CentOS / RHEL: Change / Copy File SELinux Security Context Command

I‘ve created a file as follows:

ls -l -Z /etc/cron.d/vnstat
-rw-r–r–. root root system_u:object_r:system_cron_spool_t:s0 /etc/cron.d/vnstat

I’ve created a new file /etc/cron.d/vnstat.custom.interface:

ls -l -Z /etc/cron.d/vnstat.custom.interface
-rw-r–r–. root root unconfined_u:object_r:system_cron_spool_t:s0 /etc/cron.d/vnstat.custom.interface

The /etc/cron.d/vnstat is part of default vnstat package. I’ve installed my own version of the same. But, due to SELinux security cron job is not running. How do I change file SELinux security contex under RHEL / CentOS 6 Linux server to system_u:object_r:system_cron_spool_t:s0 from unconfined_u:object_r:system_cron_spool_t:s0 for /etc/cron.d/vnstat.custom.interface file?

You need to use the chcon command to change the SELinux security context of FILE. The syntax is as follows:

chcon --reference=/path/to/existingfile /path/to/a/newfile

OR

chcon CONTEXT /path/to/a/newfile

Syntax #1 Example

The first syntax is easy to use and recommend for all users:
# cd /etc/cron.d/
# chcon --reference=vnstat vnstat.custom.interface
Verify new context, type:
# ls -Z vnstat*
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface

Syntax #2 Example

First, see existing context, enter:
# cd /etc/cron.d/
# ls -Z vnstat
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat

Use the following syntax to copy system_u:object_r:system_cron_spool_t:s0 context:
# chcon system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface
Verify the same, enter:
# ls -Z vnstat*
Sample outputs:

-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat
-rw-r--r--. root root system_u:object_r:system_cron_spool_t:s0 vnstat.custom.interface