GNU/Linux |
CentOS 4.8 |
i386 |
![]() |
sesearch(1) |
![]() |
sesearch − SELinux policy query tool
sesearch [OPTIONS] [POLICY_FILE]
This manual page describes the sesearch command.
sesearch allows the user to query a SELinux policy for type enforcement rules.
-s NAME, --source NAME
find rules with NAME type/attrib (regex) as source
-t NAME, --target NAME
find rules with NAME type/attrib (regex) as target
-c NAME, --class NAME
find rules with NAME as the object class
-p P1[,P2,...] --perms P1[,P2...]
find rules with the specified permissions
-b NAME, --boolean NAME
find conditional rules with NAME in the expression
--allow
search for allow rules only
--neverallow
search for neverallow rules only
--audit
search for auditallow and dontaudit rules only
--type |
search for type_trans and type_change rules only |
-i, --indirect
also search for the type’s attributes
-n, --noregex
do not use regular expression to match type/attributes
-a, --all
show all rules regardless of type, class, or perms
-l, --lineno
include line # in policy.conf for each rule. This option is ignored if using a binary policy.
-C, --show_cond
show conditional expression for conditional rules
-h, --help
display this help and exit
-v, --version
output version information and exit
If none of -s, -t, -c, -p -b are specified, then all rules are shown. You must specify -a (--all), or one of more of --allow, --neverallow,--audit, or --type.
The default source policy, or if that is unavailable the default binary policy, will be opened if no policy file name is provided.
This manual page was written by Kevin Carr <kcarr@tresys.com>.
Copyright(C) 2006 Tresys Technology, LLC
seinfo(1), apol(1)
![]() |
sesearch(1) | ![]() |