1fixfiles(8)                                                        fixfiles(8)
2
3
4

NAME

6       fixfiles - fix file SELinux security contexts.
7
8

SYNOPSIS

10       fixfiles [-v] [-F] [-M] [-f] [-T nthreads] relabel
11
12       fixfiles [-v] [-F] [-T nthreads] { check | restore | verify } dir/file
13       ...
14
15       fixfiles [-v] [-F] [-B | -N time ] [-T nthreads] { check | restore |
16       verify }
17
18       fixfiles [-v] [-F] [-T nthreads] -R rpmpackagename[,rpmpackagename...]
19       { check | restore | verify }
20
21       fixfiles [-v] [-F] [-T nthreads] -C PREVIOUS_FILECONTEXT { check | re‐
22       store | verify }
23
24       fixfiles [-F] [-M] [-B] [-T nthreads] onboot
25
26
27

DESCRIPTION

29       This manual page describes the fixfiles script.
30
31       This  script is primarily used to correct the security context database
32       (extended attributes) on filesystems.
33
34       It can also be run at any time to relabel when adding support  for  new
35       policy, or  just check whether the file contexts are all as you expect.
36       By default it will relabel all mounted ext2, ext3, ext4, gfs2, xfs, jfs
37       and  btrfs  file systems as long as they do not have a security context
38       mount option.  You can use the -R flag to use rpmpackages as an  alter‐
39       native.  The file /etc/selinux/fixfiles_exclude_dirs can contain a list
40       of directories excluded from relabeling.
41
42       fixfiles onboot will setup the machine to relabel on the next reboot.
43
44

OPTIONS

46       -B     If specified with onboot, this fixfiles will record the  current
47              date  in the /.autorelabel file, so that it can be used later to
48              speed up labeling. If used with restore, the restore  will  only
49              affect files that were modified today.
50
51       -F     Force  reset  of  context to match file_context for customizable
52              files
53
54
55       -f     Clear /tmp directory with out prompt for removal.
56
57
58       -R rpmpackagename[,rpmpackagename...]
59              Use the rpm database to discover all files within the  specified
60              packages and restore the file contexts.
61
62       -C PREVIOUS_FILECONTEXT
63              Run  a  diff  on  the PREVIOUS_FILECONTEXT file to the currently
64              installed one, and restore the context of all affected files.
65
66
67       -N time
68              Only act on files created after the specified date.   Date  must
69              be  specified  in "YYYY-MM-DD HH:MM" format.  Date field will be
70              passed to find --newermt command.
71
72
73       -M     Bind mount filesystems before relabeling them, this allows  fix‐
74              ing  the  context of files or directories that have been mounted
75              over.
76
77
78       -v     Modify verbosity from progress to verbose. (Run restorecon  with
79              -v instead of -p)
80
81
82       -T nthreads
83              Use parallel relabeling, see setfiles(8)
84
85

ARGUMENTS

87       One of:
88
89       check | verify
90              print  any  incorrect  file  context labels, showing old and new
91              context, but do not change them.
92
93       restore
94              change any incorrect file context labels.
95
96       relabel
97              Prompt for removal of contents of /tmp directory and then change
98              any incorrect file context labels to match the install file_con‐
99              texts file.
100
101       [[dir/file] ... ]
102              List of files or directories trees that you wish to  check  file
103              context on.
104
105

AUTHOR

107       This  man  page  was  written by Richard Hally <rhally@mindspring.com>.
108       The script  was written by Dan Walsh <dwalsh@redhat.com>
109
110

SEE ALSO

112       setfiles(8), restorecon(8)
113
114
115
116
117                                  2002031409                       fixfiles(8)
Impressum