CentOS / RHEL: Change / Copy File SELinux Security Context Command

I‘ve created a file as follows:

ls -l -Z /etc/cron.d/vnstat
-rw-r–r–. root root system_u:object_r:system_cron_spool_t:s0 /etc/cron.d/vnstat

I’ve created a new file /etc/cron.d/vnstat.custom.interface:

ls -l -Z /etc/cron.d/vnstat.custom.interface
-rw-r–r–. root root unconfined_u:object_r:system_cron_spool_t:s0 /etc/cron.d/vnstat.custom.interface

The /etc/cron.d/vnstat is part of default vnstat package. I’ve installed my own version of the same. But, due to SELinux security cron job is not running. How do I change file SELinux security contex under RHEL / CentOS 6 Linux server to system_u:object_r:system_cron_spool_t:s0 from unconfined_u:object_r:system_cron_spool_t:s0 for /etc/cron.d/vnstat.custom.interface file?

You need to use the chcon command to change the SELinux security context of FILE. The syntax is as follows:

chcon --reference=/path/to/existingfile /path/to/a/newfile

OR

chcon CONTEXT /path/to/a/newfile

Syntax #1 Example

The first syntax is easy to use and recommend for all users:
# cd /etc/cron.d/
# chcon --reference=vnstat vnstat.custom.interface

Verify new context, type:
# ls -Z vnstat*
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface

Syntax #2 Example

First, see existing context, enter:
# cd /etc/cron.d/
# ls -Z vnstat

Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat

Use the following syntax to copy system_u:object_r:system_cron_spool_t:s0 context:
# chcon system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface
Verify the same, enter:
# ls -Z vnstat*
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 0 comments... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
0 comments… add one

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum