audit2allow

Generate SELinux policy allow rules from audit logs. Part of the policycoreutils-python-utils package. See also: audit2why, ausearch, semodule. More information: https://manned.org/audit2allow.

Generate allow rules from recent audit denials and display them:

sudo audit2allow {{[-a|--all]}}

Generate allow rules from a specific audit log file:

sudo audit2allow {{[-i|--input]}} {{path/to/audit.log}}

Generate a policy module from recent audit denials:

sudo audit2allow {{[-a|--all]}} {{[-M|--module]}} {{module_name}}

Explain why SELinux denials occurred (same as audit2why):

sudo audit2allow {{[-a|--all]}} --why

Display detailed information around generated messages:

sudo audit2allow {{[-a|--all]}} {{[-e|--explain]}}

Use installed macros to generate a reference policy:

sudo audit2allow {{[-a|--all]}} {{[-R|--reference]}}

Generate allow rules for a specific service:

sudo ausearch {{[-m|--message]}} avc {{[-c|--comm]}} {{service_name}} | audit2allow {{[-M|--module]}} {{policy_name}}

Enable verbose output mode:

sudo audit2allow {{[-a|--all]}} {{[-v|--verbose]}}

1.1 KiB Raw Blame History

audit2allow

1.1 KiB

Raw Blame History