man7.org > Linux > man-pages

Linux/UNIX system programming training

sepolicy-communicate(8) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | AUTHOR | SEE ALSO | COLOPHON 

sepolicy-communicate(8)                           sepolicy-communicate(8)

NAME         top

       sepolicy-communicate - Generate a report showing if two SELinux
       Policy Domains can communicate

SYNOPSIS         top

       sepolicy communicate [-h] -s SOURCE -t TARGET [-c TCLASS] [-S
       SOURCEACCESS] [-T TARGETACCESS]

DESCRIPTION         top

       Use sepolicy communicate to examine SELinux Policy and determine
       if a source SELinux Domain can communicate with a target SELinux
       Domain.  The default command looks to see if there are any file
       types that the source ___domain can write, which the target ___domain
       can read.

OPTIONS         top

       -c, --class
              Specify the SELinux class which the source ___domain will
              attempt to communicate with the target ___domain.  (Default
              file)

       -h, --help
              Display help message

       -s, --source
              Specify the source SELinux ___domain type.

       -S, --sourceaccess
              Specify the list of accesses used by the source SELinux
              ___domain type to communicate with the target ___domain. Default
              Open, Write.

       -t, --target
              Specify the target SELinux ___domain type.

       -T, --targetaccess
              Specify the list of accesses used by the target SELinux
              ___domain type to receive communications from the source
              ___domain. Default Open, Read.

EXAMPLE         top

       List types that can be used to communicate between samba daemon and apache server
       # sepolicy communicate -s httpd_t -t smbd_t
       Consider a type to be accessible by the source ___domain when it can be opened and appended to (as opposed to opened and written to)
       # sepolicy communicate -s httpd_t -t smbd_t -S open,append

AUTHOR         top

       This man page was written by Daniel Walsh <[email protected]>

SEE ALSO         top

       sepolicy(8), selinux(8)

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the project
       can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩.
       If you have a bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-02-02.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2025-01-29.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there is
       a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       [email protected]

                                 20121005         sepolicy-communicate(8)

Pages that refer to this page: sepolicy(8)

HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI