• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • VCS
  • Interview Questions
  • Database
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

sesearch: command not found

by admin

The seinfo and sesearch utilities can assist users in performing single-step analysis: they either provide immediate information about a SELinux object (which is mainly what seinfo is about) or are capable of querying direct SELinux rules (which is the scope of sesearch). These utilities are provided through the setools package.

Where the seinfo application displays information about SELinux objects, the sesearch application is used to query SELinux rules and behavior information between a source and a target resource.

For example to print out every httpd policy rule available, you can use the below command:

# sesearch --allow | grep httpd_t

If you encounter the below error:

sesearch: command not found

you may try installing the below package as per your choice of distribution.

Distribution Command
Debian apt-get install setools
Ubuntu apt-get install setools
Kali Linux apt-get install setools
CentOS yum install setools-console
Fedora dnf install setools-console
Raspbian apt-get install setools

Summary

We have been using the sesearch application to query standard allow rules (type enforcement related access controls) as well as the impact of SELinux booleans on these allow rules. The sesearch application allows us to not just query rules based on the rule type, but also filter out those rules that match a given source expression using –source (-s) and/or target expression using –target (-t).

The sesearch application can deal with indirect source or target information. For instance, when querying information related to the java_domain attribute, it will also display rules of all types that have this attribute. In the previous setools versions, this behavior can be disabled with the -d option. In the recent setools versions, this can be selectively used on either source (using -ds) or target (using -dt).

Filed Under: Linux

Some more articles you might also be interested in …

  1. csvclean: Finds and cleans common syntax errors in CSV files
  2. gh pr: Manage GitHub pull requests from the command-line
  3. Image optimization with webp
  4. pacman-key Command Examples
  5. tlp: command not found
  6. ibmcloud Command Examples
  7. gdu: Disk usage analyzer with console interface
  8. gpg-tui Command Examples
  9. qm snapshot Command Examples in Linux
  10. CentOS / RHEL : How to assemble a software RAID in Rescue mode

You May Also Like

Primary Sidebar

Recent Posts

  • Vanilla OS 2 Released: A New Era for Linux Enthusiasts
  • mk Command Examples
  • mixxx Command Examples
  • mix Command Examples

© 2025 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright