restorecond
SELinux restorecond utilities
Install
- All systems
-
curl cmd.cat/restorecond.sh
- Debian
-
apt-get install restorecond
- Ubuntu
-
apt-get install restorecond
- Kali Linux
-
apt-get install restorecond
- CentOS
-
yum install policycoreutils-restorecond
- Fedora
-
dnf install policycoreutils-restorecond
- Windows (WSL2)
-
sudo apt-get update
sudo apt-get install restorecond
- Raspbian
-
apt-get install restorecond
- Dockerfile
- dockerfile.run/restorecond
policycoreutils-restorecond
SELinux restorecond utilities
restorecond
SELinux core policy utilities (restorecond utilities)
Security-enhanced Linux is a patch of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. This package contains restorecond to restore contexts of files that often get the wrong context.
policycoreutils
SELinux core policy utilities
Security-enhanced Linux is a patch of the Linux? kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement?, Role-based Access Control, and Multi-level Security. This package contains the core policy utilities that are required for basic operation of an SELinux system. These utilities include load_policy to load policies, setfiles to label filesystems, newrole to switch roles, run_init to run /etc/init.d scripts in the proper context, and restorecond to restore contexts of files that often get the wrong context. It also includes the mcstransd to map a maching readable sensitivity label to a human readable form. The sensitivity label is comprised of a sensitivity level (always s0 for MCS and anything from s0 to s15 for MLS) and a set of categories. A ranged sensitivity label will have a low level and a high level where the high level will dominate the low level. Categories are numbered from c0 to c1023. Names such as s0 and c1023 and not easily readable by humans, so mcstransd translated them to human readable labels such as SystemLow and SystemHigh.