semanage(8)                                                      semanage(8)

NAME         top

       semanage - SELinux Policy Management tool

SYNOPSIS         top

                       ...  positional arguments:

       import Import local customizations

       export Output local customizations

       login Manage login mappings between linux users and SELinux confined

       user Manage SELinux confined users (Roles and levels for an SELinux

       port Manage network port type definitions

       interface Manage network interface type definitions

       module Manage SELinux policy modules

       node Manage network node type definitions

       fcontext Manage file context mapping definitions

       boolean Manage booleans to selectively enable functionality

       permissive Manage process type enforcement mode

       dontaudit Disable/Enable dontaudit rules in policy

DESCRIPTION         top

       semanage is used to configure certain elements of SELinux policy
       without requiring modification to or recompilation from policy
       sources.  This includes the mapping from Linux usernames to SELinux
       user identities (which controls the initial security context assigned
       to Linux users when they login and bounds their authorized role set)
       as well as security context mappings for various kinds of objects,
       such as network ports, interfaces, and nodes (hosts) as well as the
       file context mapping. See the EXAMPLES section below for some
       examples of common usage.  Note that the semanage login command deals
       with the mapping from Linux usernames (logins) to SELinux user
       identities, while the semanage user command deals with the mapping
       from SELinux user identities to authorized role sets.  In most cases,
       only the former mapping needs to be adjusted by the administrator;
       the latter is principally defined by the base policy and usually does
       not require modification.

OPTIONS         top

       -h, --help
              List help information

SEE ALSO         top

       selinux(8), semanage-boolean(8), semanage-dontaudit(8),
       semanage-export(8), semanage-fcontext(8), semanage-import(8),
       semanage-interface(8), semanage-login(8), semanage-module(8),
       semanage-node(8), semanage-permissive(8), semanage-port(8),

AUTHOR         top

       This man page was written by Daniel Walsh <>
       and Russell Coker <>.
       Examples by Thomas Bleher <>.  usage: semanage

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-space
       libraries and tools) project.  Information about the project can be
       found at ⟨⟩.  If you
       have a bug report for this manual page, see 
       ⟨⟩.  This
       page was obtained from the project's upstream Git repository 
       ⟨⟩ on 2017-04-25.  If you
       discover any rendering problems in this HTML version of the page, or
       you believe there is a better or more up-to-date source for the page,
       or you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a mail

                                  20100223                       semanage(8)

Pages that refer to this page: booleans(5)customizable_types(5)local.users(5)sefcontext_compile(8)selinux(8)semanage-boolean(8)semanage-dontaudit(8)semanage-export(8)semanage-fcontext(8)semanage-import(8)semanage-interface(8)semanage-login(8)semanage-module(8)semanage-permissive(8)semanage-port(8)semanage-user(8)