Comrite Unix Man page/Perldoc/Info page, English-Chinese Dictionary, Chinese-English Dictionary

sesearch

Command: man perldoc info search(apropos)  

  
sesearch(1)                                                        sesearch(1)



NAME
       sesearch - SELinux policy query tool

SYNOPSIS
       sesearch [OPTIONS] [POLICY_FILE]

DESCRIPTION
       This manual page describes the sesearch command.

       sesearch allows the user to query a SELinux policy for type enforcement
       rules.

OPTIONS
       -s NAME, --source NAME
              find rules with NAME type/attrib (regex) as source

       -t NAME, --target NAME
              find rules with NAME type/attrib (regex) as target

       --role_source NAME
              find rules with NAME role (regex) as source

       --role_target NAME
              find rules with NAME role (regex) as target

       -c NAME, --class NAME
              find rules with NAME as the object class

       -p P1[,P2,...] --perms P1[,P2...]
              find rules with the specified permissions

       -b NAME, --boolean NAME
              find conditional rules with NAME in the expression

       --allow
              search for allow rules only

       --neverallow
              search for neverallow rules only

       --audit
              search for auditallow and dontaudit rules only

       --type search for type_trans and type_change rules only

       --rangetrans
              search for range transition rules

       --role_allow
              search for role allow rules

       --role_trans
              search for role transition rules

       -a, --all
              show all rules regardless of type, class, or perms

       -i, --indirect
              also search for the type's attributes

       -n, --noregex
              do not use regular expression to match type/attributes

       -l, --lineno
              include line # in policy.conf for each  rule.   This  option  is
              ignored if using a binary policy.

       -C, --show_cond
              show conditional expression for conditional rules

       -h, --help
              display this help and exit

       -v, --version
              output version information and exit

INFORMATION
       If  none  of  -s,  -t,  -c, -p, -b, --role_source, or --role_target are
       specified, then all rules are shown.  You must specify -a  (--all),  or
       one   of   more   of   --allow,  --neverallow,  --audit,  --rangetrans,
       --role_allow, --role_trans or --type.

       The default source policy, or if that is unavailable the default binary
       policy, will be opened if no policy file name is provided.

AUTHOR
       This manual page was written by Kevin Carr <kcarr AT tresys.com>.

COPYRIGHT
       Copyright(C) 2006 Tresys Technology, LLC

SEE ALSO
       seinfo(1), apol(1)



                                                                   sesearch(1)
 

©2005 Comrite