1FAPOLICYD-CLI(1)        System Administration Utilities       FAPOLICYD-CLI(1)
2
3
4

NAME

6       fapolicyd-cli - Fapolicyd CLI Tool
7

SYNOPSIS

9       fapolicyd-cli [options]
10

DESCRIPTION

12       The fapolicyd command line utility is a tool to tell the daemon that it
13       needs to update the trust database. Normally, the  daemon  learns  that
14       the  trust  database  needs  updating  because  it uses a dnf plugin to
15       inform it. However, you may install an rpm by hand  and  it  can't  see
16       that  a  system  package was installed or updated. Or perhaps the admin
17       updates the fapolicyd.trust file and would like  the  changes  to  take
18       effect  immediately.  In  either of these cases, you would need to tell
19       the daemon that it needs to do an update by running this command.
20

OPTIONS

22       -h, --help
23              Prints a list of command line options.
24
25       -d, --delete-db
26              Deletes the trust database. Normally  this  never  needs  to  be
27              done.  But  if  for  some reason the trust database becomes cor‐
28              rupted, then the only method of recovery is to run this command.
29
30       -D, --dump-db
31              Dumps the trust db contents for inspection. This will print  the
32              original  trust  source,  path, file size, and SHA256 sum of the
33              file as known by the trust source the entry came from.
34
35       -f, --file add|delete|update [path]
36              Manage the file trust database.
37
38              add         This command adds the file  given  by  path  to  the
39                          trust  database. It gets the size and calculates the
40                          required SHA256 hash. If the path is a directory, it
41                          will  walk  the directory tree to the bottom and add
42                          every regular file that it finds.
43
44              delete      This command deletes all entries that match from the
45                          trust database. It will try to match mutiple entries
46                          so that entire directories can  be  deleted  in  one
47                          command.  To  ensure that you only match a directory
48                          and not a partial name, be sure to end with '/'.
49
50              update      This command updates the size and hash of any match‐
51                          ing  paths in the file trust database. If no path is
52                          given, then all files are updated. If an argument is
53                          passed, then only matching paths get updated. If the
54                          intent is to match against a directory, ensure  that
55                          it ends with '/'.
56
57       -t, --ftype /path/to/file
58              Prints  the  mime  type  of  the file given. A full path must be
59              specified. This command is intended to help get the ftype param‐
60              eter  of rules correct by seeing how fapolicyd will classify it.
61              Fapolicyd may differ from the file command.
62
63       -l, --list
64              Prints a listing of the fapolicyd rules file with a rule  number
65              to  aid  in  troubleshooting  or understanding of the debug mes‐
66              sages.
67
68       -u, --update
69              Notifies fapolicyd to perform an update of the trust database.
70

SEE ALSO

72       fapolicyd(8),  fapolicyd.rules(5),  fapolicyd.trust(5),   and   fapoli‐
73       cyd.conf(5)
74
75

AUTHOR

77       Zoltan Fridrich
78
79
80
81Red Hat                            May 2020                   FAPOLICYD-CLI(1)
Impressum