restorecon command line tool and its examples

It is used to restore the default SELinux security context of files or directories on a Linux system. This is a security mechanism that provides mandatory access control (MAC) policies for the Linux operating system.

  • About restorecon: To restore file(s) default SELinux security contexts
  • Comes From: policycoreutils-2.0.83
  • Configuration Files:
  • Path: /sbin/restorecon


1. To restore files default SELinux security contexts

# restorecon

2. To ignore the files that do not exists

# restorecon -i

3. To specify the directory to be excluded

# restorecon -e /var

4. To change the files and directories file labels recursuively

# restorecon -r
# restorecon -R

5. To not to change any file labels

# restorecon -n

6. To save list of files with incorrect context in output filename

# restorecon -o /tmp/file

7. To show progress by printing * every 1000 files

# restorecon -p

8. To show changes in file labels

# restorecon -v

9. To show changes in file labels, with type, role, or user are changing

# restorecon -vv

10. To force reset of context to match file_context for customizable files

# restorecon -F

Related Commands: load_policy, checkpolicy, setfiles

Leave a Reply

Your email address will not be published. Required fields are marked *