OmniSecu.com Logo  
omnisecu.com free mcse ccna rhce linux java learning
omnisecu.com free mcse ccna rhce linux java learning
          Sharefacebook twitter google+ google bookmark yahoo bookmark delicious digg linkedin pinterest reddit stumbleupon evernote diigo blinklist blogmarks livejournal email feed

Tutorials

Security-enhanced Linux (SELinux) - Filesystem Relabeling

External Resources

Security-enhanced Linux (SELinux) filesystem security context labels are associated with files and are stored as extended attributes. If the Security-enhanced Linux (SELinux) is disabled, the security context labels  will no more written as attribute and become out of sync.

To relabel part or all of the Linux filesystem without a reboot, the "fixfiles" and "restorecon" commands can be used.

The SELinux "restorecon" command

The SELinux "restorecon" command sets the security context of one or more files by marking the extended attributes with the appropriate file or security context.

Example:

[root@RHEL03 ~]# restorecon -F -R /ftp

The SELinux "fixfiles" command

The SELinux "fixfiles" command checks or corrects the security context database on the file system.

Example:

[root@RHEL04 /]# fixfiles -l /root/fixchek.txt relabel

How to relabel entire filesystem

To relabel entire filesystem, create “/.autorelabel” hidden file and restart the Linux computer. The automatic relabeling of the entire filesystem will take place during the boot process. Remember, you need to reboot the server to accomplish this.

              Jajish Thomason Google+
Related Topics
Basic Linux Commands Linux file permissions What is Security-enhanced Linux (SELinux), Discretionary Access Control (DAC), Mandatory Access Control (MAC) and Role-based Access Control (RBAC)? Security-enhanced Linux (SELinux) Security Contexts How Security-enhanced Linux (SELinux) works Security-enhanced Linux (SELinux) configuration-file (/etc/selinux/conf) Important Security-enhanced Linux (SELinux) commands
comments powered by Disqus


eXTReMe Tracker DMCA.com