|
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | SEE ALSO | AUTHOR | COLOPHON |
semanage-dontaudit(8) semanage-dontaudit(8)
semanage-dontaudit - SELinux Policy Management dontaudit tool
semanage dontaudit [-h] [-S STORE] [-N] {on,off}
semanage is used to configure certain elements of SELinux policy
without requiring modification to or recompilation from policy
sources. semanage dontaudit toggles whether or not dontaudit rules
will be in the policy. Policy writers use dontaudit rules to cause
confined applications to use alternative paths. Dontaudit rules are
denied but not reported in the logs. Some times dontaudit rules can
cause bugs in applications but policy writers will not realize it
since the AVC is not audited. Turning off dontaudit rules with this
command to see if the kernel is blocking an access.
-h, --help
show this help message and exit
-S STORE, --store STORE
Select an alternate SELinux Policy Store to manage
-N, --noreload
Do not reload the policy after commit
Turn off dontaudit rules
# semanage dontaudit off
selinux(8), semanage(8)
This man page was written by Daniel Walsh <dwalsh@redhat.com>
This page is part of the selinux (Security-Enhanced Linux user-space
libraries and tools) project. Information about the project can be
found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you
have a bug report for this manual page, see
⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This
page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2017-07-05. If you
discover any rendering problems in this HTML version of the page, or
you believe there is a better or more up-to-date source for the page,
or you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
to man-pages@man7.org
20130617 semanage-dontaudit(8)
Pages that refer to this page: semanage(8)