On Mon, 2014-02-24 at 00:44 +0100, Maciej Lasyk wrote: > Hi guys, > > Let's say that I have file > /etc/selinux/targeted/modules/active/modules/lvm.pp > > What would be the easiest way to view the policy that this file > contains? Normally when creating policy myself I firstly create .te file > which contains my desired policy rules. > > But how could I know how the policy looks like for already created and > loaded policies? Let's stick to that lvm.pp as the example. > > Thanks for your help, You can use the semodule_unpackage command to extract the policy package (.pp) See man semodule_unpackage Then you can disassemble the extracted module (.mod) with the (se)dismod command ( i do not believe there is a manual for that program but its for example sedismod lvm.mod (or something)) The (se)dismod program has a menu that allows you to query most of the modules content (what waas in the lvm.te) file The program is a bit unfriendly an rough on the edges but it does help -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
