NAME | SYNOPSIS | DESCRIPTION | OPTIONS | ARGUMENTS | SEE ALSO | COLOPHON
restorecon_xattr(8) SELinux User Command restorecon_xattr(8)
restorecon_xattr - manage security.sehash extended attribute entries added by setfiles(8) or restorecon(8).
restorecon_xattr [-d] [-D] [-m] [-n] [-r] [-v] [-e directory] [-f specfile] pathname
restorecon_xattr will display the SHA1 digests added to extended attributes security.sehash or delete the attribute completely. These attributes are set by restorecon(8) or setfiles(8) to specified directories when relabeling recursively. restorecon_xattr is useful for managing the extended attribute entries particularly when users forget what directories they ran restorecon(8) or setfiles(8) from. RAMFS and TMPFS filesystems do not support the security.sehash extended attribute and are automatically excluded from searches. By default restorecon_xattr will display the SHA1 digests with "Match" appended if they match the default specfile set or the specfile set used with the -f option. Non-matching SHA1 digests will be displayed with "No Match" appended. This feature can be disabled by the -n option.
-d delete all non-matching security.sehash directory digest entries. -D delete all security.sehash directory digest entries. -m do not read /proc/mounts to obtain a list of non-seclabel mounts to be excluded from relabeling checks. Setting -m is useful where there is a non-seclabel fs mounted with a seclabel fs mounted on a directory below this. -n Do not append "Match" or "No Match" to displayed digests. -r recursively descend directories. -v display SHA1 digest generated by specfile set (Note that this digest is not used to match the security.sehash directory digest entries, and is shown for reference only). -e directory directory to exclude (repeat option for more than one directory). -f specfile an optional specfile containing file context entries as described in file_contexts(5). If the option is not specified, then the default file_contexts will be used.
pathname the pathname of the directory tree to be searched.
This page is part of the selinux (Security-Enhanced Linux user- space libraries and tools) project. Information about the project can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you have a bug report for this manual page, see ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This page was obtained from the project's upstream Git repository ⟨https://github.com/SELinuxProject/selinux⟩ on 2022-12-17. (At that time, the date of the most recent commit that was found in the repository was 2022-12-16.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which is not part of the original manual page), send a mail to firstname.lastname@example.org 24 Sept 2016 restorecon_xattr(8)