checkpolicy is a program that checks and compiles a SELinux security policy configuration into a binary representation that can be loaded into the kernel. If no input file name is specified, checkpolicy will attempt to read from policy.conf or policy, depending on whether the -b flag is specified.
|-b||Read an existing binary policy file rather than a source policy.conf file.|
|-d||Enter debug mode after loading the policy.|
|-M||Enable the MLS policy when checking and compiling the policy.|
|Write a binary policy file to the specified filename.|
Specify the policy version, defaults to the latest.