Visit Our UNIX and Linux User Community

Linux and UNIX Man Pages

Test Your Knowledge in Computers #213
Difficulty: Medium
OSPF-TE is an extension to OSPF extending the expressivity to allow for traffic engineering and use on non-IP networks.
True or False?
Linux & Unix Commands - Search Man Pages

semodule_package(8) [centos man page]

SEMODULE_PACKAGE(8)							NSA						       SEMODULE_PACKAGE(8)

NAME
semodule_package - Create a SELinux policy module package. SYNOPSIS
semodule_package -o <output file> -m <module> [-f <file contexts>] DESCRIPTION
semodule_package is the tool used to create a SELinux policy module package from a binary policy module and optionally other data such as file contexts. semodule_package packages binary policy modules created by checkmodule. The policy package created by semodule_package can then be installed via semodule. EXAMPLE
# Build a policy package for a base module. $ semodule_package -o base.pp -m base.mod -f file_contexts # Build a policy package for a httpd module. $ semodule_package -o httpd.pp -m httpd.mod -f httpd.fc # Build a policy package for local TE rules and no file contexts. $ semodule_package -o local.pp -m local.mod OPTIONS
-o --outfile <output file> Policy module package file generated by this tool. -s --seuser <seuser file> seuser file to be included in the package. -u --user_extra <user extra file> user_extra file to be included in the package. -m --module <Module file> Policy module file to be included in the package. -f --fc <File context file> File contexts file for the module (optional). -n --nc <netfilter context file> netfilter context file to be included in the package. SEE ALSO
checkmodule(8), semodule(8), semodule_unpackage(8) AUTHORS
This manual page was written by Dan Walsh <dwalsh@redhat.com>. The program was written by Karl MacMillan <kmacmillan@tresys.com> Security Enhanced Linux Nov 2005 SEMODULE_PACKAGE(8)

Check Out this Related Man Page

CHECKMODULE(8)						      System Manager's Manual						    CHECKMODULE(8)

NAME
checkmodule - SELinux policy module compiler SYNOPSIS
checkmodule [-h] [-b] [-m] [-M] [-U handle_unknown ] [-V] [-o output_file] [input_file] DESCRIPTION
This manual page describes the checkmodule command. checkmodule is a program that checks and compiles a SELinux security policy module into a binary representation. It can generate either a base policy module (default) or a non-base policy module (-m option); typically, you would build a non-base policy module to add to an existing module store that already has a base module provided by the base policy. Use semodule_package to combine this module with its optional file contexts to create a policy package, and then use semodule to install the module package into the module store and load the resulting policy. OPTIONS
-b,--binary Read an existing binary policy module file rather than a source policy module file. This option is a development/debugging aid. -h,--help Print usage. -m Generate a non-base policy module. -M,--mls Enable the MLS/MCS support when checking and compiling the policy module. -V,--version Show policy versions created by this program. Note that you cannot currently build older versions. -o,--output filename Write a binary policy module file to the specified filename. Otherwise, checkmodule will only check the syntax of the module source file and will not generate a binary module at all. -U,--handle-unknown <action> Specify how the kernel should handle unknown classes or permissions (deny, allow or reject). EXAMPLE
# Build a MLS/MCS-enabled non-base policy module. $ checkmodule -M -m httpd.te -o httpd.mod SEE ALSO
semodule(8), semodule_package(8) SELinux documentation at http://www.nsa.gov/research/selinux, especially "Configuring the SELinux Policy". AUTHOR
This manual page was copied from the checkpolicy man page written by Arpad Magosanyi <mag@bunuel.tii.matav.hu>, and edited by Dan Walsh <dwalsh@redhat.com>. The program was written by Stephen Smalley <sds@epoch.ncsc.mil>. CHECKMODULE(8)

Featured Tech Videos