X7ROOT File Manager
Current Path:
/usr/sbin
usr
/
sbin
/
📁
..
📄
accessdb
(11.55 KB)
📄
addgnupghome
(3.05 KB)
📄
addpart
(19.69 KB)
📄
adduser
(134.39 KB)
📄
agetty
(48.48 KB)
📄
alternatives
(27.61 KB)
📄
anacron
(35.52 KB)
📄
apachectl
(4.31 KB)
📄
applygnupgdefaults
(2.21 KB)
📄
arp
(63.98 KB)
📄
arpd
(52.98 KB)
📄
arping
(23.19 KB)
📄
atd
(27.17 KB)
📄
atrun
(67 B)
📄
audispd
(39.75 KB)
📄
auditctl
(39.56 KB)
📄
auditd
(125.65 KB)
📄
augenrules
(3.7 KB)
📄
aureport
(105.39 KB)
📄
ausearch
(109.8 KB)
📄
authconfig
(43.49 KB)
📄
authconfig-tui
(43.49 KB)
📄
autrace
(15.49 KB)
📄
avcstat
(11.25 KB)
📄
badblocks
(27.69 KB)
📄
biosdecode
(24.15 KB)
📄
blkdeactivate
(15.97 KB)
📄
blkdiscard
(23.84 KB)
📄
blkid
(77.92 KB)
📄
blkmapd
(43.81 KB)
📄
blockdev
(32.2 KB)
📄
bridge
(77.61 KB)
📄
btrfs
(690.59 KB)
📄
btrfs-convert
(378.62 KB)
📄
btrfs-debug-tree
(354.23 KB)
📄
btrfs-find-root
(346.22 KB)
📄
btrfs-image
(374.63 KB)
📄
btrfs-map-logical
(350.27 KB)
📄
btrfs-select-super
(346.2 KB)
📄
btrfs-zero-log
(346.2 KB)
📄
btrfsck
(690.59 KB)
📄
btrfstune
(350.24 KB)
📄
build-locale-archive
(860.52 KB)
📄
cacertdir_rehash
(644 B)
📄
capsh
(19.43 KB)
📄
cbq
(32.73 KB)
📄
cfdisk
(71.37 KB)
📄
chcpu
(23.7 KB)
📄
chgpasswd
(64.1 KB)
📄
chkconfig
(40.22 KB)
📄
chpasswd
(55.88 KB)
📄
chronyd
(263.08 KB)
📄
chroot
(32.48 KB)
📄
clock
(48.44 KB)
📄
clockdiff
(19.04 KB)
📄
consoletype
(6.95 KB)
📄
convertquota
(70.88 KB)
📄
cracklib-check
(7.04 KB)
📄
cracklib-format
(246 B)
📄
cracklib-packer
(11.06 KB)
📄
cracklib-unpacker
(7.02 KB)
📄
create-cracklib-dict
(990 B)
📄
crond
(68.48 KB)
📄
ctrlaltdel
(11.2 KB)
📄
ctstat
(20.09 KB)
📄
ddns-confgen
(19.44 KB)
📄
debugfs
(120.64 KB)
📄
delpart
(19.69 KB)
📄
depmod
(143.24 KB)
📄
devlink
(64.72 KB)
📄
dhclient
(414.34 KB)
📄
dhclient-script
(30.38 KB)
📄
dmfilemapd
(19.16 KB)
📄
dmidecode
(120.2 KB)
📄
dmsetup
(149.2 KB)
📄
dmstats
(149.2 KB)
📄
dnssec-checkds
(922 B)
📄
dnssec-coverage
(924 B)
📄
dnssec-dsfromkey
(56.6 KB)
📄
dnssec-importkey
(52.59 KB)
📄
dnssec-keyfromlabel
(60.52 KB)
📄
dnssec-keygen
(64.55 KB)
📄
dnssec-keymgr
(920 B)
📄
dnssec-revoke
(48.46 KB)
📄
dnssec-settime
(56.52 KB)
📄
dnssec-signzone
(105.71 KB)
📄
dnssec-verify
(48.46 KB)
📄
dovecot
(370.66 KB)
📄
dovecot_cpshutdown
(3.27 KB)
📄
dracut
(55.83 KB)
📄
dumpe2fs
(23.62 KB)
📄
e2freefrag
(11.15 KB)
📄
e2fsck
(250.55 KB)
📄
e2image
(27.85 KB)
📄
e2label
(69.41 KB)
📄
e2undo
(11.32 KB)
📄
e4defrag
(23.55 KB)
📄
eapol_test
(1.77 MB)
📄
edquota
(83.09 KB)
📄
ether-wake
(73.26 KB)
📄
ethtool
(293.87 KB)
📄
exicyclog
(11.01 KB)
📄
exigrep
(10.44 KB)
📄
exim
(1.33 MB)
📄
exim_checkaccess
(4.73 KB)
📄
exim_dbmbuild
(82.09 KB)
📄
exim_dumpdb
(134.47 KB)
📄
exim_fixdb
(168.22 KB)
📄
exim_lock
(64.66 KB)
📄
exim_tidydb
(142.8 KB)
📄
eximstats
(148.01 KB)
📄
exinext
(8.02 KB)
📄
exiqgrep
(5.46 KB)
📄
exiqsumm
(5.07 KB)
📄
exiwhat
(4.32 KB)
📄
exportfs
(76.91 KB)
📄
faillock
(15.02 KB)
📄
fcgistarter
(23.85 KB)
📄
fdformat
(11.27 KB)
📄
fdisk
(195.8 KB)
📄
filefrag
(15.23 KB)
📄
findfs
(11.2 KB)
📄
fixfiles
(11.03 KB)
📄
fsck
(32.12 KB)
📄
fsck.btrfs
(1.16 KB)
📄
fsck.cramfs
(19.57 KB)
📄
fsck.ext2
(250.55 KB)
📄
fsck.ext3
(250.55 KB)
📄
fsck.ext4
(250.55 KB)
📄
fsck.minix
(73.32 KB)
📄
fsck.xfs
(433 B)
📄
fsfreeze
(11.23 KB)
📄
fstrim
(40.59 KB)
📄
fuser
(32.34 KB)
📄
genhomedircon
(23.77 KB)
📄
genhostid
(6.94 KB)
📄
genl
(52.81 KB)
📄
genl-ctrl-list
(11.27 KB)
📄
genrandom
(11.16 KB)
📄
getcap
(11.13 KB)
📄
getenforce
(7.01 KB)
📄
getpcaps
(7.07 KB)
📄
getsebool
(11.13 KB)
📄
glibc_post_upgrade.x86_64
(772.05 KB)
📄
groupadd
(85.65 KB)
📄
groupdel
(77.38 KB)
📄
groupmems
(55.97 KB)
📄
groupmod
(85.66 KB)
📄
grpck
(59.93 KB)
📄
grpconv
(51.73 KB)
📄
grpunconv
(51.73 KB)
📄
grub2-bios-setup
(1.04 MB)
📄
grub2-get-kernel-settings
(2.08 KB)
📄
grub2-install
(1.29 MB)
📄
grub2-macbless
(1.02 MB)
📄
grub2-mkconfig
(7.63 KB)
📄
grub2-ofpathname
(225.5 KB)
📄
grub2-probe
(1.04 MB)
📄
grub2-reboot
(4 KB)
📄
grub2-rpm-sort
(262.53 KB)
📄
grub2-set-default
(3.46 KB)
📄
grub2-setpassword
(2.96 KB)
📄
grub2-sparc64-setup
(1.04 MB)
📄
grubby
(71.27 KB)
📄
gss-server
(23.13 KB)
📄
gssproxy
(130.64 KB)
📄
halt
(704.8 KB)
📄
hardlink
(15.29 KB)
📄
htcacheclean
(78.45 KB)
📄
httpd
(2.31 MB)
📄
hwclock
(48.44 KB)
📄
iconvconfig
(22.15 KB)
📄
iconvconfig.x86_64
(22.15 KB)
📄
ifcfg
(2.99 KB)
📄
ifconfig
(80.05 KB)
📄
ifdown
(1.61 KB)
📄
ifenslave
(19.74 KB)
📄
ifstat
(40.6 KB)
📄
ifup
(4.89 KB)
📄
init
(1.56 MB)
📄
insmod
(143.24 KB)
📄
install-info
(110.42 KB)
📄
installkernel
(2.69 KB)
📄
intel-microcode2ucode
(11.1 KB)
📄
ip
(459.59 KB)
📄
ip6tables
(91.52 KB)
📄
ip6tables-restore
(91.52 KB)
📄
ip6tables-save
(91.52 KB)
📄
ipmaddr
(19.33 KB)
📄
iptables
(91.52 KB)
📄
iptables-restore
(91.52 KB)
📄
iptables-save
(91.52 KB)
📄
iptunnel
(23.33 KB)
📄
irqbalance
(48.5 KB)
📄
isc-hmac-fixup
(11.2 KB)
📄
kexec
(166.06 KB)
📄
key.dns_resolver
(19.45 KB)
📄
killall5
(23.17 KB)
📄
kpartx
(39.47 KB)
📄
lchage
(15.41 KB)
📄
ldattach
(27.93 KB)
📄
ldconfig
(952.08 KB)
📄
lgroupadd
(11.28 KB)
📄
lgroupdel
(11.26 KB)
📄
lgroupmod
(15.44 KB)
📄
lid
(15.4 KB)
📄
lnewusers
(15.46 KB)
📄
lnstat
(20.09 KB)
📄
load_policy
(10.97 KB)
📄
logrotate
(68.61 KB)
📄
logsave
(11.27 KB)
📄
losetup
(82.45 KB)
📄
lpasswd
(15.5 KB)
📄
lshw
(895.18 KB)
📄
lsmod
(143.24 KB)
📄
lsof
(150.57 KB)
📄
luseradd
(15.38 KB)
📄
luserdel
(11.3 KB)
📄
lusermod
(19.43 KB)
📄
lwresd
(768.04 KB)
📄
makedumpfile
(376.52 KB)
📄
matchpathcon
(11.19 KB)
📄
mii-diag
(20.08 KB)
📄
mii-tool
(19.51 KB)
📄
mkdict
(246 B)
📄
mkdumprd
(13.99 KB)
📄
mke2fs
(94.08 KB)
📄
mkfs
(11.25 KB)
📄
mkfs.btrfs
(366.45 KB)
📄
mkfs.cramfs
(36.16 KB)
📄
mkfs.ext2
(94.08 KB)
📄
mkfs.ext3
(94.08 KB)
📄
mkfs.ext4
(94.08 KB)
📄
mkfs.minix
(36.27 KB)
📄
mkfs.xfs
(359.8 KB)
📄
mkhomedir_helper
(19.05 KB)
📄
mklost+found
(11.11 KB)
📄
mkswap
(69.64 KB)
📄
modinfo
(143.24 KB)
📄
modprobe
(143.24 KB)
📄
modsec-sdbm-util
(22.17 KB)
📄
mount.nfs
(114.68 KB)
📄
mount.nfs4
(114.68 KB)
📄
mountstats
(40.59 KB)
📄
mysqld
(244.14 MB)
📄
mysqld-debug
(165.52 MB)
📄
named
(768.04 KB)
📄
named-checkconf
(32.25 KB)
📄
named-checkzone
(32.06 KB)
📄
named-compilezone
(32.06 KB)
📄
named-journalprint
(11.13 KB)
📄
nameif
(15.32 KB)
📄
netreport
(10.96 KB)
📄
new-kernel-pkg
(24.96 KB)
📄
newusers
(93.45 KB)
📄
nfsdcltrack
(40.11 KB)
📄
nfsidmap
(19.32 KB)
📄
nfsiostat
(23.64 KB)
📄
nfsstat
(29.84 KB)
📄
nl-class-add
(11.7 KB)
📄
nl-class-delete
(11.55 KB)
📄
nl-class-list
(11.48 KB)
📄
nl-classid-lookup
(11.29 KB)
📄
nl-cls-add
(11.76 KB)
📄
nl-cls-delete
(11.68 KB)
📄
nl-cls-list
(11.58 KB)
📄
nl-link-list
(11.52 KB)
📄
nl-pktloc-lookup
(11.36 KB)
📄
nl-qdisc-add
(11.6 KB)
📄
nl-qdisc-delete
(11.54 KB)
📄
nl-qdisc-list
(11.63 KB)
📄
nologin
(7.01 KB)
📄
nscd
(180.02 KB)
📄
nsec3hash
(11.13 KB)
📄
nstat
(23.88 KB)
📄
osd_login
(2.55 KB)
📄
ownership
(15.04 KB)
📄
packer
(11.06 KB)
📄
pam_console_apply
(39.69 KB)
📄
pam_tally2
(15.05 KB)
📄
pam_timestamp_check
(10.97 KB)
📄
paperconfig
(4.07 KB)
📄
parted
(77.22 KB)
📄
partprobe
(11.23 KB)
📄
partx
(86.55 KB)
📄
pdns_server
(98.68 MB)
📄
pidof
(23.17 KB)
📄
ping6
(64.63 KB)
📄
pivot_root
(11.19 KB)
📄
plipconfig
(11.06 KB)
📄
poweroff
(704.8 KB)
📄
ppp-watch
(23.2 KB)
📄
pwck
(51.71 KB)
📄
pwconv
(47.57 KB)
📄
pwhistory_helper
(15.44 KB)
📄
pwunconv
(47.59 KB)
📄
quot
(70.66 KB)
📄
quotacheck
(107.29 KB)
📄
quotaoff
(75.03 KB)
📄
quotaon
(75.03 KB)
📄
quotastats
(14.03 KB)
📄
rdisc
(23.17 KB)
📄
rdma
(73.42 KB)
📄
readprofile
(15.46 KB)
📄
reboot
(704.8 KB)
📄
repquota
(75.16 KB)
📄
request-key
(19.41 KB)
📄
resize2fs
(48.41 KB)
📄
resizepart
(32.36 KB)
📄
restorecon
(27.16 KB)
📄
rmmod
(143.24 KB)
📄
rndc
(35.88 KB)
📄
rndc-confgen
(19.44 KB)
📄
rotatelogs
(53 KB)
📄
route
(66.6 KB)
📄
routef
(173 B)
📄
routel
(1.59 KB)
📄
rpc.gssd
(88.73 KB)
📄
rpc.idmapd
(48.13 KB)
📄
rpc.mountd
(128.91 KB)
📄
rpc.nfsd
(40.2 KB)
📄
rpc.rquotad
(78.95 KB)
📄
rpc.statd
(97.59 KB)
📄
rpcbind
(60.07 KB)
📄
rpcdebug
(18.05 KB)
📄
rpcinfo
(27.3 KB)
📄
rsyslogd
(648.45 KB)
📄
rtacct
(41.93 KB)
📄
rtcwake
(31.96 KB)
📄
rtmon
(48.67 KB)
📄
rtpr
(37 B)
📄
rtstat
(20.09 KB)
📄
runlevel
(704.8 KB)
📄
runq
(1.33 MB)
📄
runuser
(32.21 KB)
📄
safe_finger
(11.08 KB)
📄
sasldblistusers2
(19.26 KB)
📄
saslpasswd2
(15.09 KB)
📄
sefcontext_compile
(60.53 KB)
📄
selabel_digest
(11.17 KB)
📄
selabel_lookup
(11.14 KB)
📄
selabel_lookup_best_match
(11.16 KB)
📄
selabel_partial_match
(11.09 KB)
📄
selinux_restorecon
(15.21 KB)
📄
selinuxconlist
(11.1 KB)
📄
selinuxdefcon
(11.12 KB)
📄
selinuxenabled
(6.98 KB)
📄
selinuxexeccon
(7.09 KB)
📄
semanage
(42.76 KB)
📄
semodule
(23.77 KB)
📄
sendmail
(13.48 KB)
📄
service
(3.17 KB)
📄
sestatus
(15.02 KB)
📄
setcap
(11.13 KB)
📄
setenforce
(7.05 KB)
📄
setfiles
(27.16 KB)
📄
setquota
(83.16 KB)
📄
setsebool
(14.99 KB)
📄
sfdisk
(83.25 KB)
📄
showmount
(19.56 KB)
📄
shutdown
(704.8 KB)
📄
sim_server
(10.97 KB)
📄
slattach
(42.4 KB)
📄
sln
(743.78 KB)
📄
sm-notify
(68.43 KB)
📄
smartctl
(864.48 KB)
📄
smartd
(670.63 KB)
📄
ss
(128.44 KB)
📄
sshd
(836.88 KB)
📄
sshd-keygen
(3.53 KB)
📄
start-statd
(842 B)
📄
suexec
(43.3 KB)
📄
sulogin
(40.53 KB)
📄
sushell
(67 B)
📄
swaplabel
(15.31 KB)
📄
swapoff
(15.53 KB)
📄
swapon
(53.29 KB)
📄
switch_root
(15.35 KB)
📄
sys-unconfig
(184 B)
📄
sysctl
(23.57 KB)
📄
tc
(384.66 KB)
📄
tcpd
(36.62 KB)
📄
tcpdmatch
(40.83 KB)
📄
telinit
(704.8 KB)
📄
tracepath
(15.05 KB)
📄
tracepath6
(15.05 KB)
📄
try-from
(23.47 KB)
📄
tsig-keygen
(19.44 KB)
📄
tune2fs
(69.41 KB)
📄
tuned
(3.29 KB)
📄
tuned-adm
(5.22 KB)
📄
udevadm
(414.27 KB)
📄
umount.nfs
(114.68 KB)
📄
umount.nfs4
(114.68 KB)
📄
unix_chkpwd
(35.42 KB)
📄
unix_update
(35.42 KB)
📄
update-alternatives
(27.61 KB)
📄
update-smart-drivedb
(14.34 KB)
📄
useradd
(134.39 KB)
📄
userdel
(93.5 KB)
📄
usermod
(130.33 KB)
📄
usernetctl
(11.03 KB)
📄
uuserver
(14.97 KB)
📄
vigr
(62.54 KB)
📄
vipw
(62.54 KB)
📄
virt-what
(11.57 KB)
📄
visudo
(200.91 KB)
📄
vmcore-dmesg
(19.28 KB)
📄
vpddecode
(15.33 KB)
📄
weak-modules
(31.9 KB)
📄
whmapi0
(3.02 MB)
📄
whmapi1
(3.02 MB)
📄
whmlogin
(2.33 KB)
📄
wipefs
(28.05 KB)
📄
wpa_cli
(128.06 KB)
📄
wpa_passphrase
(56.79 KB)
📄
wpa_supplicant
(1.93 MB)
📄
xfs_admin
(1.35 KB)
📄
xfs_bmap
(638 B)
📄
xfs_copy
(339.33 KB)
📄
xfs_db
(576.38 KB)
📄
xfs_estimate
(11.16 KB)
📄
xfs_freeze
(767 B)
📄
xfs_fsr
(31.83 KB)
📄
xfs_growfs
(327.2 KB)
📄
xfs_info
(472 B)
📄
xfs_io
(122.68 KB)
📄
xfs_logprint
(355.81 KB)
📄
xfs_mdrestore
(314.81 KB)
📄
xfs_metadump
(747 B)
📄
xfs_mkfile
(1007 B)
📄
xfs_ncheck
(650 B)
📄
xfs_quota
(84.88 KB)
📄
xfs_repair
(563.2 KB)
📄
xfs_rtcp
(15.25 KB)
📄
xqmstats
(14.03 KB)
📄
xtables-multi
(91.52 KB)
📄
yum-complete-transaction
(9.22 KB)
📄
yumdb
(8.67 KB)
📄
zdump
(14.02 KB)
📄
zic
(50.02 KB)
📄
zramctl
(82.23 KB)
Editing: fixfiles
#!/bin/bash # fixfiles # # Script to restore labels on a SELinux box # # Copyright (C) 2004-2013 Red Hat, Inc. # Authors: Dan Walsh <dwalsh@redhat.com> # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # seclabel support was added in 2.6.30. This function will return a positive # number if the current kernel version is greater than 2.6.30, a negative # number if the current is less than 2.6.30 and 0 if they are the same. # function useseclabel { VER=`uname -r` SUP=2.6.30 expr '(' "$VER" : '\([^.]*\)' ')' '-' '(' "$SUP" : '\([^.]*\)' ')' '|' \ '(' "$VER.0" : '[^.]*[.]\([^.]*\)' ')' '-' '(' "$SUP.0" : '[^.]*[.]\([^.]*\)' ')' '|' \ '(' "$VER.0.0" : '[^.]*[.][^.]*[.]\([^.]*\)' ')' '-' '(' "$SUP.0.0" : '[^.]*[.][^.]*[.]\([^.]*\)' ')' } # # Get all mount points that support labeling. Use the 'seclabel' field if it # is available. Else fall back to known fs types which likely support xattrs # and we know were not context mounted. # get_all_labeled_mounts() { FS="`cat /proc/self/mounts | sort | uniq | awk '{print $2}'`" for i in $FS; do if [ `useseclabel` -ge 0 ] then grep " $i " /proc/self/mounts | awk '{print $4}' | egrep --silent '(^|,)seclabel(,|$)' && echo $i else grep " $i " /proc/self/mounts | grep -v "context=" | egrep --silent '(ext[234]| ext4dev | gfs2 | xfs | jfs | btrfs )' && echo $i fi done } get_rw_labeled_mounts() { FS=`get_all_labeled_mounts | sort | uniq` for i in $FS; do grep " $i " /proc/self/mounts | awk '{print $4}' | egrep --silent '(^|,)rw(,|$)' && echo $i done } get_ro_labeled_mounts() { FS=`get_all_labeled_mounts | sort | uniq` for i in $FS; do grep " $i " /proc/self/mounts | awk '{print $4}' | egrep --silent '(^|,)ro(,|$)' && echo $i done } # # Get the default label returned from the kernel for a file with a lable the # kernel does not understand # get_undefined_type() { SELINUXMNT=`grep selinuxfs /proc/self/mountinfo | head -1 | awk '{ print $5 }'` cat ${SELINUXMNT}/initial_contexts/unlabeled | secon -t } # # Get the default label for a file without a label # get_unlabeled_type() { SELINUXMNT=`grep selinuxfs /proc/self/mountinfo | head -1 | awk '{ print $5 }'` cat $SELINUXMNT/initial_contexts/file | secon -t } exclude_dirs_from_relabelling() { exclude_from_relabelling= if [ -e /etc/selinux/fixfiles_exclude_dirs ] then while read i do # skip blank line and comment # skip not absolute path # skip not directory [ -z "${i}" ] && continue [[ "${i}" =~ "^[[:blank:]]*#" ]] && continue [[ ! "${i}" =~ ^/.* ]] && continue [[ ! -d "${i}" ]] && continue exclude_from_relabelling="$exclude_from_relabelling -e $i" logit "skipping the directory $i" done < /etc/selinux/fixfiles_exclude_dirs fi echo "$exclude_from_relabelling" } exclude_dirs() { exclude= for i in /sys /proc /dev /run /mnt /var/tmp /var/lib/BackupPC /home /tmp /dev; do [ -e $i ] && exclude="$exclude -e $i"; done exclude="$exclude `exclude_dirs_from_relabelling`" echo "$exclude" } # # Set global Variables # fullFlag=0 BOOTTIME="" VERBOSE="-p" [ -t 1 ] || VERBOSE="" FORCEFLAG="" DIRS="" RPMILES="" LOGFILE=`tty` if [ $? != 0 ]; then LOGFILE="/dev/null" fi LOGGER=/usr/sbin/logger SETFILES=/sbin/setfiles RESTORECON=/sbin/restorecon FILESYSTEMSRW=`get_rw_labeled_mounts` FILESYSTEMSRO=`get_ro_labeled_mounts` FILESYSTEMS="$FILESYSTEMSRW $FILESYSTEMSRO" SELINUXTYPE="targeted" if [ -e /etc/selinux/config ]; then . /etc/selinux/config FC=/etc/selinux/${SELINUXTYPE}/contexts/files/file_contexts else FC=/etc/security/selinux/file_contexts fi FC_SUB_DIST=${FC}.subs_dist FC_SUB=${FC}.subs FC_HOMEDIRS=${FC}.homedirs FC_LOCAL=${FC}.local # # Log to either syslog or a LOGFILE # logit () { if [ -n $LOGFILE ]; then echo $1 >> $LOGFILE fi } # # Find files newer then the passed in date and fix the label # newer() { DATE=$1 shift for m in `echo $FILESYSTEMSRW`; do find $m -mount -newermt $DATE -print0 2>/dev/null | ${RESTORECON} ${FORCEFLAG} ${VERBOSE} $* -i -0 -f - done; } # # Compare PREVious File Context to currently installed File Context and # run restorecon on all files affected by the differences. # diff_filecontext() { if [ -f ${PREFC} -a -x /usr/bin/diff ]; then TEMPFILE=`mktemp ${FC}.XXXXXXXXXX` test -z "$TEMPFILE" && exit PREFCTEMPFILE=`mktemp ${PREFC}.XXXXXXXXXX` sed -r -e 's,:s0, ,g' $PREFC | sort -u > ${PREFCTEMPFILE} sed -r -e 's,:s0, ,g' $FC | sort -u | \ /usr/bin/diff -b ${PREFCTEMPFILE} - | \ grep '^[<>]'|cut -c3-| grep ^/ | \ egrep -v '(^/home|^/root|^/tmp|^/dev)' |\ sed -r -e 's,[[:blank:]].*,,g' \ -e 's|\(([/[:alnum:]]+)\)\?|{\1,}|g' \ -e 's|([/[:alnum:]])\?|{\1,}|g' \ -e 's|\?.*|*|g' \ -e 's|\{.*|*|g' \ -e 's|\(.*|*|g' \ -e 's|\[.*|*|g' \ -e 's|\.\*.*|*|g' \ -e 's|\.\+.*|*|g' | \ # These two sorts need to be separate commands \ sort -u | \ sort -d | \ while read pattern ; \ do if ! echo "$pattern" | grep -q -f ${TEMPFILE} 2>/dev/null; then \ echo "$pattern"; \ case "$pattern" in *"*") \ echo "$pattern" | sed -e 's,^,^,' -e 's,\*$,,g' >> ${TEMPFILE};; esac; \ fi; \ done | \ ${RESTORECON} ${VERBOSE} -i -f - -R $* `exclude_dirs`; \ rm -f ${TEMPFILE} ${PREFCTEMPFILE} fi } # # Log all Read Only file systems # LogReadOnly() { if [ ! -z "$FILESYSTEMSRO" ]; then logit "Warning: Skipping the following R/O filesystems:" logit "$FILESYSTEMSRO" fi } rpmlist() { rpm -q --qf '[%{FILESTATES} %{FILENAMES}\n]' "$1" | grep '^0 ' | cut -f2- -d ' ' [ ${PIPESTATUS[0]} != 0 ] && echo "$1 not found" >/dev/stderr } # # restore # if called with -n will only check file context # restore () { OPTION=$1 shift if [ ! -z "$PREFC" ]; then diff_filecontext $* exit $? fi if [ ! -z "$BOOTTIME" ]; then newer $BOOTTIME $* exit $? fi [ -x /usr/sbin/genhomedircon ] && /usr/sbin/genhomedircon LogReadOnly # exclude_dirs="`exclude_dirs_from_relabelling $OPTION`" if [ -n "${exclude_dirs}" ] then TEMPFCFILE=`mktemp ${FC}.XXXXXXXXXX` test -z "$TEMPFCFILE" && exit /bin/cp -p ${FC} ${TEMPFCFILE} &>/dev/null || exit tmpdirs=${tempdirs//-e/} for p in ${tmpdirs} do p="${p%/}" p1="${p}(/.*)? -- <<none>>" echo "${p1}" >> $TEMPFCFILE logit "skipping the directory ${p}" done FC=$TEMPFCFILE /bin/cp -p ${FC_SUB_DIST} ${TEMPFCFILE}.subs_dist &>/dev/null || exit /bin/cp -p ${FC_SUB} ${TEMPFCFILE}.subs &>/dev/null || exit /bin/cp -p ${FC_HOMEDIRS} ${TEMPFCFILE}.homedirs &>/dev/null || exit # file_contexts.local does not always exist /bin/cp -p ${FC_LOCAL} ${TEMPFCFILE}.local &>/dev/null fi if [ ! -z "$RPMFILES" ]; then for i in `echo "$RPMFILES" | sed 's/,/ /g'`; do rpmlist $i | ${RESTORECON} $exclude_dirs ${FORCEFLAG} ${VERBOSE} $* -R -i -f - 2>&1 | cat >> $LOGFILE done exit $? fi if [ ! -z "$FILEPATH" ]; then ${RESTORECON} $exclude_dirs ${FORCEFLAG} ${VERBOSE} -R $* "$FILEPATH" 2>&1 | cat >> $LOGFILE return fi if [ -n "${FILESYSTEMSRW}" ]; then echo "${OPTION}ing `echo ${FILESYSTEMSRW}`" ${SETFILES} ${VERBOSE} $exclude_dirs -q ${FORCEFLAG} $* ${FC} ${FILESYSTEMSRW} 2>&1 | cat >> $LOGFILE else echo >&2 "fixfiles: No suitable file systems found" fi if [ ${OPTION} != "Relabel" ]; then return fi echo "Cleaning up labels on /tmp" rm -rf /tmp/gconfd-* /tmp/pulse-* /tmp/orbit-* $TEMPFCFILE ${TEMPFCFILE}.subs_dist ${TEMPFCFILE}.subs ${TEMPFCFILE}.homedirs ${TEMPFCFILE}.local UNDEFINED=`get_undefined_type` || exit $? UNLABELED=`get_unlabeled_type` || exit $? find /tmp \( -context "*:${UNLABELED}*" -o -context "*:${UNDEFINED}*" \) \( -type s -o -type p \) -delete find /tmp \( -context "*:${UNLABELED}*" -o -context "*:${UNDEFINED}*" \) -exec chcon --no-dereference --reference /tmp {} \; find /var/tmp \( -context "*:${UNLABELED}*" -o -context "*:${UNDEFINED}*" \) -exec chcon --no-dereference --reference /var/tmp {} \; find /var/run \( -context "*:${UNLABELED}*" -o -context "*:${UNDEFINED}*" \) -exec chcon --no-dereference --reference /var/run {} \; [ ! -e /var/lib/debug ] || find /var/lib/debug \( -context "*:${UNLABELED}*" -o -context "*:${UNDEFINED}*" \) -exec chcon --no-dereference --reference /lib {} \; exit 0 } fullrelabel() { logit "Cleaning out /tmp" find /tmp/ -mindepth 1 -delete LogReadOnly restore Relabel } relabel() { if [ ! -z "$RPMFILES" ]; then restore Relabel fi if [ $fullFlag == 1 ]; then fullrelabel fi echo -n " Files in the /tmp directory may be labeled incorrectly, this command can remove all files in /tmp. If you choose to remove files from /tmp, a reboot will be required after completion. Do you wish to clean out the /tmp directory [N]? " read answer if [ "$answer" = y -o "$answer" = Y ]; then fullrelabel else restore Relabel fi } process() { # # Make sure they specified one of the three valid commands # case "$1" in restore) restore Relabel;; check) VERBOSE="-v"; restore Check -n;; verify) restore Verify -n -o -;; relabel) relabel;; onboot) > /.autorelabel [ -z "$FORCEFLAG" ] || echo -n "$FORCEFLAG " >> /.autorelabel [ -z "$BOOTTIME" ] || echo -N $BOOTTIME >> /.autorelabel # Force full relabel if / does not have a label on it getfilecon / > /dev/null 2>&1 || echo -F >/.autorelabel echo "System will relabel on next boot" ;; *) usage exit 1 esac } usage() { echo $""" Usage: $0 [-v] [-F] [-N time ] [-l logfile ] { check | restore| [-f] relabel | verify } [[dir/file] ... ] or Usage: $0 [-v] [-F] -R rpmpackage[,rpmpackage...] [-l logfile ] { check | restore | verify } or Usage: $0 [-v] [-F] -C PREVIOUS_FILECONTEXT { check | restore | verify } or Usage: $0 [-F] [-B] onboot """ } if [ $# = 0 ]; then usage exit 1 fi # See how we were called. while getopts "N:BC:FfR:l:v" i; do case "$i" in B) BOOTTIME=`/bin/who -b | awk '{print $3}'` ;; f) fullFlag=1 ;; v) VERBOSE="-v" ;; R) RPMFILES=$OPTARG ;; l) LOGFILE=$OPTARG ;; C) PREFC=$OPTARG ;; F) FORCEFLAG="-F" ;; N) BOOTTIME=$OPTARG ;; *) usage exit 1 esac done # Move out processed options from arguments shift $(( OPTIND - 1 )) # Check for the command command=$1 if [ -z $command ]; then usage fi # Move out command from arguments shift # # check if they specified both DIRS and RPMFILES # if [ ! -z "$RPMFILES" ]; then process $command if [ $# -gt 0 ]; then usage fi else if [ -z "$1" ]; then process $command else while [ -n "$1" ]; do FILEPATH=$1 process $command shift done fi fi exit $?
Upload File
Create Folder