man7.org > Linux > man-pages

Linux/UNIX system programming training

sepolicy-communicate(8) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | AUTHOR | SEE ALSO | COLOPHON 

sepolicy-communicate(8)                           sepolicy-communicate(8)

NAME         top

       sepolicy-communicate - Generate a report showing if two SELinux
       Policy Domains can communicate

SYNOPSIS         top

       sepolicy communicate [-h] -s SOURCE -t TARGET [-c TCLASS] [-S
       SOURCEACCESS] [-T TARGETACCESS]

DESCRIPTION         top

       Use sepolicy communicate to examine SELinux Policy and determine
       if a source SELinux Domain can communicate with a target SELinux
       Domain.  The default command looks to see if there are any file
       types that the source domain can write, which the target domain
       can read.

OPTIONS         top

       -c, --class
              Specify the SELinux class which the source domain will
              attempt to communicate with the target domain.  (Default
              file)

       -h, --help
              Display help message

       -s, --source
              Specify the source SELinux domain type.

       -S, --sourceaccess
              Specify the list of accesses used by the source SELinux
              domain type to communicate with the target domain. Default
              Open, Write.

       -t, --target
              Specify the target SELinux domain type.

       -T, --targetaccess
              Specify the list of accesses used by the target SELinux
              domain type to receive communications from the source
              domain. Default Open, Read.

EXAMPLE         top

       List types that can be used to communicate between samba daemon and apache server
       # sepolicy communicate -s httpd_t -t smbd_t
       Consider a type to be accessible by the source domain when it can be opened and appended to (as opposed to opened and written to)
       # sepolicy communicate -s httpd_t -t smbd_t -S open,append

AUTHOR         top

       This man page was written by Daniel Walsh <dwalsh@redhat.com>

SEE ALSO         top

       sepolicy(8), selinux(8)

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the project
       can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩.
       If you have a bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-02-02.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2025-01-29.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there is
       a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       man-pages@man7.org

                                 20121005         sepolicy-communicate(8)

Pages that refer to this page: sepolicy(8)

HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI