1semanage-dontaudit(8)                                    semanage-dontaudit(8)
2
3
4

NAME

6       semanage-dontaudit - SELinux Policy Management dontaudit tool
7

SYNOPSIS

9       semanage dontaudit [-h] [-S STORE] [-N] {on,off}
10
11

DESCRIPTION

13       semanage  is used to configure certain elements of SELinux policy with‐
14       out requiring modification to or  recompilation  from  policy  sources.
15       semanage  dontaudit  toggles  whether or not dontaudit rules will be in
16       the policy.  Policy writers  use  dontaudit  rules  to  cause  confined
17       applications  to use alternative paths.  Dontaudit rules are denied but
18       not reported in the logs.  Some times dontaudit rules can cause bugs in
19       applications  but  policy  writers will not realize it since the AVC is
20       not audited.  Turning off dontaudit rules with this command to  see  if
21       the kernel is blocking an access.
22
23

OPTIONS

25       -h, --help
26              show this help message and exit
27
28       -S STORE, --store STORE
29              Select an alternate SELinux Policy Store to manage
30
31       -N, --noreload
32              Do not reload the policy after commit
33
34

EXAMPLE

36       Turn off dontaudit rules
37       # semanage dontaudit off
38
39

SEE ALSO

41       selinux (8), semanage (8)
42
43

AUTHOR

45       This man page was written by Daniel Walsh <dwalsh@redhat.com>
46
47
48
49                                   20130617              semanage-dontaudit(8)