Provided by: fapolicyd_1.1.7-2_amd64 
NAME
fapolicyd-cli - Fapolicyd CLI Tool
SYNOPSIS
fapolicyd-cli [options]
DESCRIPTION
The fapolicyd command line utility is a tool to tell the daemon that it needs to update
the trust database. Normally, the daemon learns that the trust database needs updating
because it uses a dnf plugin to inform it. However, you may install an rpm by hand and it
can't see that a system package was installed or updated. Or perhaps the admin updates the
fapolicyd.trust file and would like the changes to take effect immediately. In either of
these cases, you would need to tell the daemon that it needs to do an update by running
this command.
OPTIONS
-h, --help
Prints a list of command line options.
--check-config
Opens fapolicyd.conf and parses it to see if there are any syntax errors in the
file.
--check-path
Check the PATH environmental variable against the trustdb to look for file not in
the trustdb which could cause problems at run time.
--check-status
Dump the daemon's internal performance statistics.
--check-trustdb
Check the trustdb against the files on disk to look for mismatches that will cause
problems at run time.
--check-watch_fs
Check the mounted file systems against the watch_fs daemon config entry to
determine if any file systems need to be added to the configuration.
-d, --delete-db
Deletes the trust database. Normally this never needs to be done. But if for some
reason the trust database becomes corrupted, then the only method of recovery is to
run this command.
-D, --dump-db
Dumps the trust db contents for inspection. This will print the original trust
source, path, file size, and SHA256 sum of the file as known by the trust source
the entry came from.
-f, --file add|delete|update [path]
Manage the file trust database.
add This command adds the file given by path to the trust database. It gets
the size and calculates the required SHA256 hash. If the path is a
directory, it will walk the directory tree to the bottom and add every
regular file that it finds. By default, the path is appended to the end
of the fapolicyd.trust file.
delete This command deletes all entries that match from the trust database. It
will try to match multiple entries so that entire directories can be
deleted in one command. To ensure that you only match a directory and
not a partial name, be sure to end with '/'.
update This command updates the size and hash of any matching paths in the
file trust database. If no path is given, then all files are updated.
If an argument is passed, then only matching paths get updated. If the
intent is to match against a directory, ensure that it ends with '/'.
--trust-file trust-file-name
Use after file option. Makes every command of file option operate on a single trust
file named trust-file-name that is located inside trust.d directory. If a trust
file with such a name does not exist inside trust.d directory, it is created.
-t, --ftype /path/to/file
Prints the mime type of the file given. A full path must be specified. This command
is intended to help get the ftype parameter of rules correct by seeing how
fapolicyd will classify it. Fapolicyd may differ from the file command.
-l, --list
Prints a listing of the fapolicyd rules file with a rule number to aid in
troubleshooting or understanding of the debug messages.
-u, --update
Notifies fapolicyd to perform an update of the trust database.
SEE ALSO
fapolicyd(8), fapolicyd.rules(5), fapolicyd.trust(5), and fapolicyd.conf(5)
AUTHOR
Zoltan Fridrich