{
"mode": "man",
"parameter": "chcon",
"section": "1",
"url": "https://www.chedong.com/phpMan.php/man/chcon/1/json",
"generated": "2026-06-02T20:22:11Z",
"synopsis": "chcon [OPTION]... CONTEXT FILE...\nchcon [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE...\nchcon [OPTION]... --reference=RFILE FILE...",
"sections": {
"NAME": {
"content": "chcon - change file security context\n",
"subsections": []
},
"SYNOPSIS": {
"content": "chcon [OPTION]... CONTEXT FILE...\nchcon [OPTION]... [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] FILE...\nchcon [OPTION]... --reference=RFILE FILE...\n",
"subsections": []
},
"DESCRIPTION": {
"content": "Change the SELinux security context of each FILE to CONTEXT. With --reference, change the\nsecurity context of each FILE to that of RFILE.\n\nMandatory arguments to long options are mandatory for short options too.\n",
"subsections": [
{
"name": "--dereference",
"content": "affect the referent of each symbolic link (this is the default), rather than the sym‐\nbolic link itself\n",
"long": "--dereference"
},
{
"name": "-h --no-dereference",
"content": "affect symbolic links instead of any referenced file\n",
"flag": "-h",
"long": "--no-dereference"
},
{
"name": "-u --user",
"content": "set user USER in the target security context\n",
"flag": "-u",
"long": "--user"
},
{
"name": "-r --role",
"content": "set role ROLE in the target security context\n",
"flag": "-r",
"long": "--role"
},
{
"name": "-t --type",
"content": "set type TYPE in the target security context\n",
"flag": "-t",
"long": "--type"
},
{
"name": "-l --range",
"content": "set range RANGE in the target security context\n",
"flag": "-l",
"long": "--range"
},
{
"name": "--no-preserve-root",
"content": "do not treat '/' specially (the default)\n",
"long": "--no-preserve-root"
},
{
"name": "--preserve-root",
"content": "fail to operate recursively on '/'\n\n--reference=RFILE\nuse RFILE's security context rather than specifying a CONTEXT value\n",
"long": "--preserve-root"
},
{
"name": "-R --recursive",
"content": "operate on files and directories recursively\n",
"flag": "-R",
"long": "--recursive"
},
{
"name": "-v --verbose",
"content": "output a diagnostic for every file processed\n\nThe following options modify how a hierarchy is traversed when the -R option is also speci‐\nfied. If more than one is specified, only the final one takes effect.\n",
"flag": "-v",
"long": "--verbose"
},
{
"name": "-H",
"content": "",
"flag": "-H"
},
{
"name": "-L",
"content": "",
"flag": "-L"
},
{
"name": "-P",
"content": "--help display this help and exit\n",
"flag": "-P"
},
{
"name": "--version",
"content": "output version information and exit\n",
"long": "--version"
}
]
},
"AUTHOR": {
"content": "Written by Russell Coker and Jim Meyering.\n",
"subsections": []
},
"REPORTING BUGS": {
"content": "GNU coreutils online help: \nReport any translation bugs to \n",
"subsections": []
},
"COPYRIGHT": {
"content": "Copyright © 2020 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later\n.\nThis is free software: you are free to change and redistribute it. There is NO WARRANTY, to\nthe extent permitted by law.\n",
"subsections": []
},
"SEE ALSO": {
"content": "Full documentation \nor available locally via: info '(coreutils) chcon invocation'\n\n\n\nGNU coreutils 8.32 January 2026 CHCON(1)",
"subsections": []
}
},
"summary": "chcon - change file security context",
"flags": [
{
"flag": "",
"long": "--dereference",
"arg": null,
"description": "affect the referent of each symbolic link (this is the default), rather than the sym‐ bolic link itself"
},
{
"flag": "-h",
"long": "--no-dereference",
"arg": null,
"description": "affect symbolic links instead of any referenced file"
},
{
"flag": "-u",
"long": "--user",
"arg": null,
"description": "set user USER in the target security context"
},
{
"flag": "-r",
"long": "--role",
"arg": null,
"description": "set role ROLE in the target security context"
},
{
"flag": "-t",
"long": "--type",
"arg": null,
"description": "set type TYPE in the target security context"
},
{
"flag": "-l",
"long": "--range",
"arg": null,
"description": "set range RANGE in the target security context"
},
{
"flag": "",
"long": "--no-preserve-root",
"arg": null,
"description": "do not treat '/' specially (the default)"
},
{
"flag": "",
"long": "--preserve-root",
"arg": null,
"description": "fail to operate recursively on '/' --reference=RFILE use RFILE's security context rather than specifying a CONTEXT value"
},
{
"flag": "-R",
"long": "--recursive",
"arg": null,
"description": "operate on files and directories recursively"
},
{
"flag": "-v",
"long": "--verbose",
"arg": null,
"description": "output a diagnostic for every file processed The following options modify how a hierarchy is traversed when the -R option is also speci‐ fied. If more than one is specified, only the final one takes effect."
},
{
"flag": "-H",
"long": null,
"arg": null,
"description": ""
},
{
"flag": "-L",
"long": null,
"arg": null,
"description": ""
},
{
"flag": "-P",
"long": null,
"arg": null,
"description": "--help display this help and exit"
},
{
"flag": "",
"long": "--version",
"arg": null,
"description": "output version information and exit"
}
],
"examples": [],
"see_also": [],
"tldr": {
"source": "official",
"description": "Change SELinux security context of a file or files/directories.",
"examples": [
{
"description": "View security context of a file",
"command": "ls {{-lZ|-l --context}} {{path/to/file}}"
},
{
"description": "Change the security context of a target file, using a reference file",
"command": "chcon --reference {{reference_file}} {{target_file}}"
},
{
"description": "Change the full SELinux security context of a file",
"command": "chcon {{user}}:{{role}}:{{type}}:{{range/level}} {{filename}}"
},
{
"description": "Change only the user part of SELinux security context",
"command": "chcon {{-u|--user}} {{user}} {{filename}}"
},
{
"description": "Change only the role part of SELinux security context",
"command": "chcon {{-r|--role}} {{role}} {{filename}}"
},
{
"description": "Change only the type part of SELinux security context",
"command": "chcon {{-t|--type}} {{type}} {{filename}}"
},
{
"description": "Change only the range/level part of SELinux security context",
"command": "chcon {{-l|--range}} {{range/level}} {{filename}}"
}
]
}
}