HI, I have some files, that I'd like to remove the SELinux context or ACLs from (denoted by a '.' or a '+' respectively when using ls -alZ).
I don't have too much time on my hands to read on the , etc on how to use chcon etc., so I just want to quickly know how to disable them all.
Also, if someone knows a SELinux/ACL Cheat-Sheet, that would be terrific.
Here's a screen shot:
Notice the dots right after the permission symbols: drwxr-xr-x., etc.
setfacl -b will remove the ACL on a file. setfattr -x security.selinux will remove the SELinux file context, but you will probably have to boot with SELinux completely disabled.
As long as selinux is in permissive or enforcing you will not be able to remove the . This indicates selinux attributes are set. Since Permissive is still doing the selinux checks (just not enforcing) it will force the . on the end of attributes.
To fully remove the dot the only way I know of is to completely stop selinux.
vim /etc/selinux/config and set to disabled. Reboot then run this command on the files you want to remove the . (selinux acl)
setfattr -x security.selinux myfilewithdot
Here is the output from my desktop Centos7 after setting selinux to
setfattr -x security.selinux /foo.txt
You never stated what you are removing ACL's "from", but if it is a file system, unmounting it and remounting it without the ACL option will do the job quickly.
