Provided by: setools_4.4.0-1build1_amd64 bug

NAME
       sedta - Domain transition analysis for SELinux policies


SYNOPSIS
       sedta [OPTIONS] -s SOURCE [-t TARGET (-S|-A LIMIT)] [EXCLUDE [EXCLUDE ...]]


DESCRIPTION
       sedta  is  a  command  line tool that allows the user to perform domain transition analyses on an SELinux
       policy.


POLICY
       A single file containing a binary policy. This file is usually named by version  on  Linux  systems,  for
       example,  policy.30.  This  file  is  usually  named  sepolicy  on Android systems.  If no policy file is
       provided, sedta will search for the policy running on the current system. If  no  policy  can  be  found,
       sedta will print an error message and exit.


OPTIONS
   Analysis Settings
       -p POLICY
              Specify  the  policy to analyze. If none is specified, sedta will search for the policy running on
              the current system.

       -s SOURCE
              Specify the source type to use in the domain transition analysis.

       -t TARGET
              Specify the target type to use in the domain transition analysis.  Using  this  option  will  also
              require specifying an analysis algorithm.

   Analysis Algorithms
       sedta  uses  graph algorithms to analyze the domain transition paths of an SELinux policy.  The following
       algorithms are options for determining paths from a source type to a target type.

       -S     Print the shortest domain transition path(s) from the source type to the target type.  If multiple
              paths have the same length, all will be displayed.

       -A LIMIT
              Print  all  domain  transition path(s) up to LIMIT steps long.  Depending on the connectiveness of
              the policy, this may be extremely expensive.

   Analysis Options
       -r     Perform a reverse domain transition analysis.  The domain transitions will be analyzed to find the
              the parent domains, instead of finding the child domains.

       -l LIMIT_TRANS
              Specify the maximum number of domain transitions to output. The default is unlimited.

       EXCLUDE
              A space-separated list of types to exclude from the analysis.

   General Options
       --stats
              Print domain transition graph statistics at the end of the analysis.

       -h, --help
              Print help information and exit.

       --version
              Print version information and exit.

       -v, --verbose
              Print additional informational messages.

       --debug
              Enable debugging output.


AUTHOR
       Chris PeBenito <pebenito@ieee.org>


BUGS
       Please report bugs via the SETools bug tracker, https://github.com/SELinuxProject/setools/issues


SEE ALSO
       apol(1), sediff(1), seinfo(1), seinfoflow(1), sesearch(1)