Re: Knowing policy contents

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2014-02-24 at 00:44 +0100, Maciej Lasyk wrote:
> Hi guys,
> 
> Let's say that I have file
> /etc/selinux/targeted/modules/active/modules/lvm.pp
> 
> What would be the easiest way to view the policy that this file
> contains? Normally when creating policy myself I firstly create .te file
> which contains my desired policy rules.
> 
> But how could I know how the policy looks like for already created and
> loaded policies? Let's stick to that lvm.pp as the example.
> 
> Thanks for your help,

You can use the semodule_unpackage command to extract the policy package
(.pp) See man semodule_unpackage

Then you can disassemble the extracted module (.mod) with the (se)dismod
command ( i do not believe there is a manual for that program but its
for example sedismod lvm.mod (or something))

The (se)dismod program has a menu that allows you to query most of the
modules content (what waas in the lvm.te) file

The program is a bit unfriendly an rough on the edges but it does help


--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux