coreutils: runcon invocation

1 
1 22.2 ‘runcon’: Run a command in specified SELinux context
1 =========================================================
1 
1 ‘runcon’ runs file in specified SELinux security context.
1 
1    Synopses:
1      runcon CONTEXT COMMAND [ARGS]
1      runcon [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [ARGS]
1 
1    Run COMMAND with completely-specified CONTEXT, or with current or
1 transitioned security context modified by one or more of LEVEL, ROLE,
1 TYPE and USER.
1 
1    If none of ‘-c’, ‘-t’, ‘-u’, ‘-r’, or ‘-l’ is specified, the first
1 argument is used as the complete context.  Any additional arguments
1 after COMMAND are interpreted as arguments to the command.
1 
1    With neither CONTEXT nor COMMAND, print the current security context.
1 
1    Note also the ‘setpriv’ command which can be used to set the
1 NO_NEW_PRIVS bit using ‘setpriv --no-new-privs runcon ...’, thus
1 disallowing usage of a security context with more privileges than the
1 process would normally have.
1 
11    ‘runcon’ accepts the following options.  Also see ⇒Common
 options.
1 
1 ‘-c’
1 ‘--compute’
1      Compute process transition context before modifying.
1 
1 ‘-u USER’
1 ‘--user=USER’
1      Set user USER in the target security context.
1 
1 ‘-r ROLE’
1 ‘--role=ROLE’
1      Set role ROLE in the target security context.
1 
1 ‘-t TYPE’
1 ‘--type=TYPE’
1      Set type TYPE in the target security context.
1 
1 ‘-l RANGE’
1 ‘--range=RANGE’
1      Set range RANGE in the target security context.
1 
1    Exit status:
1 
1      126 if COMMAND is found but cannot be invoked
1      127 if ‘runcon’ itself fails or if COMMAND cannot be found
1      the exit status of COMMAND otherwise
1