RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux/policycoreutils/setfiles/restorecon.8

95 lines
3.0 KiB
Groff
Raw Normal View History

initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.TH "restorecon" "8" "2002031409" "" ""
.SH "NAME"
restorecon \- restore file(s) default SELinux security contexts.
.SH "SYNOPSIS"
.B restorecon
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.I [\-o outfilename] [\-R] [\-n] [\-p] [\-v] [\-e directory] pathname...
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.P
.B restorecon
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.I \-f infilename [\-o outfilename] [\-e directory] [\-R] [\-n] [\-p] [\-v] [\-F]
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.SH "DESCRIPTION"
This manual page describes the
.BR restorecon
program.
.P
This program is primarily used to set the security context
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
(extended attributes) on one or more files.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.P
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
It can also be run at any other time to correct inconsistent labels, to add
support for newly-installed policy or, by using the \-n option, to passively
check whether the file contexts are all set as specified by the active policy
(default behavior) or by some other policy (see the \-c option).
policycoreutils: restorecon: only update type by default This patch allows us to use restorecon on MCS Separated File Systems or MLS Environments, Basically allows a user to check his type enforcement. Signed-off-by: Dan Walsh <dwalsh@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-09-07 17:58:24 +00:00
.P
If a file object does not have a context, restorecon will write the default
context to the file object's extended attributes. If a file object has a
context, restorecon will only modify the type portion of the security context.
The -F option will force a replacement of the entire context.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.SH "OPTIONS"
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.TP
.B \-e directory
exclude a directory (repeat the option to exclude more than one directory).
.TP
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.B \-f infilename
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
infilename contains a list of files to be processed. Use \- for stdin.
.TP
.B \-F
policycoreutils: restorecon: only update type by default This patch allows us to use restorecon on MCS Separated File Systems or MLS Environments, Basically allows a user to check his type enforcement. Signed-off-by: Dan Walsh <dwalsh@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-09-07 17:58:24 +00:00
Force reset of context to match file_context for customizable files, and the
default file context, changing the user, role, range portion as well as the type.
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.TP
.B \-h, \-?
display usage information and exit.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.TP
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.B \-i
ignore files that do not exist.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.TP
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.B \-R, \-r
change files and directories file labels recursively (descend directories).
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.TP
.B \-n
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
don't change any file labels (passive check).
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.TP
.B \-o outfilename
save list of files with incorrect context in outfilename.
policycoreutils: put -p in help for restorecon and fixfiles restorecon and fixfiles both have the -p option to display a * every 10000 files. Put it in the usage and man pages. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-07-10 14:32:15 +00:00
.TP
.B \-p
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
show progress by printing * every STAR_COUNT files.
.TP
.B \-R, \-r
change files and directories file labels recursively (descend directories).
.TP
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.B \-v
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
show changes in file labels, if type or role are going to be changed.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.TP
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.B \-0
the separator for the input items is assumed to be the null character
(instead of the white space). The quotes and the backslash characters are
also treated as normal characters that can form valid input.
This option finally also disables the end of file string, which is treated
like any other argument. Useful when input items might contain white space,
quote marks or backslashes. The
.B \-print0
option of GNU
.B find
produces input suitable for this mode.
.TP
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.SH "ARGUMENTS"
.B pathname...
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
The pathname for the file(s) to be relabeled.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.SH NOTE
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
restorecon does not follow symbolic links and by default it does not
operate recursively on directories.
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.SH "AUTHOR"
This man page was written by Dan Walsh <dwalsh@redhat.com>.
Some of the content of this man page was taken from the setfiles
man page written by Russell Coker <russell@coker.com.au>.
The program was written by Dan Walsh <dwalsh@redhat.com>.
.SH "SEE ALSO"
policycoreutils: setfiles/restorecon minor improvements - improves the manual page for both setfiles and restorecon (formatting including alphabetical re-ordering of options, undocumented options, references and a few cosmetic changes); - de-hardcodes a couple of constants in the source files and makes a dynamic use of them to create the manual pages after the compilation and prior to the installation: more specifically the constants are the number of errors for the setfiles' validation process abort condition and the sensitivity of the progress meter for both programs (uses external programs grep and awk); - improves the usage message for both programs and introduces a -h (aliased with currently existing -?) option where not already available; - print out the usage message for restorecon when it is called without arguments; - white-space/tab conversion to get proper indentation towards the end of the main source file. [eparis add .gitignore] Signed-off-by: Guido Trentalancia <guido@trentalancia.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-08-22 07:13:43 +00:00
.BR setfiles (8),
initial import from svn trunk revision 2950
2008-08-19 19:30:36 +00:00
.BR load_policy (8),
.BR checkpolicy (8)