chcon invocation (GNU Coreutils 9.0)

From Get docs

22.1 chcon: Change SELinux context of file

chcon changes the SELinux security context of the selected files. Synopses:

chcon [option]… context file…
chcon [option]… [-u user] [-r role] [-l range] [-t type] file…
chcon [option]… --reference=rfile file…

Change the SELinux security context of each file to context. With --reference, change the security context of each file to that of rfile.

The program accepts the following options. Also see Common options.


Do not affect symbolic links but what they refer to; this is the default.


Affect the symbolic links themselves instead of any referenced file.


Use rfile’s security context rather than specifying a context value.


Operate on files and directories recursively.


Refuse to operate recursively on the root directory, /, when used together with the --recursive option. See Treating / specially.


Do not treat the root directory, /, specially when operating recursively; this is the default. See Treating / specially.


If --recursive (-R) is specified and a command line argument is a symbolic link to a directory, traverse it. See Traversing symlinks.


In a recursive traversal, traverse every symbolic link to a directory that is encountered. See Traversing symlinks.


Do not traverse any symbolic links. This is the default if none of -H, -L, or -P is specified. See Traversing symlinks.


Output a diagnostic for every file processed.

-u user

Set user user in the target security context.

-r role

Set role role in the target security context.

-t type

Set type type in the target security context.

-l range

Set range range in the target security context.

An exit status of zero indicates success, and a nonzero value indicates failure.