mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-14 01:54:42 +00:00
1925e1e91d
This adds a lot of new man pages but cleans up the descriptions and makes it much easier to handle.
90 lines
2.5 KiB
Groff
90 lines
2.5 KiB
Groff
.TH "semanage" "8" "20100223" "" ""
|
|
.SH "NAME"
|
|
semanage \- SELinux Policy Management tool
|
|
|
|
.SH "SYNOPSIS"
|
|
.B semanage {import,export,login,user,port,interface,module,node,fcontext,boolean,permissive,dontaudit}
|
|
...
|
|
.B positional arguments:
|
|
|
|
.B import
|
|
Output local customizations
|
|
|
|
.B export
|
|
Output local customizations
|
|
|
|
.B login
|
|
Manage login mappings between linux users and SELinux confined users
|
|
|
|
.B user
|
|
Manage SELinux confined users (Roles and levels for an SELinux user)
|
|
|
|
.B port
|
|
Manage network port type definitions
|
|
|
|
.B interface
|
|
Manage network interface type definitions
|
|
|
|
.B module
|
|
Manage SELinux policy modules
|
|
|
|
.B node
|
|
Manage network node type definitions
|
|
|
|
.B fcontext
|
|
Manage file context mapping definitions
|
|
|
|
.B boolean
|
|
Manage booleans to selectively enable functionality
|
|
|
|
.B permissive
|
|
Manage process type enforcement mode
|
|
|
|
.B dontaudit
|
|
Disable/Enable dontaudit rules in policy
|
|
|
|
.SH "DESCRIPTION"
|
|
semanage is used to configure certain elements of
|
|
SELinux policy without requiring modification to or recompilation
|
|
from policy sources. This includes the mapping from Linux usernames
|
|
to SELinux user identities (which controls the initial security context
|
|
assigned to Linux users when they login and bounds their authorized role set)
|
|
as well as security context mappings for various kinds of objects, such
|
|
as network ports, interfaces, and nodes (hosts) as well as the file
|
|
context mapping. See the EXAMPLES section below for some examples
|
|
of common usage. Note that the semanage login command deals with the
|
|
mapping from Linux usernames (logins) to SELinux user identities,
|
|
while the semanage user command deals with the mapping from SELinux
|
|
user identities to authorized role sets. In most cases, only the
|
|
former mapping needs to be adjusted by the administrator; the latter
|
|
is principally defined by the base policy and usually does not require
|
|
modification.
|
|
|
|
.SH "OPTIONS"
|
|
.TP
|
|
.I \-h, \-\-help
|
|
List help information
|
|
|
|
.SH "SEE ALSO"
|
|
.B selinux (8),
|
|
.B semanage-boolean (8),
|
|
.B semanage-dontaudit (8),
|
|
.B semanage-export (8),
|
|
.B semanage-fcontext (8),
|
|
.B semanage-import (8),
|
|
.B semanage-interface (8),
|
|
.B semanage-login (8),
|
|
.B semanage-module (8),
|
|
.B semanage-node (8),
|
|
.B semanage-permissive (8),
|
|
.B semanage-port (8),
|
|
.B semanage-user (8)
|
|
|
|
.SH "AUTHOR"
|
|
This man page was written by Daniel Walsh <dwalsh@redhat.com>
|
|
.br
|
|
and Russell Coker <rcoker@redhat.com>.
|
|
.br
|
|
Examples by Thomas Bleher <ThomasBleher@gmx.de>.
|
|
usage: semanage [-h]
|