• Home
  • Raw
  • Download

Lines Matching +full:debian +full:- +full:security

1 .\" Hey, Emacs! This is an -*- nroff -*- source file.
2 .\" Copyright (c) 2005 Manoj Srivastava <srivasta@debian.org>
26 .TH AUDIT2ALLOW "1" "October 2010" "Security Enhanced Linux"
29 \- generate SELinux policy allow/dontaudit rules from logs of denied operations
32 \- translates SELinux audit messages into a description of why the access was denied (audit2allow \
39 .B "\-a" | "\-\-all"
40 Read input from audit and message log, conflicts with \-i
42 .B "\-b" | "\-\-boot"
43 Read input from audit messages since last boot, conflicts with \-i
45 .B "\-d" | "\-\-dmesg"
49 auditd is running; use "ausearch \-m avc | audit2allow"  or "\-a" instead.
51 .B "\-D" | "\-\-dontaudit"
54 .B "\-e" | "\-\-explain"
57 .B "\-h" | "\-\-help"
60 .B "\-i  <inputfile>" | "\-\-input <inputfile>"
64 .B "\-\-interface-info=<interface_info_file>"
68 .B "\-l" | "\-\-lastreload"
71 .B "\-m <modulename>" | "\-\-module <modulename>"
74 .B "\-M <modulename>" 
75 Generate loadable module package, conflicts with \-o
77 .B "\-C"
78 Generate CIL output, conflicts with \-M
80 .B "\-p <policyfile>"  | "\-\-policy <policyfile>"
83 .B "\-\-perm-map <perm_map_file>"
87 .B "\-o <outputfile>"  | "\-\-output <outputfile>"
91 .B "\-r" | "\-\-requires"
94 .B "\-N" | "\-\-noreference"
98 .B "\-R" | "\-\-reference"
102 .B "\-t <type_regex>" | "\-\-type=<type_regex>"
105 .B "\-x" | "\-\-xperms"
108 .B "\-w" | "\-\-why"
112 .B "\-v" | "\-\-verbose"
128 ensure that the operations being permitted do not pose a security
146 $ cat /var/log/audit/audit.log | audit2allow \-m local > local.te
164 $ cat /var/log/audit/audit.log | audit2allow \-R \-m local > local.te
183 $ make \-f /usr/share/selinux/devel/Makefile local.pp
192 $ semodule \-i local.pp
197 $ checkmodule \-M \-m \-o local.mod local.te
200 $ semodule_package \-o local.pp \-m local.mod
203 $ semodule \-i local.pp
207 $ cat /var/log/audit/audit.log | audit2allow \-M local
210 Compiling policy: checkmodule \-M \-m \-o local.mod local.te
211 Building package: semodule_package \-o local.pp \-m local.mod
218 semodule \-i local.pp
220 .B Using audit2allow to generate monolithic (non\-module) policy
233 .I Manoj Srivastava <srivasta@debian.org>,
234 for the Debian GNU/Linux system. It was updated by Dan Walsh <dwalsh@redhat.com>