avc_cache_stats - Linux


Overview

avc_cache_stats is a command-line tool used to display statistics about the SELinux AVC (Access Vector Cache). It provides insights into the performance and efficiency of the SELinux policy enforcement.

Syntax

avc_cache_stats [-h] [-V] [-s] [-t] [-S] [-c] [-p] [-i {IDs}]

Options/Flags

  • -h: Display brief help message.
  • -V: Display version information.
  • -s: Show statistics for all classes.
  • -t: Show timing statistics.
  • -S: Show statistics sorted by performance.
  • -c: Show statistics in CSV format.
  • -p: Show policy sources.
  • -i {IDs}: Filter results by policy ID.

Examples

Print general AVC cache statistics:

avc_cache_stats

Show timing statistics for file class:

avc_cache_stats -t -s file

Export CSV statistics for all classes:

avc_cache_stats -c > avc_stats.csv

Filter statistics by policy ID:

avc_cache_stats -i 100,101

Common Issues

  • No AVC statistics available: Ensure SELinux is enabled and enforcing.
  • Inconsistent CSV output: Verify that the ‘-c’ option is used before attempting to parse CSV output.

Integration

avc_cache_stats can be combined with other tools for advanced analysis. For example:

  • Use grep to filter output: avc_cache_stats | grep file
  • Create scripts to automate regular reporting.

Related Commands

  • avc_audit
  • ausearch