NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | SEE ALSO | AUTHOR | COLOPHON |
|
|
semanage-dontaudit(8) semanage-dontaudit(8)
semanage-dontaudit - SELinux Policy Management dontaudit tool
semanage dontaudit [-h] [-S STORE] [-N] {on,off}
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage dontaudit toggles whether or not dontaudit rules will be in the policy. Policy writers use dontaudit rules to cause confined applications to use alternative paths. Dontaudit rules are denied but not reported in the logs. Sometimes dontaudit rules can cause bugs in applications but policy writers will not realize it since the AVC is not audited. Turn off dontaudit rules with this command to see if the kernel is blocking an access.
-h, --help Show this help message and exit -S STORE, --store STORE Select an alternate SELinux Policy Store to manage -N, --noreload Do not reload the policy after commit
Turn off dontaudit rules # semanage dontaudit off
selinux(8), semanage(8)
This man page was written by Daniel Walsh <[email protected]>
This page is part of the selinux (Security-Enhanced Linux user-
space libraries and tools) project. Information about the
project can be found at
⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you have a
bug report for this manual page, see
⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2024-06-14. (At
that time, the date of the most recent commit that was found in
the repository was 2023-05-11.) If you discover any rendering
problems in this HTML version of the page, or you believe there
is a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
[email protected]
20130617 semanage-dontaudit(8)
Pages that refer to this page: semanage(8)