Blame python/semanage/semanage-dontaudit.8
9fb14cba4273de2a470cec573c9d6130347aa1b7
Packit Service
9fb14c .TH "semanage-dontaudit" "8" "20130617" "" ""Packit Service
9fb14c .SH "NAME"Packit Service
9fb14c .B semanage\-dontaudit \- SELinux Policy Management dontaudit toolPackit Service
9fb14c .SH "SYNOPSIS"Packit Service
9fb14c .B semanage dontaudit [\-h] [\-S STORE] [\-N] {on,off}Packit Service
9fb14c Packit Service
9fb14c .SH "DESCRIPTION"Packit Service
9fb14c semanage is used to configure certain elements ofPackit Service
9fb14c SELinux policy without requiring modification to or recompilationPackit Service
9fb14c from policy sources. semanage dontaudit toggles whether or not dontaudit rules will be in the policy. Policy writers use dontaudit rules to causePackit Service
9fb14c confined applications to use alternative paths. Dontaudit rules are denied but not reported in the logs. Some times dontaudit rules can cause bugs in applications but policy writers will not realize it since the AVC is not audited. Turning off dontaudit rules with this command to see if the kernel is blocking an access.Packit Service
9fb14c Packit Service
9fb14c .SH "OPTIONS"Packit Service
9fb14c .TPPackit Service
9fb14c .I \-h, \-\-helpPackit Service
9fb14c show this help message and exitPackit Service
9fb14c .TPPackit Service
9fb14c .I \-S STORE, \-\-store STOREPackit Service
9fb14c Select an alternate SELinux Policy Store to managePackit Service
9fb14c .TPPackit Service
9fb14c .I \-N, \-\-noreloadPackit Service
9fb14c Do not reload the policy after commitPackit Service
9fb14c Packit Service
9fb14c .SH EXAMPLEPackit Service
9fb14c .nfPackit Service
9fb14c Turn off dontaudit rulesPackit Service
9fb14c # semanage dontaudit offPackit Service
9fb14c Packit Service
9fb14c .SH "SEE ALSO"Packit Service
9fb14c .BR selinux (8),Packit Service
9fb14c .BR semanage (8)Packit Service
9fb14c Packit Service
9fb14c .SH "AUTHOR"Packit Service
9fb14c This man page was written by Daniel Walsh <dwalsh@redhat.com>