getpidcon_raw - Linux
Overview
getpidcon_raw is a Linux command used to retrieve the security context of the current process in raw format. It is most commonly used in security contexts to analyze and troubleshoot process-level access control and labeling.
Syntax
getpidcon_raw [OPTION...]
Options/Flags
-c, –canonicalize
Canonicalize the security context. Format the output in the friendly, human-readable format.
-s, –short
Shorten the output format to only display the context.
-e, –enforce
Enforce mode. Check if the process has the specified context.
Examples
Display the current process’s security context in raw format:
$ getpidcon_raw
system_u:system_r:unconfined_t
Canonicalize the security context to human-readable format:
$ getpidcon_raw -c
system_u:system_r:unconfined_t:s0
Check if the process has a specific security context:
$ getpidcon_raw -e 'system_u:system_r:init_t'
Common Issues
- If the binary is not setuid, it will fail with
Permission denied
.
Integration
Combine with ps
to show security contexts for all processes:
$ ps -eo pid,user,command,con=getpidcon_raw
Related Commands
- getenforce – Get the current SELinux enforcement mode.
- chcon – Change the security context of a file or directory.
- sestatus – Show the SELinux status.