CentOS / RHEL: Change / Copy File SELinux Security Context Command

by on December 28, 2011 · 0 comments· LAST UPDATED December 28, 2011

in

I've created a file as follows:

ls -l -Z /etc/cron.d/vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 /etc/cron.d/vnstat

I've created a new file /etc/cron.d/vnstat.custom.interface:

ls -l -Z /etc/cron.d/vnstat.custom.interface
-rw-r--r--. root root unconfined_u:object_r:system_cron_spool_t:s0 /etc/cron.d/vnstat.custom.interface

The /etc/cron.d/vnstat is part of default vnstat package. I've installed my own version of the same. But, due to SELinux security cron job is not running. How do I change file SELinux security contex under RHEL / CentOS 6 Linux server to system_u:object_r:system_cron_spool_t:s0 from unconfined_u:object_r:system_cron_spool_t:s0 for /etc/cron.d/vnstat.custom.interface file?

You need to use the chcon command to change the SELinux security context of FILE. The syntax is as follows:

chcon --reference=/path/to/existingfile /path/to/a/newfile

OR

chcon CONTEXT /path/to/a/newfile

Syntax #1 Example

The first syntax is easy to use and recommend for all users:
# cd /etc/cron.d/
# chcon --reference=vnstat vnstat.custom.interface

Verify new context, type:
# ls -Z vnstat*
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface

Syntax #2 Example

First, see existing context, enter:
# cd /etc/cron.d/
# ls -Z vnstat

Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat

Use the following syntax to copy system_u:object_r:system_cron_spool_t:s0 context:
# chcon system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface
Verify the same, enter:
# ls -Z vnstat*
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 0 comments… add one now }

Leave a Comment

Tagged as: , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: