1CHECKPOLICY(8)              System Manager's Manual             CHECKPOLICY(8)
2
3
4

NAME

6       checkpolicy - SELinux policy compiler
7

SYNOPSIS

9       checkpolicy  [-b[F]]  [-C]  [-d]  [-M] [-c policyvers] [-o output_file]
10       [input_file]
11

DESCRIPTION

13       This manual page describes the checkpolicy command.
14
15       checkpolicy is a program that checks and compiles  a  SELinux  security
16       policy  configuration  into  a binary representation that can be loaded
17       into the kernel.  If no input file name is specified, checkpolicy  will
18       attempt to read from policy.conf or policy, depending on whether the -b
19       flag is specified.
20
21

OPTIONS

23       -b,--binary
24              Read an existing binary policy file rather than  a  source  pol‐
25              icy.conf file.
26
27       -C,--cil
28              Write CIL policy file rather than binary policy file.
29
30       -d,--debug
31              Enter debug mode after loading the policy.
32
33       -F,--conf
34              Write  policy.conf file rather than binary policy file. Can only
35              be used with binary policy file.
36
37       -M,--mls
38              Enable the MLS policy when checking and compiling the policy.
39
40       -o,--output filename
41              Write a binary policy file to the specified filename.
42
43       -c policyvers
44              Specify the policy version, defaults to the latest.
45
46       -t,--target
47              Specify the target platform (selinux or xen).
48
49       -U,--handle-unknown <action>
50              Specify how the kernel should handle unknown classes or  permis‐
51              sions (deny, allow or reject).
52
53       -V,--version
54              Show version information.
55
56       -h,--help
57              Show usage information.
58
59

SEE ALSO

61       SELinux  documentation  at  http://www.nsa.gov/research/selinux,  espe‐
62       cially "Configuring the SELinux Policy".
63
64
65

AUTHOR

67       This    manual    page    was    written     by     Arpad     Magosanyi
68       <mag@bunuel.tii.matav.hu>,    and    edited    by    Stephen    Smalley
69       <sds@tycho.nsa.gov>.   The  program  was  written  by  Stephen  Smalley
70       <sds@tycho.nsa.gov>.
71
72
73
74                                                                CHECKPOLICY(8)
Impressum