{"id":2817,"date":"2022-12-20T15:17:23","date_gmt":"2022-12-20T18:17:23","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/restorecon_xattr-man8\/"},"modified":"2022-12-20T15:17:23","modified_gmt":"2022-12-20T18:17:23","slug":"restorecon_xattr-man8","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/restorecon_xattr-man8\/","title":{"rendered":"restorecon_xattr (man8)"},"content":{"rendered":"

restorecon_xattr<\/h1>\n

NAME<\/a>
SYNOPSIS<\/a>
DESCRIPTION<\/a>
OPTIONS<\/a>
ARGUMENTS<\/a>
SEE ALSO<\/a> <\/p>\n

\n

NAME <\/a> <\/h2>\n

restorecon_xattr \u2212 manage security.sehash<\/i> extended attribute entries added by setfiles<\/b>(8) or restorecon<\/b>(8).<\/p>\n

SYNOPSIS <\/a> <\/h2>\n

restorecon_xattr<\/b> [\u2212d<\/b>] [\u2212D<\/b>] [\u2212m<\/b>] [\u2212n<\/b>] [\u2212r<\/b>] [\u2212v<\/b>] [\u2212e<\/b> directory<\/i>] [\u2212f<\/b> specfile<\/i>] pathname<\/i><\/p>\n

DESCRIPTION <\/a> <\/h2>\n

restorecon_xattr<\/b><\/i> will display the SHA1 digests added to extended attributes security.sehash<\/i> or delete the attribute completely. These attributes are set by restorecon<\/b>(8) or setfiles<\/b>(8) to specified directories when relabeling recursively.<\/p>\n

restorecon_xattr<\/b> is useful for managing the extended attribute entries particularly when users forget what directories they ran restorecon<\/b>(8) or setfiles<\/b>(8) from.<\/p>\n

RAMFS<\/b> and TMPFS<\/b> filesystems do not support the security.sehash<\/i> extended attribute and are automatically excluded from searches.<\/p>\n

By default restorecon_xattr<\/b> will display the SHA1 digests with “Match” appended if they match the default specfile set or the specfile<\/i> set used with the \u2212f<\/b> option. Non-matching SHA1 digests will be displayed with “No Match” appended. This feature can be disabled by the \u2212n<\/b> option.<\/p>\n

OPTIONS <\/a> <\/h2>\n\n\n\n\n
<\/td>\n\n

\u2212d<\/b><\/p>\n<\/td>\n

<\/td>\n\n

delete all non-matching security.sehash<\/i> directory digest entries.<\/p>\n<\/td>\n<\/tr>\n

<\/td>\n\n

\u2212D<\/b><\/p>\n<\/td>\n

<\/td>\n\n

delete all security.sehash<\/i> directory digest entries.<\/p>\n<\/td>\n<\/tr>\n

<\/td>\n\n

\u2212m<\/b><\/p>\n<\/td>\n

<\/td>\n\n

do not read \/proc\/mounts<\/b> to obtain a list of non-seclabel mounts to be excluded from relabeling checks.<\/p>\n<\/td>\n<\/tr>\n<\/table>\n

Setting \u2212m<\/b> is useful where there is a non-seclabel fs mounted with a seclabel fs mounted on a directory below this.<\/p>\n\n\n\n\n\n
<\/td>\n\n

\u2212n<\/b><\/p>\n<\/td>\n

<\/td>\n\n

Do not append “Match” or “No Match” to displayed digests.<\/p>\n<\/td>\n<\/tr>\n

<\/td>\n\n

\u2212r<\/b><\/p>\n<\/td>\n

<\/td>\n\n

recursively descend directories.<\/p>\n<\/td>\n<\/tr>\n

<\/td>\n\n

\u2212v<\/b><\/p>\n<\/td>\n

<\/td>\n\n

display SHA1 digest generated by specfile set (Note that this digest is not used to match the security.sehash<\/i> directory digest entries, and is shown for reference only).<\/p>\n<\/td>\n<\/tr>\n

<\/td>\n\n

\u2212e<\/b><\/p>\n<\/td>\n

<\/td>\n\n

directory<\/i><\/p>\n<\/td>\n<\/tr>\n<\/table>\n

directory to exclude (repeat option for more than one directory).<\/p>\n\n\n
<\/td>\n\n

\u2212f<\/b><\/p>\n<\/td>\n

<\/td>\n\n

specfile<\/i><\/p>\n<\/td>\n

 <\/td>\n<\/tr>\n<\/table>\n

an optional specfile<\/i> containing file context entries as described in file_contexts<\/b>(5). If the option is not specified, then the default file_contexts will be used.<\/p>\n

ARGUMENTS <\/a> <\/h2>\n

pathname<\/i><\/p>\n

the pathname of the directory tree to be searched.<\/p>\n

SEE ALSO <\/a> <\/h2>\n

restorecon<\/b>(8), setfiles<\/b>(8)<\/p>\n

\n","protected":false},"excerpt":{"rendered":"

restorecon_xattr \u2212 manage security.sehash extended attribute entries added by setfiles(8) or restorecon(8). <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[5,52,4,169],"class_list":["post-2817","post","type-post","status-publish","format-standard","hentry","category-8-administracion-del-sistema","tag-5","tag-administracion","tag-man8","tag-restorecon_xattr"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/2817","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=2817"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/2817\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=2817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=2817"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=2817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}