sesearch

Query the rule details of the SELinux policy

Supplementary instructions

Use the seinfo command to query how many related rules the SELinux policy provides. If you find the related type or Boolean value and want to know the detailed rules, use the sesearch command to query. SELinux policy and rule management related commands: seinfo command, sesearch command, getsebool command, setsebool command, semanage command.

grammar

sesearch [-a] [-s body type] [-t target type] [-b boolean]

Options

-a: List all related information of this type or Boolean value
-t: followed by the type, for example -t httpd_t
-b: followed by a Boolean rule, for example -b httpd_enable_ftp_server

Example

Find out the relevant information about the target file resource type httpd_sys_content_t:

sesearch -a -t httpd_sys_content_t

Find out all the information related to the main process being httpd_t and the target file type being httpd:

sesearch -s httpd_t -t httpd_* -a

See how many rules the boolean httpd_enable_homedirs has set

sesearch -b httpd_enable_homedirs -a