sebuild_graph

Section: SELinux Policy Analysis Tool (1)
Updated: 2017-02-09
Page Index

---

 

NAME

sebuild_graph - SELinux policy visualization tool graph builder  

SYNOPSIS

sebuild_graph [-h] [-dg] [-fb [FILTER_BOOLS]] [-c CLASSES]
                   [-p [POLICY]] FILENAME

 

DESCRIPTION

Creates a snapshot of given SELinux policy (if no policy file is provided, policy loaded in the system is be used) that can be analyzed using segraph_query.  

OPTIONS

 

Positional arguments:

FILENAME

Name for the new policy graph file.

 

Optional arguments:

-h, --help

show this help message and exit

-dg, --domain_grouping

Group SELinux domains based on package they belong to. Use with caution, generates false positives!

-fb [FILTER_BOOLS], --filter_bools [FILTER_BOOLS]

Filter rules based on current boolean setting or comma separated list of [boolean]:[on/off].

-c CLASSES, --class CLASSES

Comma separated list of object classes to be present in the graph. All classes assumed if omitted.

-p [POLICY], --policy [POLICY]

Path to the SELinux policy to be used.

 

EXAMPLE

Create snapshot of SELinux policy loaded in the system (only rules concerning files and processes are considered, boolean setting is taken into account):

      $ sebuild_graph.py -fb -c file,process graph

 

SEE ALSO

segraph_query(1)  

AUTHOR

Vit Mojzis <vmojzis@redhat.com>

---

 

Index

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

Positional arguments:

Optional arguments:

EXAMPLE

SEE ALSO

AUTHOR

Index (this page) | LinuxReviews : manual page archive : man1