1sebuild_graph(1)         SELinux Policy Analysis Tool         sebuild_graph(1)
2
3
4

NAME

6       sebuild_graph - SELinux policy visualization tool graph builder
7

SYNOPSIS

9       sebuild_graph [-h] [-dg] [-fb [FILTER_BOOLS]] [-c CLASSES]
10                          [-p [POLICY]] FILENAME
11
12

DESCRIPTION

14       Creates  a  snapshot of given SELinux policy (if no policy file is pro‐
15       vided, policy loaded in the system is be used)  that  can  be  analyzed
16       using segraph_query.
17

OPTIONS

19   Positional arguments:
20              FILENAME
21                     Name for the new policy graph file.
22
23   Optional arguments:
24              -h, --help
25                     show this help message and exit
26
27              -dg, --domain_grouping
28                     Group  SELinux  domains  based on package they belong to.
29                     Use with caution, generates false positives!
30
31              -fb [FILTER_BOOLS], --filter_bools [FILTER_BOOLS]
32                     Filter rules based on current boolean  setting  or  comma
33                     separated list of [boolean]:[on/off].
34
35              -c CLASSES, --class CLASSES
36                     Comma  separated  list of object classes to be present in
37                     the graph. All classes assumed if omitted.
38
39              -p [POLICY], --policy [POLICY]
40                     Path to the SELinux policy to be used.
41

EXAMPLE

43       Create snapshot of SELinux policy loaded in the system (only rules con‐
44       cerning  files  and  processes are considered, boolean setting is taken
45       into account):
46
47             $ sebuild_graph.py -fb -c file,process graph
48
49
50

SEE ALSO

52       segraph_query(1)
53

AUTHOR

55       Vit Mojzis <vmojzis@redhat.com>
56
57
58
59                                  2017-02-09                  sebuild_graph(1)
Impressum