From patchwork Wed Sep 9 13:30:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Haines X-Patchwork-Id: 11767125 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1675A618 for ; Thu, 10 Sep 2020 08:48:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D94272078E for ; Thu, 10 Sep 2020 08:48:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=btinternet.com header.i=@btinternet.com header.b="rgfEb/pr" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729953AbgIJIsT (ORCPT ); Thu, 10 Sep 2020 04:48:19 -0400 Received: from mailomta6-re.btinternet.com ([213.120.69.99]:21506 "EHLO re-prd-fep-042.btinternet.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1729135AbgIJIsP (ORCPT ); Thu, 10 Sep 2020 04:48:15 -0400 Received: from re-prd-rgout-003.btmx-prd.synchronoss.net ([10.2.54.6]) by re-prd-fep-048.btinternet.com with ESMTP id <20200909133046.DGWR4701.re-prd-fep-048.btinternet.com@re-prd-rgout-003.btmx-prd.synchronoss.net>; Wed, 9 Sep 2020 14:30:46 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btinternet.com; s=btmx201904; t=1599658246; bh=MWcY4gFODAUErfsa+raLTiCW1t8Xt0IYYYt+upT/xwY=; h=From:To:Cc:Subject:Date:Message-Id:X-Mailer:In-Reply-To:References:MIME-Version; b=rgfEb/pr5Ti1MHT4e7TGBEOWrvMmKpBO/YrJVczPG49CbxF2jDNz+vXFxDuZi//cRrw5VsKeH1Fhm0qURRzPwiMYyjwk0pGjFK8slGcxNGI5olM57aVSVGm7l+G1HUkWD7CNfLkviNUs55T7hR6klnyf2S95WlJxwZQFpnVKVin0n2myuRGAB+h+mTMZZ/M8Xq9AKy/IQujTA5dQ2mjpkJkBZqyTJwZ4nVihZhhIGUUr6h1FYvo2lHXnAeTA/z+iEu+wT4q+vFxLPqJ2+kwzParndhnP+8+/El+54kyU92wSKoQLvv/UEnnfj4Ytg3CFFUGr3VydwLgTOdrXU9xsOg== Authentication-Results: btinternet.com; none X-Originating-IP: [86.154.154.133] X-OWM-Source-IP: 86.154.154.133 (GB) X-OWM-Env-Sender: richard_c_haines@btinternet.com X-VadeSecure-score: verdict=clean score=0/300, class=clean X-RazorGate-Vade: gggruggvucftvghtrhhoucdtuddrgeduiedrudehhedgiedvucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuueftkffvkffujffvgffngfevqffopdfqfgfvnecuuegrihhlohhuthemuceftddunecunecujfgurhephffvufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpeftihgthhgrrhguucfjrghinhgvshcuoehrihgthhgrrhgupggtpghhrghinhgvshessghtihhnthgvrhhnvghtrdgtohhmqeenucggtffrrghtthgvrhhnpeeujeduvdejkeevtddtgfejiedtvefggfekgeehudetjeefffekteelgeefkeevieenucffohhmrghinhepghhithhhuhgsrdgtohhmnecukfhppeekiedrudehgedrudehgedrudeffeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhephhgvlhhopehlohgtrghlhhhoshhtrdhlohgtrghlughomhgrihhnpdhinhgvthepkeeirdduheegrdduheegrddufeefpdhmrghilhhfrhhomhepoehrihgthhgrrhgupggtpghhrghinhgvshessghtihhnthgvrhhnvghtrdgtohhmqedprhgtphhtthhopeeophgruhhlsehprghulhdqmhhoohhrvgdrtghomheqpdhrtghpthhtohepoehrihgthhgrrhgupggtpghhrghinhgvshessghtihhnthgvrhhnvghtrdgtohhmqecuqfftvefrvfeprhhftgekvddvnehrihgthhgrrhgupggtpghhrghinhgvshessghtihhnthgvrhhnvghtrdgtohhmpdhrtghpthhtohepoehsvghlihhnuhigsehvghgvrhdr khgvrhhnvghlrdhorhhgqe X-RazorGate-Vade-Verdict: clean 0 X-RazorGate-Vade-Classification: clean X-SNCR-hdrdom: btinternet.com Received: from localhost.localdomain (86.154.154.133) by re-prd-rgout-003.btmx-prd.synchronoss.net (5.8.340) (authenticated as richard_c_haines@btinternet.com) id 5ED9C2FD10134DDB; Wed, 9 Sep 2020 14:30:46 +0100 From: Richard Haines To: paul@paul-moore.com, selinux@vger.kernel.org Cc: Richard Haines Subject: [PATCH 08/22] selinux_cmds: Convert to markdown Date: Wed, 9 Sep 2020 14:30:25 +0100 Message-Id: <20200909133039.44498-9-richard_c_haines@btinternet.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200909133039.44498-1-richard_c_haines@btinternet.com> References: <20200909133039.44498-1-richard_c_haines@btinternet.com> MIME-Version: 1.0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Richard Haines --- src/selinux_cmds.md | 256 +++++++++++++++++++------------------------- 1 file changed, 112 insertions(+), 144 deletions(-) diff --git a/src/selinux_cmds.md b/src/selinux_cmds.md index 918d4c1..1b68771 100644 --- a/src/selinux_cmds.md +++ b/src/selinux_cmds.md @@ -7,150 +7,118 @@ has a page that details all the available tools and commands at: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CommandMan PagePurpose
audit2allow1Generates policy allow rules from the audit.log file.
audit2why8Describes audit.log messages and why access was denied.
avcstat8Displays the AVC statistics.
chcat8Change or remove a catergory from a file or user.
chcon1Changes the security context of a file.
checkmodule8Compiles base and loadable modules from source.
checkpolicy8Compiles a monolithic policy from source.
fixfiles8Update / correct the security context of for filesystems that use extended attributes.
genhomedircon8Generates file configuration entries for users home directories. This command has also been built into semanage(8), therefore when using the policy store / loadable modules this does not need to be used.
getenforce1Shows the current enforcement state.
getsebool8Shows the state of the booleans.
load_policy8Loads a new policy into the kernel. Not required when using semanage(8) / semodule(8) commands.
matchpathcon8Show a files path and security context.
newrole1Allows users to change roles - runs a new shell with the new security context.
restorecon8Sets the security context on one or more files.
run_init8Runs an init script under the correct context.
runcon1Runs a command with the specified context.
selinuxenabled 1Shows whether SELinux is enabled or not.
semanage8Used to configure various areas of a policy within a policy store.
semodule8Used to manage the installation, upgrading etc. of policy modules.
semodule_expand8Manually expand a base policy package into a kernel binary policy file.
semodule_link 8Manually link a set of module packages.
semodule_package8Create a module package with various configuration files (file context etc.)
sestatus8Show the current status of SELinux and the loaded policy.
setenforce1Sets / unsets enforcement mode.
setfiles8Initialise the extended attributes of filesystems.
setsebool8Sets the state of a boolean to on or off persistently across reboots or for this session only.
+***audit2allow**(1)* + +Generates policy allow rules from an audit log file. + +***audit2why**(8)* + +Describes audit log messages and why access was denied. + +***avcstat**(8)* + +Displays the AVC statistics. + +***chcat**(8)* + +Change or remove a catergory from a file or user. + +***chcon**(1)* + +Changes the security context of a file. + +***checkmodule**(8)* + +Compiles base and loadable modules from source. + +***checkpolicy**(8)* + +Compiles a monolithic policy from source. + +***fixfiles**(8)* + +Update / correct the security context of for filesystems that use extended +attributes. + +***genhomedircon**(8)* + +Generates file configuration entries for users home directories. +This command has also been built into ***semanage**(8)*, therefore when using +the policy store / loadable modules this does not need to be used. + +***getenforce**(1)* + +Shows the current enforcement state. + +***getsebool**(8)* + +Shows the state of the booleans. + +***load_policy**(8)* + +Loads a new policy into the kernel. Not required when using ***semanage**(8)* / +***semodule**(8)* commands. + +***matchpathcon**(8)* + +Show a files path and security context. + +***newrole**(1)* + +Allows users to change roles - runs a new shell with the new security context. + +***restorecon**(8)* + +Sets the security context on one or more files. + +***run_init**(8)* + +Runs an *init* script under the correct context. + +***runcon**(1)* + +Runs a command with the specified context. + +***selinuxenabled**(1)* + +Shows whether SELinux is enabled or not. + +***semanage**(8)* + +Used to configure various areas of a policy within a policy store. + +***semodule**(8)* + +Used to manage the installation, upgrading etc. of policy modules. + +***semodule_expand**(8)* + +Manually expand a base policy package into a kernel binary policy file. + +***semodule_link**(8)* + +Manually link a set of module packages. + +***semodule_package**(8)* + +Create a module package with various configuration files (file context etc.) + +***sestatus**(8)* + +Show the current status of SELinux and the loaded policy. + +***setenforce**(1)* + +Sets / unsets enforcement mode. + +***setfiles**(8)* + +Initialise the extended attributes of filesystems. + +***setsebool**(8)* + +Sets the state of a boolean to on or off persistently across reboots or for +this session only.