1fixfiles(8)                                                        fixfiles(8)
2
3
4

NAME

6       fixfiles - fix file SELinux security contexts.
7
8

SYNOPSIS

10       fixfiles [-v] [-F] [-M] [-f] relabel
11
12       fixfiles [-v] [-F] { check | restore | verify } dir/file ...
13
14       fixfiles [-v] [-F] [-B | -N time ] { check | restore | verify }
15
16       fixfiles [-v] [-F] -R rpmpackagename[,rpmpackagename...] { check | re‐
17       store | verify }
18
19       fixfiles [-v] [-F] -C PREVIOUS_FILECONTEXT { check | restore | verify }
20
21       fixfiles [-F] [-M] [-B] onboot
22
23
24

DESCRIPTION

26       This manual page describes the fixfiles script.
27
28       This script is primarily used to correct the security context  database
29       (extended attributes) on filesystems.
30
31       It  can  also be run at any time to relabel when adding support for new
32       policy, or  just check whether the file contexts are all as you expect.
33       By default it will relabel all mounted ext2, ext3, ext4, gfs2, xfs, jfs
34       and btrfs file systems as long as they do not have a  security  context
35       mount  option.  You can use the -R flag to use rpmpackages as an alter‐
36       native.  The file /etc/selinux/fixfiles_exclude_dirs can contain a list
37       of directories excluded from relabeling.
38
39       fixfiles onboot will setup the machine to relabel on the next reboot.
40
41

OPTIONS

43       -B     If  specified with onboot, this fixfiles will record the current
44              date in the /.autorelabel file, so that it can be used later  to
45              speed  up  labeling. If used with restore, the restore will only
46              affect files that were modified today.
47
48       -F     Force reset of context to match  file_context  for  customizable
49              files
50
51
52       -f     Clear /tmp directory with out prompt for removal.
53
54
55       -R rpmpackagename[,rpmpackagename...]
56              Use  the rpm database to discover all files within the specified
57              packages and restore the file contexts.
58
59       -C PREVIOUS_FILECONTEXT
60              Run a diff on  the PREVIOUS_FILECONTEXT file  to  the  currently
61              installed one, and restore the context of all affected files.
62
63
64       -N time
65              Only  act  on files created after the specified date.  Date must
66              be specified in "YYYY-MM-DD HH:MM" format.  Date field  will  be
67              passed to find --newermt command.
68
69
70       -M     Bind  mount filesystems before relabeling them, this allows fix‐
71              ing the context of files or directories that have  been  mounted
72              over.
73
74
75       -v     Modify  verbosity from progress to verbose. (Run restorecon with
76              -v instead of -p)
77
78

ARGUMENTS

80       One of:
81
82       check | verify
83              print any incorrect file context labels,  showing  old  and  new
84              context, but do not change them.
85
86       restore
87              change any incorrect file context labels.
88
89       relabel
90              Prompt for removal of contents of /tmp directory and then change
91              any incorrect file context labels to match the install file_con‐
92              texts file.
93
94       [[dir/file] ... ]
95              List  of  files or directories trees that you wish to check file
96              context on.
97
98

AUTHOR

100       This man page was written  by  Richard  Hally  <rhally@mindspring.com>.
101       The script  was written by Dan Walsh <dwalsh@redhat.com>
102
103

SEE ALSO

105       setfiles(8), restorecon(8)
106
107
108
109
110                                  2002031409                       fixfiles(8)
Impressum