sefcontext_compile man page

sefcontext_compile — compile file context regular expression files


sefcontext_compile [-o outputfile] [-p policyfile] inputfile


sefcontext_compile is used to compile file context regular expressions into pcre(3) format.

The compiled file is used by libselinux file labeling functions.

By default sefcontext_compile writes the compiled pcre file with the .bin suffix appended (e.g. inputfile.bin).


Specify an outputfile that must be a fully qualified file name as the .bin suffix is not automatically added.
Specify a binary policyfile that will be used to validate the context entries in the inputfile
If an invalid context is found the pcre formatted file will not be written and an error will be returned.

Return Value

On error -1 is returned. On success 0 is returned.


Example 1:
sefcontext_compile /etc/selinux/targeted/contexts/files/file_contexts

Results in the following file being generated:


Example 2:
sefcontext_compile -o new_fc.bin /etc/selinux/targeted/contexts/files/file_contexts

Results in the following file being generated in the cwd:



Dan Walsh, <dwalsh@redhat.com>

See Also

selinux(8), semanage(8),


Explore man page connections for sefcontext_compile(8).