CentOS Stream 8
Sponsored Link

SELinux : matchpathcon Basic Usage
2021/03/02
 
Display Default SELinux Context for the specified Path to use [matchpathcon] command.
[1] Some examples of using [matchpathcon] are follows.
# show the default for [/var/www/html/index.html]

[root@dlp ~]#
matchpathcon /var/www/html/index.html

/var/www/html/index.html        system_u:object_r:httpd_sys_content_t:s0


# compare the current context and the default of [/var/www/html]

# if not differ, it shows [verified]

[root@dlp ~]#
matchpathcon -V /var/www/html

/var/www/html verified.


# compare the current context and the default of [/var/www/html/index.html]

# if differ, it shows like follows

[root@dlp ~]#
matchpathcon -V /var/www/html/index.html

/var/www/html/index.html has context unconfined_u:object_r:httpd_sys_script_exec_t:s0, should be system_u:object_r:httpd_sys_content_t:s0


# possible to specify target with wildcards

[root@dlp ~]#
matchpathcon -V /var/www/html/*

/var/www/html/cgi-enabled verified.
/var/www/html/index.html has context unconfined_u:object_r:httpd_sys_script_exec_t:s0, should be system_u:object_r:httpd_sys_content_t:s0
/var/www/html/index.py verified.
Matched Content