Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   14857 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

findcon(1)							    findcon(1)

NAME
       findcon - SELinux file context search tool

SYNOPSIS
       findcon FCLIST [OPTIONS] [EXPRESSION]

DESCRIPTION
       findcon	allows	the user to search for files with a specified context.
       Results can be filtered by object class as described below.

FCLIST
       The findcon tool operates upon a file context list source.   There  are
       three valid file context lists.

       directory
	      If FCLIST is a name of a directory then begin the search at that
	      directory and recurse within it.	Be sure there are no  circular
	      mounts within it.

       file_contexts
	      If   FCLIST   is	 the  name  of	a  file_contexts  file	(e.g.,
	      /etc/selinux/strict/contexts/files/file_contexts) then open that
	      file and find matching entries.

       database
	      If FCLIST is the name of a database as created by a previous run
	      of indexcon or apol then open the database and  execute  queries
	      into it.

EXPRESSION
       The  following  options allow the user to specify which files to print.
       A file must meet all specified criteria.	 If no expression is provided,
       all files are printed.

       -t TYPE, --type=TYPE
	      Search for files with a context containing the type TYPE.

       -u USER, --user=USER
	      Search for files with a context containing the user USER.

       -r ROLE, --role=ROLE
	      Search for files with a context containing the role ROLE.

       -m RANGE, --mls-range=RANGE
	      Search  for  files  with	a context with the MLS range of RANGE.
	      Note that findcon ignores the SELinux  translation  library,  if
	      present.	In addition, this flag is ignored if the FCLIST has no
	      MLS information.

       --context=CONTEXT
	      Search for files matching this partial context.  This flag over‐
	      rides -t, -u, -r, and -m.

       -p PATH, --path=PATH
	      Search for files which include PATH.

       -c CLASS, --class=CLASS
	      Search only files of object class CLASS.

OPTIONS
       The following additional options are available.

       -R, --regex
	      Search  using regular expressions instead of exact string match‐
	      ing.  This option does not affect the --class flag.

       -h, --help
	      Print help information and exit.

       -V, --version
	      Print version information and exit.

PARTIAL CONTEXT
       The --context flag specifies a partial context, which is a a colon sep‐
       arated  list  of user, role, and type.  If the system supports MLS, the
       context may have a fourth field that gives the range.  If  a  field  is
       not  specified  or  is the literal asterisk, then the query will always
       match the field.

OBJECT CLASSES
       Valid object class strings are

       block, char, dir, fifo, file, link, or sock.

NOTE
       The findcon utility always operates on "raw" SELinux file contexts.  If
       the  system  has	 an  installed translation library (i.e., libsetrans),
       those translations are ignored in favor of reading  the	original  con‐
       texts from the filesystem (if FCFILE is a directory).

EXAMPLES
       findcon .
	      Find  every context in the current directory and all of its sub‐
	      directories.

       findcon -u user_u .
	      Find every context whose user is user_u in the current directory
	      and all subdirectories.

       findcon -u system_u -t bin_t file_contexts
	      Find entries user system_u and type bin_t within a file_contexts
	      file, assuming that file_contexts is a file contexts file.

       findcon --context=system_u::bin_t file_contexts
	      This is equivalent to the previous example.

       findcon --context=system_u:*:bin_t:* file_contexts
	      This is also equivalent to the above example.

AUTHOR
       This manual page was written by Jeremy A. Mowery <jmowery@tresys.com>.

COPYRIGHT
       Copyright(C) 2003-2007 Tresys Technology, LLC

BUGS
       Please report bugs via an email to setools-bugs@tresys.com.

SEE ALSO
       replcon(1), indexcon(1)

								    findcon(1)

Vote for polarhome