How do I remove any SELinux context or ACL?

--------------------------------------------------
Hire the world's top talent on demand or became one of them at Toptal: https://topt.al/25cXVn
--------------------------------------------------

Music by Eric Matyas
https://www.soundimage.org
Track title: Future Grid Looping

--

Chapters
00:00 How Do I Remove Any Selinux Context Or Acl?
00:37 Answer 1 Score 2
00:53 Accepted Answer Score 19
01:10 Answer 3 Score 2
01:51 Thank you

--

Full question
https://superuser.com/questions/191903/h...

--

Content licensed under CC BY-SA
https://meta.stackexchange.com/help/lice...

--

Tags
#acl #selinux

#avk47

ACCEPTED ANSWER

Score 19

setfacl -b will remove the ACL on a file. setfattr -x security.selinux will remove the SELinux file context, but you will probably have to boot with SELinux completely disabled.

ANSWER 2

Score 2

You never stated what you are removing ACL's "from", but if it is a file system, unmounting it and remounting it without the ACL option will do the job quickly.

ANSWER 3

Score 2

As long as selinux is in permissive or enforcing you will not be able to remove the . This indicates selinux attributes are set. Since Permissive is still doing the selinux checks (just not enforcing) it will force the . on the end of attributes.

To fully remove the dot the only way I know of is to completely stop selinux.

vim /etc/selinux/config and set to disabled. Reboot then run this command on the files you want to remove the . (selinux acl)

setfattr -x security.selinux myfilewithdot

Here is the output from my desktop Centos7 after setting selinux to

setfattr -x security.selinux /foo.txt