selinux/policycoreutils/semanage/semanage.8

90 lines
2.5 KiB
Groff

.TH "semanage" "8" "20100223" "" ""
.SH "NAME"
semanage \- SELinux Policy Management tool
.SH "SYNOPSIS"
.B semanage {import,export,login,user,port,interface,module,node,fcontext,boolean,permissive,dontaudit}
...
.B positional arguments:
.B import
Output local customizations
.B export
Output local customizations
.B login
Manage login mappings between linux users and SELinux confined users
.B user
Manage SELinux confined users (Roles and levels for an SELinux user)
.B port
Manage network port type definitions
.B interface
Manage network interface type definitions
.B module
Manage SELinux policy modules
.B node
Manage network node type definitions
.B fcontext
Manage file context mapping definitions
.B boolean
Manage booleans to selectively enable functionality
.B permissive
Manage process type enforcement mode
.B dontaudit
Disable/Enable dontaudit rules in policy
.SH "DESCRIPTION"
semanage is used to configure certain elements of
SELinux policy without requiring modification to or recompilation
from policy sources. This includes the mapping from Linux usernames
to SELinux user identities (which controls the initial security context
assigned to Linux users when they login and bounds their authorized role set)
as well as security context mappings for various kinds of objects, such
as network ports, interfaces, and nodes (hosts) as well as the file
context mapping. See the EXAMPLES section below for some examples
of common usage. Note that the semanage login command deals with the
mapping from Linux usernames (logins) to SELinux user identities,
while the semanage user command deals with the mapping from SELinux
user identities to authorized role sets. In most cases, only the
former mapping needs to be adjusted by the administrator; the latter
is principally defined by the base policy and usually does not require
modification.
.SH "OPTIONS"
.TP
.I \-h, \-\-help
List help information
.SH "SEE ALSO"
.B selinux (8),
.B semanage-boolean (8),
.B semanage-dontaudit (8),
.B semanage-export (8),
.B semanage-fcontext (8),
.B semanage-import (8),
.B semanage-interface (8),
.B semanage-login (8),
.B semanage-module (8),
.B semanage-node (8),
.B semanage-permissive (8),
.B semanage-port (8),
.B semanage-user (8)
.SH "AUTHOR"
This man page was written by Daniel Walsh <dwalsh@redhat.com>
.br
and Russell Coker <rcoker@redhat.com>.
.br
Examples by Thomas Bleher <ThomasBleher@gmx.de>.
usage: semanage [-h]