Provided by: fapolicyd_1.1.7-2_amd64
NAME
fapolicyd-cli - Fapolicyd CLI Tool
SYNOPSIS
fapolicyd-cli [options]
DESCRIPTION
The fapolicyd command line utility is a tool to tell the daemon that it needs to update the trust database. Normally, the daemon learns that the trust database needs updating because it uses a dnf plugin to inform it. However, you may install an rpm by hand and it can't see that a system package was installed or updated. Or perhaps the admin updates the fapolicyd.trust file and would like the changes to take effect immediately. In either of these cases, you would need to tell the daemon that it needs to do an update by running this command.
OPTIONS
-h, --help Prints a list of command line options. --check-config Opens fapolicyd.conf and parses it to see if there are any syntax errors in the file. --check-path Check the PATH environmental variable against the trustdb to look for file not in the trustdb which could cause problems at run time. --check-status Dump the daemon's internal performance statistics. --check-trustdb Check the trustdb against the files on disk to look for mismatches that will cause problems at run time. --check-watch_fs Check the mounted file systems against the watch_fs daemon config entry to determine if any file systems need to be added to the configuration. -d, --delete-db Deletes the trust database. Normally this never needs to be done. But if for some reason the trust database becomes corrupted, then the only method of recovery is to run this command. -D, --dump-db Dumps the trust db contents for inspection. This will print the original trust source, path, file size, and SHA256 sum of the file as known by the trust source the entry came from. -f, --file add|delete|update [path] Manage the file trust database. add This command adds the file given by path to the trust database. It gets the size and calculates the required SHA256 hash. If the path is a directory, it will walk the directory tree to the bottom and add every regular file that it finds. By default, the path is appended to the end of the fapolicyd.trust file. delete This command deletes all entries that match from the trust database. It will try to match multiple entries so that entire directories can be deleted in one command. To ensure that you only match a directory and not a partial name, be sure to end with '/'. update This command updates the size and hash of any matching paths in the file trust database. If no path is given, then all files are updated. If an argument is passed, then only matching paths get updated. If the intent is to match against a directory, ensure that it ends with '/'. --trust-file trust-file-name Use after file option. Makes every command of file option operate on a single trust file named trust-file-name that is located inside trust.d directory. If a trust file with such a name does not exist inside trust.d directory, it is created. -t, --ftype /path/to/file Prints the mime type of the file given. A full path must be specified. This command is intended to help get the ftype parameter of rules correct by seeing how fapolicyd will classify it. Fapolicyd may differ from the file command. -l, --list Prints a listing of the fapolicyd rules file with a rule number to aid in troubleshooting or understanding of the debug messages. -u, --update Notifies fapolicyd to perform an update of the trust database.
SEE ALSO
fapolicyd(8), fapolicyd.rules(5), fapolicyd.trust(5), and fapolicyd.conf(5)
AUTHOR
Zoltan Fridrich