sesearch - SELinux policy query tool
Synopsis
Description
Options
Information
Author
Copyright
See Also
sesearch [OPTIONS] [POLICY_FILE]
This manual page describes the sesearch command.sesearch allows the user to query a SELinux policy for type enforcement rules.
-s NAME, --source NAME find rules with NAME type/attrib (regex) as source -t NAME, --target NAME find rules with NAME type/attrib (regex) as target -c NAME, --class NAME find rules with NAME as the object class -p P1[,P2,...] --perms P1[,P2...] find rules with the specified permissions -b NAME, --boolean NAME find conditional rules with NAME in the expression --allow search for allow rules only --neverallow search for neverallow rules only --audit search for auditallow and dontaudit rules only --type search for type_trans and type_change rules only -i, --indirect also search for the type’s attributes -n, --noregex do not use regular expression to match type/attributes -a, --all show all rules regardless of type, class, or perms -l, --lineno include line # in policy.conf for each rule. This option is ignored if using a binary policy. -C, --show_cond show conditional expression for conditional rules -h, --help display this help and exit -v, --version output version information and exit
If none of -s, -t, -c, -p -b are specified, then all rules are shown. You must specify -a (--all), or one of more of --allow, --neverallow,--audit, or --type.The default source policy, or if that is unavailable the default binary policy, will be opened if no policy file name is provided.
This manual page was written by Kevin Carr <kcarr@tresys.com>.
Copyright(C) 2006 Tresys Technology, LLC
seinfo(1), apol(1)
| sesearch (1) |