checkpolicy is a program that checks and compiles a SELinux security policy configuration into a binary representation that can be loaded into the kernel. If no input file name is specified, checkpolicy will attempt to read from policy.conf or policy, depending on whether the -b flag is specified.
Tag | Description |
---|---|
-b | Read an existing binary policy file rather than a source policy.conf file. |
-d | Enter debug mode after loading the policy. |
-M | Enable the MLS policy when checking and compiling the policy. |
-o filename | |
Write a binary policy file to the specified filename. | |
-c policyvers | |
Specify the policy version, defaults to the latest.
|
Advertisements |