SETFSMAC(8)             FreeBSD System Manager's Manual            SETFSMAC(8)

NAME
     setfsmac - set MAC label for a file hierarchy

SYNOPSIS
     setfsmac [-ehqvx] [-f specfile] ... [-s specfile] ... file ...

DESCRIPTION
     The setfsmac utility accepts a list of specification files as input and
     sets the MAC labels on the specified file system hierarchies.  Path names
     specified will be visited in order as given on the command line, and each
     tree will be traversed in pre-order.  (Generally, it will not be very
     useful to use relative paths instead of absolute paths.)  Multiple
     entries matching a single file will be combined and applied in a single
     transaction.

     The following options are available:

     -e      Treat any file systems encountered which do not support MAC
             labelling as errors, instead of warning and skipping them.

     -f specfile
             Apply the specifications in specfile to the specified paths.
             NOTE: Only the first entry for each file is applied; all others
             are disregarded and silently dropped.  Multiple -f arguments may
             be specified to include multiple specification files.

     -h      When a symbolic link is encountered, change the label of the link
             rather than the file the link points to.

     -q      Do not print non-fatal warnings during execution.

     -s specfile
             Apply the specifications in specfile, but assume the
             specification format is compatible with the SELinux specfile
             format.  NOTE: Only the first entry for each file is applied; all
             others are disregarded and silently dropped.  The prefix "sebsd/"
             will be automatically prepended to the labels in specfile.
             Labels matching "<<none>>" will be explicitly not relabeled.
             This permits SEBSD to reuse existing SELinux policy specification
             files.

     -v      Increase the degree of verbosity.

     -x      Do not recurse into new file systems when traversing them.

FILES
     /usr/share/security/lomac-policy.contexts      Sample specfile containing
                                                    LOMAC policy entries.

EXAMPLES
     See FILES.

SEE ALSO
     mac(3), mac_set_file(3), mac_set_link(3), mac(4), re_format(7),
     getfmac(8), setfmac(8), mac(9)

AUTHORS
     This software was contributed to the FreeBSD Project by Network
     Associates Labs, the Security Research Division of Network Associates
     Inc.  under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of
     the DARPA CHATS research program.

FreeBSD 13.1-RELEASE-p6        February 17, 2004       FreeBSD 13.1-RELEASE-p6