restorecond - Man Page

• Start the restorecond daemon: sudo restorecond
• Run restorecond in [v]erbose mode to see restoration events: sudo restorecond -v
• Run restorecond in [d]ebug mode: sudo restorecond -d
• Use alternative restorecond.conf file: sudo restorecond -f restorecond_file
• Check the status of the restorecond service: sudo systemctl status restorecond
• Enable restorecond to start at boot: sudo systemctl enable restorecond --now

tldr.sh

restorecond [-d] [-h] [-f restorecond_file ] [-u] [-v]

This manual page describes the restorecond program.

This daemon uses inotify to watch files listed in the /etc/selinux/restorecond.conf, when they are created, this daemon will make sure they have  the correct file context associated with the policy.

-d

Turns on debugging mode.   Application will stay in the foreground and lots of debugs messages start printing.

-h

Print usage statement.

-f restorecond_file

Use alternative restorecond.conf file.

-u

Turns on user mode.  Runs restorecond in the user session and reads /etc/selinux/restorecond_user.conf.  Uses dbus to make sure only one restorecond is running per user session.

-v

Turns on verbose debugging.  (Report missing files)

This man page and program was written by Dan Walsh <dwalsh@redhat.com>.

/etc/selinux/restorecond.conf /etc/selinux/restorecond_user.conf

restorecon(8),

restorecond_selinux(8).