|
|
@@ -0,0 +1,24 @@
|
|
|
+# semanage
|
|
|
+
|
|
|
+> SELinux Policy Management tool.
|
|
|
+> More information: <https://linux.die.net/man/8/semanage>.
|
|
|
+
|
|
|
+- Output local customizations:
|
|
|
+
|
|
|
+`semanage -S {{store}} -o {{path/to/output_file}}`
|
|
|
+
|
|
|
+- Take a set of commands from a specified file and load them in a single transaction:
|
|
|
+
|
|
|
+`semanage -S {{store}} -i {{path/to/input_file}}`
|
|
|
+
|
|
|
+- Manage booleans. Booleans allow the administrator to modify the confinement of processes based on the current configuration:
|
|
|
+
|
|
|
+`semanage boolean -S {{store}} {{--delete|--modify|--list|--noheading|--deleteall}} {{-on|-off}} -F {{boolean|boolean_file}}`
|
|
|
+
|
|
|
+- Manage policy modules:
|
|
|
+
|
|
|
+`semanage module -S {{store}} {{--add|--delete|--list|--modify}} {{--enable|--disable}} {{module_name}}`
|
|
|
+
|
|
|
+- Disable/Enable dontaudit rules in policy:
|
|
|
+
|
|
|
+`semanage dontaudit -S {{store}} {{on|off}}`
|
Michael Wade