• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

sesearch: command not found

by admin

The seinfo and sesearch utilities can assist users in performing single-step analysis: they either provide immediate information about a SELinux object (which is mainly what seinfo is about) or are capable of querying direct SELinux rules (which is the scope of sesearch). These utilities are provided through the setools package.

Where the seinfo application displays information about SELinux objects, the sesearch application is used to query SELinux rules and behavior information between a source and a target resource.

For example to print out every httpd policy rule available, you can use the below command:

# sesearch --allow | grep httpd_t

If you encounter the below error:

sesearch: command not found

you may try installing the below package as per your choice of distribution.

Distribution Command
Debian apt-get install setools
Ubuntu apt-get install setools
Kali Linux apt-get install setools
CentOS yum install setools-console
Fedora dnf install setools-console
Raspbian apt-get install setools

Summary

We have been using the sesearch application to query standard allow rules (type enforcement related access controls) as well as the impact of SELinux booleans on these allow rules. The sesearch application allows us to not just query rules based on the rule type, but also filter out those rules that match a given source expression using –source (-s) and/or target expression using –target (-t).

The sesearch application can deal with indirect source or target information. For instance, when querying information related to the java_domain attribute, it will also display rules of all types that have this attribute. In the previous setools versions, this behavior can be disabled with the -d option. In the recent setools versions, this can be selectively used on either source (using -ds) or target (using -dt).

Filed Under: Linux

Some more articles you might also be interested in …

  1. “VDO Status: Out of space” – Error while creating a VDO disk
  2. Understanding Device Persistence and Oracle ASMLib
  3. Understanding The sysfs File System (/sys) in Linux
  4. grub-mkconfig: command not found
  5. How to enable CUPS Debugging on CentOS/RHEL
  6. TCP Wrapper (hosts.allow & hosts.deny) Command Options in Linux
  7. Understanding chroot Jail
  8. MySQL Server Error – “Can’t Create A New Thread (errno 11)”
  9. How to Disable Docker Process and docker0 Interface on CentOS/RHEL
  10. How to Find and Delete Empty Directories and Files in Linux

You May Also Like

Primary Sidebar

Recent Posts

  • qm Command Examples in Linux
  • qm wait Command Examples in Linux
  • qm start Command Examples in Linux
  • qm snapshot Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright