Provided by: fapolicyd_1.1.7-2_amd64 bug

NAME

       fapolicyd-cli - Fapolicyd CLI Tool

SYNOPSIS

       fapolicyd-cli [options]

DESCRIPTION

       The  fapolicyd  command  line utility is a tool to tell the daemon that it needs to update
       the trust database. Normally, the daemon learns that the  trust  database  needs  updating
       because  it uses a dnf plugin to inform it. However, you may install an rpm by hand and it
       can't see that a system package was installed or updated. Or perhaps the admin updates the
       fapolicyd.trust  file  and would like the changes to take effect immediately. In either of
       these cases, you would need to tell the daemon that it needs to do an  update  by  running
       this command.

OPTIONS

       -h, --help
              Prints a list of command line options.

       --check-config
              Opens  fapolicyd.conf  and  parses  it to see if there are any syntax errors in the
              file.

       --check-path
              Check the PATH environmental variable against the trustdb to look for file  not  in
              the trustdb which could cause problems at run time.

       --check-status
              Dump the daemon's internal performance statistics.

       --check-trustdb
              Check  the trustdb against the files on disk to look for mismatches that will cause
              problems at run time.

       --check-watch_fs
              Check the mounted  file  systems  against  the  watch_fs  daemon  config  entry  to
              determine if any file systems need to be added to the configuration.

       -d, --delete-db
              Deletes  the  trust database. Normally this never needs to be done. But if for some
              reason the trust database becomes corrupted, then the only method of recovery is to
              run this command.

       -D, --dump-db
              Dumps  the  trust  db  contents  for inspection. This will print the original trust
              source, path, file size, and SHA256 sum of the file as known by  the  trust  source
              the entry came from.

       -f, --file add|delete|update [path]
              Manage the file trust database.

              add         This command adds the file given by path to the trust database. It gets
                          the size and calculates the required SHA256 hash.  If  the  path  is  a
                          directory,  it will walk the directory tree to the bottom and add every
                          regular file that it finds. By default, the path is appended to the end
                          of the fapolicyd.trust file.

              delete      This command deletes all entries that match from the trust database. It
                          will try to match multiple entries so that entire  directories  can  be
                          deleted  in  one command. To ensure that you only match a directory and
                          not a partial name, be sure to end with '/'.

              update      This command updates the size and hash of any  matching  paths  in  the
                          file  trust  database. If no path is given, then all files are updated.
                          If an argument is passed, then only matching paths get updated. If  the
                          intent is to match against a directory, ensure that it ends with '/'.

       --trust-file trust-file-name
              Use after file option. Makes every command of file option operate on a single trust
              file named trust-file-name that is located inside trust.d  directory.  If  a  trust
              file with such a name does not exist inside trust.d directory, it is created.

       -t, --ftype /path/to/file
              Prints the mime type of the file given. A full path must be specified. This command
              is intended to help get  the  ftype  parameter  of  rules  correct  by  seeing  how
              fapolicyd will classify it. Fapolicyd may differ from the file command.

       -l, --list
              Prints  a  listing  of  the  fapolicyd  rules  file  with  a  rule number to aid in
              troubleshooting or understanding of the debug messages.

       -u, --update
              Notifies fapolicyd to perform an update of the trust database.

SEE ALSO

       fapolicyd(8), fapolicyd.rules(5), fapolicyd.trust(5), and fapolicyd.conf(5)

AUTHOR

       Zoltan Fridrich