diff options
Diffstat (limited to 'man/seaudit.8')
-rw-r--r-- | man/seaudit.8 | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/man/seaudit.8 b/man/seaudit.8 new file mode 100644 index 0000000..1c3eb2e --- /dev/null +++ b/man/seaudit.8 @@ -0,0 +1,49 @@ +.TH seaudit 8 +.SH NAME +seaudit \- SELinux graphical audit log analysis tool +.SH SYNOPSIS +.B seaudit +[OPTIONS] [POLICY ...] +.SH DESCRIPTION +.PP +.B seaudit +allows the user to view and filter the contents of a log file. +.B seaudit +supports the syslog and auditd log formats and provides queries to inspect the SELinux policy based on log messages. +.SH POLICY +.PP +.B +seaudit +supports loading a SELinux policy in one of four formats. +.IP "source" +A single text file containing policy source for versions 12 through 21. This file is usually named policy.conf. +.IP "binary" +A single file containing a monolithic kernel binary policy for versions 15 through 21. This file is usually named by version - for example, policy.20. +.IP "modular" +A list of policy packages each containing a loadable policy module. The first module listed must be a base module. +.IP "policy list" +A single text file containing all the information needed to load a policy, usually exported by SETools graphical utilities. +.PP +If no policy file is provided, +.B +seaudit +will search for the system default policy: checking first for a source policy, next for a binary policy matching the running kernel's preferred version, and finally for the highest version that can be found. +If no policy can be found, +.B +seaudit +will begin with no policy loaded. +.SH OPTIONS +.IP "-l FILE, --log=FILE" +Upon startup, open the log FILE instead of the system log file. +.IP "-h, --help" +Print help information and exit. +.IP "-V, --version" +Print version information and exit. +.SH AUTHOR +This manual page was written by Jeremy A. Mowery <jmowery@tresys.com>. +.SH COPYRIGHT +Copyright(C) 2006-2007 Tresys Technology, LLC +.SH BUGS +Please report bugs via an email to setools-bugs@tresys.com. +.SH SEE ALSO +seaudit-report(8) |