"sepolicy-generate" "8" "20121005" "" ""
""
sepolicy-generate - SELinux.
""
sepolicy generate [-h ] [-p PATH]
sepolicy generate --application [-n NAME] [-u USER ]command [-w WRITE_PATH ] sepolicy generate --cgi [-n NAME] command [-w WRITE_PATH ] sepolicy generate --dbus [-n NAME] command [-w WRITE_PATH ] sepolicy generate --inetd [-n NAME] command [-w WRITE_PATH ] sepolicy generate --init [-n NAME] command [-w WRITE_PATH ]
sepolicy generate --admin_user [-r TRANSITION_ROLE] -n NAME sepolicy generate --confined_admin -n NAME [-a ADMIN_DOMAIN] [-u USER] [-n NAME] [-w WRITE_PATH] sepolicy generate --desktop_user -n NAME [-w WRITE_PATH] sepolicy generate --term_user -n NAME [-w WRITE_PATH] sepolicy generate --x_user -n NAME [-w WRITE_PATH]
sepolicy generate --customize -d DOMAIN -n NAME [-a ADMIN_DOMAIN] sepolicy generate --newtype -t type -n NAME sepolicy generate --sandbox -n NAME
""
sepolicy generate SELinux.
sepolicy generate 5 .
confined application . sepolicy generate rpm- nm -D APPLICATION, .
NAME.te , .
: , sepolicy generate, (DOMAIN) .te. , .te , .
NAME.if .te , .
NAME.fc ; , .te, . , restorecon RPM, .
RPM NAME_selinux.spec - , SELinux . man- . man- sepolicy manpage -d NAME.
NAME.sh , . man- , RPM, .
,
""
-h, --help
-d, --domain ,
-n, --name . : .
-p, --path . : . :
-r, --role (),
-t, --type (), ()
-u, --user () SELinux,
-w, --writepath (),
-a, --admin (),
--admin_user
--application
--cgi -/ (CGI)
--confined_admin root
--customize
--dbus DBUS
--desktop_user
--inetd -
--init init ( )
--newtype , .
--sandbox
--term_user
--x_user X Windows
""
> sepolicy generate --init /usr/sbin/rwhod /usr/sbin/rwhod rwhod
:
rwhod.te #
rwhod.if #
rwhod.fc #
rwhod_selinux.spec #
rwhod.sh #
" "
sepolicy(8), selinux(8)
""
man- Daniel Walsh <dwalsh (at] redhat.com>.
<gammaray (at] basealt.ru>.
