debian man page for policygentool

Query: policygentool

OS: debian

Section: 1

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

POLICYGENTOOL(1)					      Debian GNU/Linux manual						  POLICYGENTOOL(1)

NAME
policygentool - Interactive SELinux policy generation tool
SYNOPSIS
policygentool [options] <Module Name> <full path for application binary file>
DESCRIPTION
This tool generate three files for policy development, A Type Enforcement (te) file, a File Context (fc), and a Interface File(if). Most of the policy rules will be written in the te file. Use the File Context file to associate file paths with security context. Use the interface rules to allow other protected domains to interact with the newly defined domains. The tool prompts for locations of pidfiles, any logfiles, files in /var/lib, and any init scripts, and whether any network access is desir- able for the application. The tool then generates the appropriate policy rules for the module. After these files have been generated, the make files for the appropriate SELinux policy, namely, /usr/share/selinux/refpolicy-targeted/include/Makefile or /usr/share/selinux/refpol- icy-strict/include/Makefile can be used to compile the SELinux policy policy package. The resulting policy package can be loaded using semodule. # /usr/bin/policygentool myapp /usr/bin/myapp # cat >Makefile > HEADERDIR:=/usr/share/selinux/refpolicy-targeted/include > include $(HEADERDIR)/Makefile > ^D # make # semodule -l myapp.pp # restorecon -R -v /usr/bin/myapp "all files defined in myapp.fc" # setenforce 0 # /etc/init.d/myapp start # audit2allow -R -i /var/log/audit/audit.log
OPTIONS
-h, --help Print a short usage message.
FILES
myapp.te, myapp.if, myapp.fc.
SEE ALSO
semodule(8), check_policy(8), load_policy(8).
BUGS
None known.
AUTHOR
This manual page was written by Manoj Srivastava <srivasta@debian.org>, for the Debian GNU/Linux system. Debian Feb 27 2007 POLICYGENTOOL(1)
Related Man Pages
games_srv_selinux(8) - centos
semodule(8) - centos
svc_run_selinux(8) - centos
policygentool(1) - debian
audit2why(1) - centos
Similar Topics in the Unix Linux Community
Nuface 2.0rc3 (Nuface2 branch)
segatex 7.10 (Default branch)
Makefile File not found
Delete lines starting with these strings
Genrate lib (.a) and binary file (exec) in the same Makefile