fapolicyd.trust - Man Page

fapolicyd's file of trust

Description

The file /etc/fapolicyd/fapolicyd.trust contains list of trusted files/binaries for the application whitelisting daemon. You may add comments to the file by starting the line with a '#' character. Each line has to contain three columns and space is a valid separator. The first column contains full path to the file, the second is size of the file in bytes and the third is valid sha256 hash.

The directory /etc/fapolicyd/trust.d can be used to store multiple trust files. This way a privileged user can split the trust database into multiple files and manage them separately through fapolicyd-cli. Functionally, the fapolicy daemon will behave the same way as if the whole trust database has been defined inside fapolicyd.trust file. Syntax and semantics of trust files inside trust.d directory are the same as for fapolicyd.trust file (described above). Trust files can either be created manually inside trust.d directory or via fapolicyd-cli (the latter option is recommended).

Example

[root@Desktop ~]# cat /etc/fapolicyd/fapolicyd.trust
/home/user/my-ls 157984 61a9960bf7d255a85811f4afcac51067b8f2e4c75e21cf4f2af95319d4ed1b87
/home/user/my-ls2 5555 61a9960bf7d255a85811f4afcac51067b8f2e4c75e21cf4f2af95319d4ed1b87

Files

/etc/fapolicyd/fapolicyd.trust - list of trusted files/binaries

See Also

fapolicyd(8), fapolicyd-cli(8) fapolicy.rules(5) and fapolicy.conf(5).

Author

Radovan Sroka

Referenced By

fapolicy-analyzer(8), fapolicyd(8), fapolicyd-cli(8).

January 2020 Red Hat System Administration Utilities