This manual page describes the checkpolicy command.
checkpolicy is a program that checks and compiles a SELinux security
policy configuration into a binary representation that can be loaded
into the kernel. If no input file name is specified, checkpolicy
will attempt to read from policy.conf or policy, depending on whether
the -b flag is specified.
Read an existing binary policy file rather than a source
Write CIL policy file rather than binary policy file.
Enter debug mode after loading the policy.
Enable the MLS policy when checking and compiling the policy.
Write a binary policy file to the specified filename.
Specify the policy version, defaults to the latest.
Specify the target platform (selinux or xen).
Specify how the kernel should handle unknown classes or
permissions (deny, allow or reject).
Show version information.
Show usage information.
This page is part of the selinux (Security-Enhanced Linux user-space
libraries and tools) project. Information about the project can be
found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you
have a bug report for this manual page, see
page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2017-03-13. If you
discover any rendering problems in this HTML version of the page, or
you believe there is a better or more up-to-date source for the page,
or you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail