selinux/python/semanage/semanage-permissive.8

54 lines
1.8 KiB
Groff
Raw Permalink Normal View History

.TH "semanage-permissive" "8" "20130617" "" ""
.SH "NAME"
2013-11-06 12:24:01 +00:00
.B semanage\-permissive \- SELinux Policy Management permissive mapping tool
.SH "SYNOPSIS"
.B semanage permissive [\-h] [\-n] [\-N] [\-S STORE] (\-\-add TYPE | \-\-delete TYPE | \-\-deleteall | \-\-extract | \-\-list)
.SH "DESCRIPTION"
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources.
.B semanage permissive
adds or removes a SELinux Policy permissive module. Please note that this command can make any domain permissive, but can only remove the permissive property from domains where it was added by semanage permissive ("semanage permissive -d" can only be used on types listed as "Customized Permissive Types" by "semanage permissive -l").
.SH "OPTIONS"
.TP
.I \-h, \-\-help
Show this help message and exit
.TP
.I \-a, \-\-add
Add a record of the specified object type
.TP
.I \-d, \-\-delete
Delete a record of the specified object type
.TP
.I \-D, \-\-deleteall
Remove all local customizations of permissive domains
.TP
.I \-l, \-\-list
List records of the specified object type
.TP
.I \-E, \-\-extract
Extract customizable commands, for use within a transaction
.TP
.I \-n, \-\-noheading
Do not print heading when listing the specified object type
.TP
.I \-N, \-\-noreload
Do not reload the policy after commit
.TP
.I \-S STORE, \-\-store STORE
Select an alternate SELinux Policy Store to manage
.SH EXAMPLE
.nf
List all permissive domains ("Builtin Permissive Types" where set by the system policy, or a custom policy module)
# semanage permissive \-l
Make httpd_t (Web Server) a permissive domain
# semanage permissive \-a httpd_t
.SH "SEE ALSO"
.BR selinux (8),
.BR semanage (8)
.SH "AUTHOR"
This man page was written by Daniel Walsh <dwalsh@redhat.com>