Scroll to navigation

SELINT(1) User Commands SELINT(1)

NAME

SELint - Perform static source code analysis on SELinux policy source files

SYNOPSIS

selint [OPTIONS] FILE [...]

DESCRIPTION

Perform static code analysis on SELinux policy source.

Override default config with config specified on command line. See CONFIGURATION section for config file syntax.
Configure color output. Options are on, off and auto (the default).
Recursively scan CONTEXT_PATH to find additional te and if files to parse, but not scan. SELint will assume the scanned policy files are intended to be compiled together with the context files. are intended to be compiled together with the context files. Implies -s.
Enable debug output for the internal policy parser. Very noisy, useful to debug parsing failures.
Disable check with the given ID.
Enable check with the given ID.
Only run checks that are explicitly enabled with the --enable option.
Exit with a non-zero value if any issue was found.
Display this menu.
Only list errors with a severity level at or greater than LEVEL. Options are C (convention), S (style), W (warning), E (error), F (fatal error).
Scan hidden directories. By default hidden directories (like '.git') are skipped in recursive mode.
Run in "source mode" to scan a policy source repository that is designed to compile into a full system policy.
Display a summary of issues found after running the analysis.
Only display a summary of issues found after running the analysis. Do not show the individual findings. Implies -S.
Scan recursively and check all SELinux policy files found.
Enable verbose output.
Show version information and exit.

REPORTING_BUGS

Report bugs at https://github.com/TresysTechnology/selint/issues

AUTHOR

Daniel Burgener <Daniel.Burgener@microsoft.com>

February 2021 SELint 1.2.0