1semanage(8) semanage(8)
2
3
4
6 semanage - SELinux Policy Management tool
7
8
10 semanage {import,export,login,user,port,interface,module,node,fcon‐
11 text,boolean,permissive,dontaudit,ibpkey,ibendport}
12 ... positional arguments:
13
14 import Import local customizations
15
16 export Output local customizations
17
18 login Manage login mappings between linux users and SELinux confined
19 users
20
21 user Manage SELinux confined users (Roles and levels for an SELinux
22 user)
23
24 port Manage network port type definitions
25
26 interface Manage network interface type definitions
27
28 module Manage SELinux policy modules
29
30 node Manage network node type definitions
31
32 fcontext Manage file context mapping definitions
33
34 boolean Manage booleans to selectively enable functionality
35
36 permissive Manage process type enforcement mode
37
38 dontaudit Disable/Enable dontaudit rules in policy
39
40 ibpkey Manage infiniband pkey type definitions
41
42 ibendport Manage infiniband end port type definitions
43
44
46 semanage is used to configure certain elements of SELinux policy with‐
47 out requiring modification to or recompilation from policy sources.
48 This includes the mapping from Linux usernames to SELinux user identi‐
49 ties (which controls the initial security context assigned to Linux
50 users when they login and bounds their authorized role set) as well as
51 security context mappings for various kinds of objects, such as network
52 ports, interfaces, infiniband pkeys and endports, and nodes (hosts) as
53 well as the file context mapping. See the EXAMPLES section below for
54 some examples of common usage. Note that the semanage login command
55 deals with the mapping from Linux usernames (logins) to SELinux user
56 identities, while the semanage user command deals with the mapping from
57 SELinux user identities to authorized role sets. In most cases, only
58 the former mapping needs to be adjusted by the administrator; the lat‐
59 ter is principally defined by the base policy and usually does not
60 require modification.
61
62
64 -h, --help
65 List help information
66
67
69 selinux (8), semanage-boolean (8), semanage-dontaudit (8), semanage-
70 export (8), semanage-fcontext (8), semanage-import (8), semanage-inter‐
71 face (8), semanage-login (8), semanage-module (8), semanage-node (8),
72 semanage-permissive (8), semanage-port (8), semanage-user (8) semanage-
73 ibkey (8), semanage-ibendport (8),
74
75
77 This man page was written by Daniel Walsh <dwalsh@redhat.com>
78 and Russell Coker <rcoker@redhat.com>.
79 Examples by Thomas Bleher <ThomasBleher@gmx.de>. usage: semanage [-h]
80
81
82
83 20100223 semanage(8)