国际访客建议访问 Primers 编程伙伴 国际版站点 > Bash 教程 > runcon 以获得更好的体验。

# Bash 的 runcon 命令

runcon [OPTION]... CONTEXT COMMAND [args]...

!subtitle:功能

使用指定的 SELinux 安全上下文运行命令。

!subtitle:类型

可执行文件(/usr/bin/runcon),属于 coreutils

!subtitle:参数

  • OPTION 选项:

    • -c, --compute - 在应用指定的安全上下文之前先计算进程可能的转变安全上下文

    • -t, --type=TYPE - 指定安全上下文的的 TYPE

    • -u, --user=USER - 指定安全上下文的的 USER

    • -r, --role=ROLE - 指定安全上下文的的 ROLE

    • -l, --range=LEVEL - 指定安全上下文的的 LEVEL

    • --help - 显示帮助

    • --version - 显示版本

  • CONTEXT - 安全上下文;通常格式为 USER:ROLE:TYPE:LEVEL

  • COMMAND - 命令

  • args - 命令的参数列表

# 示例

$ runcon system_u:system_r:httpd_t:s0 id -Z
system_u:system_r:httpd_t:s0

# 推荐阅读

# 手册

RUNCON(1)                        User Commands                       RUNCON(1)

NAME
       runcon - run command with specified security context

SYNOPSIS
       runcon CONTEXT COMMAND [args]
       runcon [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]

DESCRIPTION
       Run COMMAND with completely-specified CONTEXT, or with current or tran‐
       sitioned security context modified by one or more of LEVEL, ROLE, TYPE,
       and USER.

       If  none  of -c, -t, -u, -r, or -l, is specified, the first argument is
       used as the complete context.  Any additional arguments  after  COMMAND
       are interpreted as arguments to the command.

       Note  that  only  carefully-chosen  contexts are likely to successfully
       run.

       Run a program in a different SELinux security  context.   With  neither
       CONTEXT nor COMMAND, print the current security context.

       Mandatory  arguments  to  long  options are mandatory for short options
       too.

       CONTEXT
              Complete security context

       -c, --compute
              compute process transition context before modifying

       -t, --type=TYPE
              type (for same role as parent)

       -u, --user=USER
              user identity

       -r, --role=ROLE
              role

       -l, --range=RANGE
              levelrange

       --help display this help and exit

       --version
              output version information and exit

   Exit status:
       125    if the runcon command itself fails

       126    if COMMAND is found but cannot be invoked

       127    if COMMAND cannot be found

       -      the exit status of COMMAND otherwise

AUTHOR
       Written by Russell Coker.

REPORTING BUGS
       GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
       Report any translation bugs to <https://translationproject.org/team/>

COPYRIGHT
       Copyright © 2023 Free Software Foundation, Inc.   License  GPLv3+:  GNU
       GPL version 3 or later <https://gnu.org/licenses/gpl.html>.
       This  is  free  software:  you  are free to change and redistribute it.
       There is NO WARRANTY, to the extent permitted by law.

SEE ALSO
       Full documentation <https://www.gnu.org/software/coreutils/runcon>
       or available locally via: info '(coreutils) runcon invocation'

GNU coreutils 9.4                 April 2024                         RUNCON(1)
本文 更新于: 2025-11-27 09:38:15 创建于: 2025-11-27 09:38:15