NAME checkpolicy - SELinux policy compiler
SYNOPSIS checkpolicy [-b] [-d] [-M] [-c policyvers] [-o output_file] [input_file]
DESCRIPTION This manual page describes the checkpolicy command.
checkpolicy is a program that checks and compiles a SELinux security policy configuration into a binary representation that can be loaded into the kernel. If no input file name is specified, checkpolicy will attempt to read from policy.conf or policy, depending on whether the -b flag is specified.
OPTIONS -b,--binary Read an existing binary policy file rather than a source pol- icy.conf file.
-d,--debug Enter debug mode after loading the policy.
-M,--mls Enable the MLS policy when checking and compiling the policy.
-o,--output filename Write a binary policy file to the specified filename.
-c policyvers Specify the policy version, defaults to the latest.
-t,--target Specify the target platform (selinux or xen).
-U,--handle-unknown <action> Specify how the kernel should handle unknown classes or permis- sions (deny, allow or reject).
-V,--version Show version information.
-h,--help Show usage information.
SEE ALSO SELinux documentation at http://www.nsa.gov/selinux, especially "Con- figuring the SELinux Policy".
AUTHOR This manual page was written by Arpad Magosanyi <firstname.lastname@example.org>, and edited by Stephen Smalley <email@example.com>. The program was written by Stephen Smalley <firstname.lastname@example.org>.