On Fri, Mar 31, 2023 at 8:37 AM Petr Lautrbach <lautrbach@xxxxxxxxxx> wrote: > > Hi, > > I've got a question what is `sesearch --neverallow` good for and how to > make it work. I wasn't able to get any output from this command. > > Is it supposed to work with current userspace and policies? How? I don't see how it could work. neverallow rules aren't preserved in the kernel policies. It would only make sense if sesearch could be run on source policies or modules.
