CentOS 7
Ads

SELinux : Use matchpathcon
2016/04/05
 
Display Default SELinux Context for the specified Path to use matchpathcon command.
[1] Some examples of using matchpathcon are follows.
# show the default for /var/www/html/index.html

[root@dlp ~]#
matchpathcon /var/www/html/index.html

/var/www/html/index.html        system_u:object_r:httpd_sys_content_t:s0


# compare the current context and the default of /var/www/html

# if not differ, it shows "verified"

[root@dlp ~]#
matchpathcon -V /var/www/html

/var/www/html verified.


# compare the current context and the default of /var/www/html/index.html

# if differ, it shows like follows

[root@dlp ~]#
matchpathcon -V /var/www/html/index.html

/var/www/html/index.html has context unconfined_u:object_r:admin_home_t:s0, should be system_u:object_r:httpd_sys_content_t:s0


# possible to specify target with wildcards

[root@dlp ~]#
matchpathcon -V /var/www/html/*

/var/www/html/cgi-enabled verified.
/var/www/html/index.html has context unconfined_u:object_r:user_home_t:s0, should be system_u:object_r:httpd_sys_conten_t:s0
/var/www/html/index.php verified.
/var/www/html/index.py verified.
/var/www/html/info.php verified.
 
Tweet