file_contexts - Linux


file_contexts is a tool specifically designed for managing and manipulating SELinux file contexts on a Linux system. It plays a crucial role in configuring access control policies for files and directories, ensuring a secure computing environment.


file_contexts [-h] [-l] [-v] FILE_CONTEXTS...
file_contexts [-h] [-l] [-n] [-e] [-r] FILE_CONTEXTS...


  • -h, –help: Display help message.
  • -l, –list: List file contexts from the specified file or the default context file.
  • -n, –new: Create a new file context.
  • -e, –edit: Edit an existing file context.
  • -r, –replace: Replace an existing file context.
  • -v, –verify: Verify the syntax of file context specifications.


1. List file contexts:

file_contexts -l

2. Create a new file context:

file_contexts -n /my/new/file system_u:object_r:newfile_t:s0

3. Edit an existing file context:

file_contexts -e /home/user/file user_u:object_r:user_home_t:s0

Common Issues

  • Context already exists: If you attempt to create a file context that already exists, you will encounter an error. Use the -e option to edit the existing context instead.
  • Syntax errors: File context specifications must follow a specific syntax. Use the -v option to verify the syntax before creating or editing contexts.


file_contexts can be integrated with various other Linux tools and commands:

  • audit2why: Analyze audit events and determine the SELinux file context that was violated.
  • restorecon: Restore file contexts to their default values, ensuring proper access control.

Related Commands

  • chcon: Change the file context of a file or directory.
  • restorecon: Restore file contexts to their default values.
  • selinuxenabled: Check if SELinux is enabled and enforcing.