semanage-dontaudit(category31-clients.html) - phpMan

semanage-dontaudit(8)                                    semanage-dontaudit(8)

NAME
       semanage-dontaudit - SELinux Policy Management dontaudit tool
SYNOPSIS
       semanage dontaudit [-h] [-S STORE] [-N] {on,off}

DESCRIPTION
       semanage  is used to configure certain elements of SELinux policy with-
       out requiring modification to or  recompilation  from  policy  sources.
       semanage  dontaudit  toggles  whether or not dontaudit rules will be in
       the policy.  Policy writers  use  dontaudit  rules  to  cause  confined
       applications  to use alternative paths.  Dontaudit rules are denied but
       not reported in the logs.  Some times dontaudit rules can cause bugs in
       applications  but  policy  writers will not realize it since the AVC is
       not audited.  Turning off dontaudit rules with this command to  see  if
       the kernel is blocking an access.

OPTIONS
       -h, --help
              show this help message and exit
       -S STORE, --store STORE
              Select an alternate SELinux Policy Store to manage
       -N, --noreload
              Do not reload the policy after commit

EXAMPLE
       Turn off dontaudit rules
       # semanage dontaudit off

SEE ALSO
       selinux (8), semanage (8)

AUTHOR
       This man page was written by Daniel Walsh <dwalsh AT redhat.com>

                                   20130617              semanage-dontaudit(8)