SECON(1) NSA SECON(1)
secon - See an SELinux context, from a file, program or user input.
secon [-hVurtscmPRfLp] [CONTEXT]
See a part of a context. The context is taken from a file, pid, user input or the context
in which secon is originally executed.
shows the current version of secon
shows the usage information for secon
outputs data in a format suitable for a prompt
outputs data with the associated ANSI color codes (requires -P)
show the user of the security context
show the role of the security context
show the type of the security context
show the sensitivity level of the security context
show the clearance level of the security context
show the sensitivity level and clearance, as a range, of the security context
outputs the sensitivity level and clearance in an untranslated format.
gets the context from the specified file FILE
gets the context from the specified file FILE (doesn't follow symlinks)
gets the context from the specified process PID
gets the exec context from the specified process PID
gets the fscreate context from the specified process PID
gets the context from the current process
gets the exec context from the current process
gets the fscreate context from the current process
gets the context from the parent of the current process
gets the exec context from the parent of the current process
gets the fscreate context from the parent of the current process
Additional argument CONTEXT may be provided and will be used if no options have been spec-
ified to make secon get its context from another source. If that argument is - then the
context will be read from stdin.
If there is no argument, secon will try reading a context from stdin, if that is not a
tty, otherwise secon will act as though --self had been passed.
If none of --user, --role, --type, --level or --mls-range is passed. Then all of them
will be output.
James Antill (email@example.com)
Security Enhanced Linux April 2006 SECON(1)