Event and state files

secpolgenerate provides a mechanism that saves and loads data about abilities and paths that types used or failed to use.

When you run secpolgenerate with the -s option and the path to a file on a writable file system, whenever secpolgenerate receives a SIGTERM, before it exits, it saves all the data related to abilities and paths that types used or failed to use to the specified file. The next time you run secpolgenerate, it restores its previous state by reading the file.

You can also manually load files in the same format into secpolgenerate to simulate the use of paths and abilities.

Normally, secpolgenerate uses numeric IDs for types and abilities when it saves its state, which is the most efficient format. To configure secpolgenerate to use names for types and abilities instead, which makes the information easier to interpret, specify -n.