如何查看文件的 SELinux 上下文?

如何查看文件的 SELinux 上下文?

我从 Android 手机中提取了用户数据分区(ext4格式),并将其安装在 Kubuntu 19.10 上。我试图弄清楚输出.ls -l的内容,最终发现它代表 SELinux 上下文。但是,我不确定如何查看这些 SELinux ACL。SELinux 的等价物是什么getfacl

pshem@computer:~/research_android/data_partition$ ls -l
total 352
drwx------.   2 root  root   4096 Jan  1  2010 adb
drwxrwxr-x.   2 root  root   4096 Mar 20 09:07 aee_exp
drwxrwxr-x.   3 pshem pshem  4096 Feb  6 02:01 anr
drwxrwxrwx.   2 root  root   4096 Jan  1  2010 APN
drwxrwx--x.  36 pshem pshem  4096 Mar 20 11:36 app
drwx------.   2 root  root   4096 Jan  1  2010 app-asec
drwxrwx--x.   2 pshem pshem  4096 Jan  1  2010 app-ephemeral
drwxrwx--x.   2 pshem pshem  4096 Jan  1  2010 app-lib
drwxrwx--x.   2 pshem pshem  4096 Jan  1  2010 app-private
drwx------.   6 pshem pshem  4096 Mar 20 11:36 backup
drwxr-xr-x.   2  2000  2000  4096 Jan  1  2010 bootchart
drwxrwx---.   5 pshem  2001  4096 Jan  1  2010 cache
drwxrwxrwx.   2 root  root   4096 Jan  1  2010 Carrier
drwxrwxrwx.   2 root  root  16384 Jan  1  2010 CarrierConfig
drwxrwxr-x.   3  2000 pshem  4096 Jan  1  2010 connsyslog
drwxrwxr-x.   2 pshem pshem  4096 Jan  1  2010 core
drwxrwx--x.   4 root  root   4096 Feb  6 04:46 dalvik-cache
drwxrwx--x. 137 pshem pshem 12288 Mar 20 11:36 data
drwxrwx---.   2  1019  1019  4096 Jan  1  2010 drm
drwxrwxr-x.   2 pshem pshem  4096 Jan  1  2010 dumpsys
drwxrwx--x.   3 pshem pshem  4096 Jan  1  2010 faceunlock
drwxr-x--x.   4 root  root   4096 Jan  1  2010 local
drwxr-xr-x.   2 pshem pshem  4096 Jan  1  2010 log_temp
drwxrwx---.   2 root  root  16384 Jan  1  2010 lost+found
drwxrwxr-x.   3  2000 pshem  4096 Jan  1  2010 mdlog
drwxrwx---.   4  1023  1023  4096 Jan  1  2010 media
drwxrwx---.   2  1031  1031  4096 Jan  1  2010 mediadrm
drwxrwx--t.  43 pshem  9998  4096 Jan  1  2010 misc
drwxrwx--t.   3 pshem  9998  4096 Jan  1  2010 misc_ce
drwxrwx--t.   3 pshem  9998  4096 Jan  1  2010 misc_de
drwxrwx---.   3  1027  1027  4096 Jan  1  2010 nfc
drwxrwx--x.   2 root  root   4096 Feb  6 04:46 ota
drwxrwx---.   2 pshem  2001  4096 Feb  6 04:49 ota_package
drwxrwxr-x.   5 pshem pshem  4096 Jan  1  2010 preloads
drwx------.   2 root  root   4096 Mar 20 11:46 property
drwxrwx--x.   2 pshem pshem  4096 Jan  1  2010 resource-cache
drwx------.   2 pshem pshem  4096 Jan  1  2010 ss
drwxrwxr-x.  19 pshem pshem  4096 Mar 20 11:40 system
drwxrwx---.   3 pshem pshem  4096 Jan  1  2010 system_ce
drwxrwx---.   3 pshem pshem  4096 Feb 21 04:34 system_de
drwxrwx--x.   2 pshem pshem  4096 Jan  1  2010 tombstones
drwx------.   3 root  root   4096 Jan  1  2010 unencrypted
drwx--x--x.   2 pshem pshem  4096 Jan  1  2010 user
drwx--x--x.   3 pshem pshem  4096 Jan  1  2010 user_de
drwxrwx--x.  25 root  root   4096 Jan  1  2010 vendor
drwxrwx--x.   3 root  root   4096 Jan  1  2010 vendor_ce
drwxrwx--x.   3 root  root   4096 Jan  1  2010 vendor_de

根据手动输入,secon --file应该可以工作,但它只输出secon: SELinux is not enabled

SELinux ACL 源代码

答案1

ls -Z能够解析 SELinux ACL 并以可读格式显示它们:

pshem@computer:~/research_android/data_partition$ ls -Z
          u:object_r:adb_data_file:s0 adb                    u:object_r:mdlog_data_file:s0 mdlog
      u:object_r:aee_exp_data_file:s0 aee_exp             u:object_r:media_rw_data_file:s0 media
          u:object_r:anr_data_file:s0 anr                    u:object_r:media_data_file:s0 mediadrm
       u:object_r:system_data_file:s0 APN                   u:object_r:system_data_file:s0 misc
          u:object_r:apk_data_file:s0 app                   u:object_r:system_data_file:s0 misc_ce
        u:object_r:asec_image_file:s0 app-asec              u:object_r:system_data_file:s0 misc_de
       u:object_r:system_data_file:s0 app-ephemeral         u:object_r:system_data_file:s0 nfc
       u:object_r:system_data_file:s0 app-lib                  u:object_r:ota_data_file:s0 ota
  u:object_r:apk_private_data_file:s0 app-private           u:object_r:ota_package_file:s0 ota_package
       u:object_r:backup_data_file:s0 backup              u:object_r:preloads_data_file:s0 preloads
    u:object_r:bootchart_data_file:s0 bootchart           u:object_r:property_data_file:s0 property
             u:object_r:cache_file:s0 cache          u:object_r:resourcecache_data_file:s0 resource-cache
       u:object_r:system_data_file:s0 Carrier               u:object_r:system_data_file:s0 ss
       u:object_r:system_data_file:s0 CarrierConfig         u:object_r:system_data_file:s0 system
    u:object_r:consyslog_data_file:s0 connsyslog            u:object_r:system_data_file:s0 system_ce
     u:object_r:aee_core_data_file:s0 core                  u:object_r:system_data_file:s0 system_de
  u:object_r:dalvikcache_data_file:s0 dalvik-cache       u:object_r:tombstone_data_file:s0 tombstones
       u:object_r:system_data_file:s0 data             u:object_r:unencrypted_data_file:s0 unencrypted
          u:object_r:drm_data_file:s0 drm                   u:object_r:system_data_file:s0 user
  u:object_r:aee_dumpsys_data_file:s0 dumpsys               u:object_r:system_data_file:s0 user_de
        u:object_r:faceunlock_file:s0 faceunlock            u:object_r:vendor_data_file:s0 vendor
       u:object_r:system_data_file:s0 local                 u:object_r:vendor_data_file:s0 vendor_ce
      u:object_r:logtemp_data_file:s0 log_temp              u:object_r:vendor_data_file:s0 vendor_de
       u:object_r:system_data_file:s0 lost+found

PS. 我只能回答我自己的问题,因为 StackOverflow 建议的类似问题包含有关 的一些.提示drwxrwxrwx.

相关内容