1semanage(8)                                                        semanage(8)
2
3
4

NAME

6       semanage - SELinux Policy Management tool
7
8

SYNOPSIS

10       semanage     {import,export,login,user,port,interface,module,node,fcon‐
11       text,boolean,permissive,dontaudit,ibpkey,ibendport}
12                       ...  positional arguments:
13
14       import Import local customizations
15
16       export Output local customizations
17
18       login Manage login mappings between linux users  and  SELinux  confined
19       users
20
21       user  Manage  SELinux  confined  users (Roles and levels for an SELinux
22       user)
23
24       port Manage network port type definitions
25
26       interface Manage network interface type definitions
27
28       module Manage SELinux policy modules
29
30       node Manage network node type definitions
31
32       fcontext Manage file context mapping definitions
33
34       boolean Manage booleans to selectively enable functionality
35
36       permissive Manage process type enforcement mode
37
38       dontaudit Disable/Enable dontaudit rules in policy
39
40       ibpkey Manage infiniband pkey type definitions
41
42       ibendport Manage infiniband end port type definitions
43
44

DESCRIPTION

46       semanage is used to configure certain elements of SELinux policy  with‐
47       out  requiring  modification  to  or recompilation from policy sources.
48       This includes the mapping from Linux usernames to SELinux user  identi‐
49       ties  (which  controls  the  initial security context assigned to Linux
50       users when they login and bounds their authorized role set) as well  as
51       security context mappings for various kinds of objects, such as network
52       ports, interfaces, infiniband pkeys and endports, and nodes (hosts)  as
53       well  as the file context mapping. Note that the semanage login command
54       deals with the mapping from Linux usernames (logins)  to  SELinux  user
55       identities, while the semanage user command deals with the mapping from
56       SELinux user identities to authorized role sets.  In most  cases,  only
57       the  former mapping needs to be adjusted by the administrator; the lat‐
58       ter is principally defined by the base  policy  and  usually  does  not
59       require modification.
60
61

OPTIONS

63       -h, --help
64              List help information
65
66

SEE ALSO

68       selinux(8),   semanage-boolean(8),   semanage-dontaudit(8),   semanage-
69       export(8),  semanage-fcontext(8),  semanage-import(8),  semanage-inter‐
70       face(8),  semanage-login(8), semanage-module(8), semanage-node(8), sem‐
71       anage-permissive(8),   semanage-port(8),   semanage-user(8)   semanage-
72       ibkey(8), semanage-ibendport(8),
73
74

AUTHOR

76       This man page was written by Daniel Walsh <dwalsh@redhat.com>
77       and Russell Coker <rcoker@redhat.com>.
78       Examples by Thomas Bleher <ThomasBleher@gmx.de>.  usage: semanage [-h]
79
80
81
82                                   20100223                        semanage(8)
Impressum