• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

chcon: command not found

by admin

Security-Enhanced Linux (SELinux) is the default context-based permissions scheme provided with CentOS and Red Hat Enterprise Linux, and is optionally available on other distributions. It was developed by the U.S. National Security Agency (NSA). It provides additional file system and network security so that unauthorized processes cannot access or tamper with data, bypass security mechanisms, violate security policies, or execute untrustworthy programs.

There are three types of SELinux modes; they are as follows:

  • Enforcing: In this mode, SELinux enforces its policies onto the system and makes sure that all access by unauthorized users or processes are denied. These access denial events are also logged in to the system as well, which we will look into later on in this chapter.
  • Permissive: This is like a semi-enabled mode state where SELinux doesn’t deny any access as the policies are in permissive mode. This is the best mode to test the SELinux policies.
  • Disabled: In this mode, the SELinux is in a completely disabled state and no logs are created or permissions are denied.

From the command line, we can use the chcon utility to change the context for a file. This will allow us to define the user, the role, and the type for the file we want to alter, and similar to other filesystem utilities such as chmod or chown, we can also affect files recursively, so it’s easy to set a full folder hierarchy to the desired context.

For example:

# chcon -t user_home_t /var/www/html/index.html

If you encounter the below error while running the chcon command:

chcon: command not found

you may try installing the below package as per your choice of distribution:

OS Distribution Command
OS X brew install coreutils
Debian apt-get install coreutils
Ubuntu apt-get install coreutils
Alpine apk add coreutils
Arch Linux pacman -S coreutils
Kali Linux apt-get install coreutils
CentOS yum install coreutils
Fedora dnf install coreutils
Raspbian apt-get install coreutils

chcon Command Examples

1. View security context of a file:

# ls -lZ path/to/file

2. Change the security context of a target file, using a reference file:

# chcon --reference=reference_file target_file

3. Change the full SELinux security context of a file:

# chcon user:role:type:range/level filename

4. Change only the user part of SELinux security context:

# chcon -u user filename

5. Change only the role part of SELinux security context:

# chcon -r role filename

6. Change only the type part of SELinux security context:

# chcon -t type filename

7. Change only the range/level part of SELinux security context:

# chcon -l range/level filename

Filed Under: Linux

Some more articles you might also be interested in …

  1. chown: command not found
  2. namei: command not found
  3. Ubuntu Linux – yED(Graph Editor) Alternate of Microsoft Office Visio
  4. How to Setup SSH keys for SSH “public/private key” Login On Linux
  5. “Device /dev/mappper/mpath25 Not Found (or Ignored By Filtering)” – error while creating physical volume with pvcreate
  6. dget Command Examples in Linux
  7. lrztar Command Examples in Linux
  8. nmtui: command not found
  9. CentOS / RHEL 6 : How to setup yum repository using locally mounted DVD
  10. debman Command Examples in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • powertop Command Examples in Linux
  • powertop: command not found
  • powerstat: command not found
  • powerstat Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright