Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sepolicy(8) [centos man page]

sepolicy(8)															       sepolicy(8)

sepolicy - SELinux Policy Inspection tool SYNOPSIS
sepolicy [-h] [-P policy_path ] {booleans,communicate,generate,interface,manpage,network,transition} OPTIONS Arguments: booleans Query SELinux policy to see description of booleans sepolicy-boolean(8) communicate Query SELinux policy to see if domains can communicate with each other sepolicy-communicate(8) generate Generate SELinux Policy module template gui Launch Graphical User Interface for SELinux Policy, requires policycoreutils-gui package. sepolicy-generate(8) interface Print SELinux Policy interface information sepolicy-interface(8) manpage Generate SELinux man pages sepolicy-manpage(8) network Query SELinux policy network information sepolicy-network(8) transition Query SELinux Policy to see how a source process domain can transition to the target process domain sepolicy-transition(8) DESCRIPTION
sepolicy is a tools set that will query the installed SELinux policy and generate useful reports, man pages, or even new policy modules. See the argument specific man pages for options and descriptions. OPTIONS
-P, --policy Alternate policy to analyze. (Defaults to currently installed policy /sys/fs/selinux/policy) -h, --help Display help message AUTHOR
This man page was written by Daniel Walsh <> SEE ALSO
selinux(8), sepolicy-booleans(8), sepolicy-communicate(8), sepolicy-generate(8),sepolicy-gui(8), sepolicy-interface(8), sepolicy-net- work(8), sepolicy-manpage(8), sepolicy-transition(8) 20121005 sepolicy(8)

Check Out this Related Man Page

sepolicy-network(8)													       sepolicy-network(8)

sepolicy-network - Examine the SELinux Policy and generate a network report SYNOPSIS
sepolicy network [-h] (-l | -a application [application ...] | -p PORT [PORT ...] | -t TYPE [TYPE ...] | -d DOMAIN [DOMAIN ...]) DESCRIPTION
Use sepolicy network to examine SELinux Policy and generate network reports. OPTIONS
-a, --application Generate a report listing the ports to which the specified init application is allowed to connect and or bind. -d, --domain Generate a report listing the ports to which the specified domain is allowed to connect and or bind. -l, --list List all Network Port Types defined in SELinux Policy -h, --help Display help message -t, --type Generate a report listing the port numbers associate with the specified SELinux port type. -p, --port Generate a report listing the SELinux port types associate with the specified port number. EXAMPLES
sepolicy network -p 22 22: tcp ssh_port_t 22 22: udp reserved_port_t 1-511 22: tcp reserved_port_t 1-511 sepolicy network -a /usr/sbin/sshd sshd_t: tcp name_connect 111 (portmap_port_t) 53 (dns_port_t) 88, 750, 4444 (kerberos_port_t) 9080 (ocsp_port_t) 9180, 9701, 9443-9447 (pki_ca_port_t) 32768-61000 (ephemeral_port_t) all ports < 1024 (reserved_port_type) all ports with out defined types (port_t) sshd_t: tcp name_bind 22 (ssh_port_t) 5900-5983, 5985-5999 (vnc_port_t) 6000-6020 (xserver_port_t) 32768-61000 (ephemeral_port_t) all ports > 500 and < 1024 (rpc_port_type) all ports with out defined types (port_t) sshd_t: udp name_bind 32768-61000 (ephemeral_port_t) all ports > 500 and < 1024 (rpc_port_type) all ports with out defined types (port_t) AUTHOR
This man page was written by Daniel Walsh <> SEE ALSO
sepolicy(8), selinux(8), semanage(8) 20121005 sepolicy-network(8)
Man Page

7 More Discussions You Might Find Interesting

1. Programming

Signals in Unix Solaris

I am doing a project to stimulate the scheduing policy of an OS under Unix Solaris. Its something like that: A process, say A will communicate to another process, which is the OS, and then execute the system call, pause(); The stimulated OS will then have to use sigsend(); to send a... (1 Reply)
Discussion started by: heljy
1 Replies

2. Linux

SELinux policy compiler errors for

Hello all! I am trying to enable SELinux on bootup for my supported kernel I am running PCLinuxOS 2009 Beta 2 which is based on Mandriva/Mandrake From my reading, I know that I am able to set SELinux to boot (preferably in passive mode) however this would still 'change' my... (2 Replies)
Discussion started by:
2 Replies

3. Shell Programming and Scripting

Synchronize Files-Help

Hi, I have two servers1&2, one is not in the network. Cant communicate from it to other servers. The second one can communicate to above mentioned server. I am trying a script which synchronizes files between server 1 an 2? server1: cant communicate to any other servers server2: can... (4 Replies)
Discussion started by: Tuxidow
4 Replies

4. Virtualization and Cloud Computing

anyone running SELinux on amazon EC2?

Hi, Has anyone enabled SELinux on Amazon EC2? I tried to enable SELinux using a CentOS image, and the steps in the following post, but it didn't work!! Amazon Web Services Developer Community : Has anyone successfully enabled SELinux ... The steps i took: 1)I started with CentOS 5.3 base... (5 Replies)
Discussion started by: fun_indra
5 Replies

5. Solaris

LACP Policy - Which is best?

Hello, I have these S10 boxes with LACP using the L4 policy. Does the L4 policy create a lot more overhead as opposed to using the L2? I'm noticing that my traffic does not seem to be very well load balanced accross the NIC's, and I am wondering if the policy I'm using has anything else to do... (1 Reply)
Discussion started by: BG_JrAdmin
1 Replies

6. Programming

C++ Execution Inspection - Ideas Wanted

"C++ Execution Inspection" is the best term I could coin for what it is I'd like to do. Suggestions from anyone who has done programming in C++ on Linux are welcome. I was taught C++ in classrooms that used MS Visual Studio a few years ago. Visual Studio had a debugging mode that made it really... (1 Reply)
Discussion started by: ejr2122
1 Replies

7. Cybersecurity

Apply SeLinux policy to *nix device files

If its possible to apply SELinux policies to unix device files, would that be a problem? I would like to apply a policy to a process and enforce what it can communicate with device-wise (eg. physical network interface port) based on that policy. Would think that the "selinux-policy-mls" tool... (0 Replies)
Discussion started by: NYG71
0 Replies

Featured Tech Videos