context consists of four components: user, role, type, and range (level). The context can be specified as a complete string, by individual components, or by copying from a reference file. Context changes made with chcon are temporary and will be overwritten during a system relabel or by running restorecon. For persistent context changes, use semanage fcontext to define rules and restorecon to apply them. The chcon command is primarily useful for testing and debugging SELinux policies before making permanent changes.

参数

-u, --user=USER

Set the user component of the security context

-r, --role=ROLE

Set the role component of the security context

-t, --type=TYPE

Set the type component of the security context

-l, --range=RANGE

Set the range/level component of the security context

--reference=RFILE

Use security context from RFILE

-R, --recursive

Operate on files and directories recursively

-h, --no-dereference

Affect symbolic links instead of referenced files

--dereference

Affect the referenced file (default for non-links)

-v, --verbose

Output a diagnostic for every file processed

--preserve-root

Fail to operate recursively on /

-H

If -R, follow symbolic links on command line only

-L

If -R, follow all symbolic links

-P

If -R, never follow symbolic links (default)