The OpenNET Project / Index page

[ новости/++ | форум | wiki | теги ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

sechecker (1)
  • >> sechecker (1) ( Linux man: Команды и прикладные программы пользовательского уровня )
  •  

    NAME

    sechecker - SELinux policy checking tool
     
    

    SYNOPSIS

    sechecker [OPTIONS] -m module Run module

    sechecker [OPTIONS] -p profile Run profile

    sechecker [OPTIONS] -m module -p profile Run module with profile  

    Description

    This manual page describes the sechecker command.

    sechecker allows the user to perform predefined modular checks on a SELinux policy. Profiles exist to group modules together and allow modification of module settings (see below).  

    OPTIONS

    -l, --list
    print a list of profiles and modules
    -q, --quiet
    suppress output
    -s, --short
    print short output
    -v, --verbose
    print verbose output
    --version
    print version and exit
    --fcfile=<file>
    file_contexts file
    --policy=<file>
    policy file
    -h[mod], --help[=module]
    print general help or help for a module
    -m <mod>, --module=<mod>
    module name
    -p <prof>, --profile=<prof>
    profile name or path
    --min-sev=<low|med|high>
    the minimum severity to report
     

    PROFILE OPTIONS

    Profiles are used to group modules together, to specify the output format for each module in the report, and to provide the ability to override the modules' default options. Each profile is a well-formed XML document, as specified by the DTD installed with sechecker. An example profile follows:

    <sechecker version="1.1">

           <profile>

                   <module name="find_domains">

                           <output value="quiet"/>

                           <option name="domain_attribute">

                                   <item value="domain"/>

                                   <item value="user_domain"/>

                                   ...

                           </option>

                   </module>

                   ...

           </profile>

    </sechecker>

    The example profile specifies the output property for the find_domains module. The valid output values for each module are specified below:

    verbose:
    prints each result in the report with an accompanying proof

    short:
    prints a list of results without an accompanying proof

    none:
    does not print output in the report, however module errors will be printed

    quiet:
    does not print output in the report and does not print errors, (this is usefull for utility modules for which the calling module handles the errors)

    The example profile also overrides the default value for the "domain_attribute" option in the find_domains module.

     

    AUTHOR

    This manual page was written by Kevin Carr <kcarr@tresys.com> and Jeremy Mowery <jmowery@tresys.com>.

     

    COPYRIGHT

    Copyright(C) 2006 Tresys Technology, LLC

     

    SEE ALSO

    apol(1)


     

    Index

    NAME
    SYNOPSIS
    Description
    OPTIONS
    PROFILE OPTIONS
    AUTHOR
    COPYRIGHT
    SEE ALSO


    Поиск по тексту MAN-ов: 




      Закладки на сайте
      Проследить за страницей
    Created 1996-2017 by Maxim Chirkov  
    ДобавитьРекламаВебмастеруГИД  
    Hosting by Ihor