Visit The New, Modern Unix Linux Community

Linux and UNIX Man Pages

Test Your Knowledge in Computers #1009
Difficulty: Easy
The number 128 in base 10 equals 64 in base 16.
True or False?
Linux & Unix Commands - Search Man Pages

semanage(8) [centos man page]

semanage(8)															       semanage(8)

NAME
semanage - SELinux Policy Management tool SYNOPSIS
semanage {import,export,login,user,port,interface,module,node,fcontext,boolean,permissive,dontaudit} ... positional arguments: import Import local customizations export Output local customizations login Manage login mappings between linux users and SELinux confined users user Manage SELinux confined users (Roles and levels for an SELinux user) port Manage network port type definitions interface Manage network interface type definitions module Manage SELinux policy modules node Manage network node type definitions fcontext Manage file context mapping definitions boolean Manage booleans to selectively enable functionality permissive Manage process type enforcement mode dontaudit Disable/Enable dontaudit rules in policy DESCRIPTION
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. This includes the mapping from Linux usernames to SELinux user identities (which controls the initial security context assigned to Linux users when they login and bounds their authorized role set) as well as security context mappings for various kinds of objects, such as net- work ports, interfaces, and nodes (hosts) as well as the file context mapping. See the EXAMPLES section below for some examples of common usage. Note that the semanage login command deals with the mapping from Linux usernames (logins) to SELinux user identities, while the semanage user command deals with the mapping from SELinux user identities to authorized role sets. In most cases, only the former mapping needs to be adjusted by the administrator; the latter is principally defined by the base policy and usually does not require modification. OPTIONS
-h, --help List help information SEE ALSO
selinux (8), semanage-boolean (8), semanage-dontaudit (8), semanage-export (8), semanage-fcontext (8), semanage-import (8), semanage-inter- face (8), semanage-login (8), semanage-module (8), semanage-node (8), semanage-permissive (8), semanage-port (8), semanage-user (8) AUTHOR
This man page was written by Daniel Walsh <dwalsh@redhat.com> and Russell Coker <rcoker@redhat.com>. Examples by Thomas Bleher <ThomasBleher@gmx.de>. usage: semanage [-h] 20100223 semanage(8)

Check Out this Related Man Page

semanage-login(8)														 semanage-login(8)

NAME
semanage login- SELinux Policy Management linux user to SELinux User mapping tool SYNOPSIS
semanage login [-h] [-n] [-N] [-s STORE] [ --add -s SEUSER -r RANGE LOGIN | --delete LOGIN | --deleteall | --extract | --list [-C] | --mod- ify -s SEUSER -r RANGE LOGIN ] DESCRIPTION
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage login controls the mapping between a Linux User and the SELinux User. It can be used to turn on confined users. For example you could define that a particular user or group of users will login to a system as the user_u user. Prefix the group name with a '%' sign to indicate a group name. OPTIONS
-h, --help show this help message and exit -n, --noheading Do not print heading when listing the specified object type -N, --noreload Do not reload policy after commit -C, --locallist List local customizations -S STORE, --store STORE Select an alternate SELinux Policy Store to manage -a, --add Add a record of the specified object type -d, --delete Delete a record of the specified object type -m, --modify Modify a record of the specified object type -l, --list List records of the specified object type -E, --extract Extract customizable commands, for use within a transaction -D, --deleteall Remove all local customizations -s SEUSER, --seuser SEUSER SELinux user name -r RANGE, --range RANGE MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0. EXAMPLE
Modify the default user on the system to the guest_u user # semanage login -m -s guest_u __default__ Assign gijoe user on an MLS machine a range and to the staff_u user # semanage login -a -s staff_u -rSystemLow-Secret gijoe Assign all users in the engineering group to the staff_u user # semanage login -a -s staff_u %engineering SEE ALSO
selinux (8), semanage (8), semanage-user (8) AUTHOR
This man page was written by Daniel Walsh <dwalsh@redhat.com> 20130617 semanage-login(8)

Featured Tech Videos