man7.org > Linux > man-pages

Linux/UNIX system programming training

semanage-dontaudit(8) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | SEE ALSO | AUTHOR | COLOPHON 

semanage-dontaudit(8)                              semanage-dontaudit(8)

NAME         top

       semanage-dontaudit - SELinux Policy Management dontaudit tool

SYNOPSIS         top

       semanage dontaudit [-h] [-S STORE] [-N] {on,off}

DESCRIPTION         top

       semanage is used to configure certain elements of SELinux policy
       without requiring modification to or recompilation from policy
       sources.  semanage dontaudit toggles whether or not dontaudit
       rules will be in the policy. Policy writers use dontaudit rules
       to cause confined applications to use alternative paths.
       Dontaudit rules are denied but not reported in the logs.
       Sometimes dontaudit rules can cause bugs in applications but
       policy writers will not realize it since the AVC is not audited.
       Turn off dontaudit rules with this command to see if the kernel
       is blocking an access.

OPTIONS         top

       -h, --help
              Show this help message and exit

       -S STORE, --store STORE
              Select an alternate SELinux Policy Store to manage

       -N, --noreload
              Do not reload the policy after commit

EXAMPLE         top

       Turn off dontaudit rules
       # semanage dontaudit off

SEE ALSO         top

       selinux(8), semanage(8)

AUTHOR         top

       This man page was written by Daniel Walsh <dwalsh@redhat.com>

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the
       project can be found at 
       ⟨https://github.com/SELinuxProject/selinux/wiki⟩.  If you have a
       bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2024-06-14.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2023-05-11.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       man-pages@man7.org

                                20130617           semanage-dontaudit(8)

Pages that refer to this page: semanage(8)

HTML rendering created 2024-06-26 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI