Lines Matching full:policy

3 checkpolicy \- SELinux policy compiler
14 is a program that checks and compiles a SELinux security policy configuration
18 will attempt to read from policy.conf or policy, depending on whether the \-b
24 Read an existing binary policy file rather than a source policy.conf file.
27 Write policy.conf file rather than binary policy file. Can only be used with binary policy file.
30 Write CIL policy file rather than binary policy file.
33 Enter debug mode after loading the policy.
39 Enable the MLS policy when checking and compiling the policy.
45 Specify the policy version, defaults to the latest.
48 Write a policy file (binary, policy.conf, or CIL policy)
53 Sort ocontexts before writing out the binary policy. This option makes output of checkpolicy consis…
59 Optimize the final kernel policy (remove redundant rules).
72 Generate policy.conf based on the system policy
73 # checkpolicy -b -M -F /etc/selinux/targeted/policy/policy.33 -o policy.conf
74 Recompile system policy so that unknown permissions are denied (uses policy.conf from ^^).
75 Note that binary policy extension represents its version, which is subject to change
76 # checkpolicy -M -U deny -o /etc/selinux/targeted/policy/policy.33 policy.conf
78 Generate CIL representation of current system policy
79 # checkpolicy -b -M -C /etc/selinux/targeted/policy/policy.33 -o policy.out
82 SELinux Reference Policy documentation at https://github.com/SELinuxProject/refpolicy/wiki