Copied to clipboard
CMD Generator
Command generator online
Quick Access:
aadduseraliasapt-getaptatawk
bblkid
ccatcdchgrpchmodchowncpcrontabcurlcut
ddddfdiffdigdu
eechoemacsexport
ffdiskffmpegfindfirewalldfree
ggetenforcegrepgroupaddgroupmodgunzipgzip
hhaltheadhistory
iifconfiginfoiptables
jjournalctl
kkill
llesslnlocatelslsblk
mmanmkdirmkfsmoremountmv
nnanonetstatnslookupnuxi
ppasswdpatchpingpkillpoweroffpspwd
rrebootrmrmdirroutersyncrsyslogd
sscpsedsemanagesetenforceshutdownsortsourcessh-keygensshsusudosystemctl
ttailtarteetoptouchtraceroute
uufwumountuniqunzipupdatedbuptimeusermod
vvivimvmstat
wwcwgetwhereiswhichwhois
yyum
zzip

semanage

The semanage command line is a tool for managing SELinux policies, which can be used to change SELinux security contexts and policies. It allows users to change the SELinux context for files and processes, as well as add, delete, and modify SELinux policy modules.

Example

  • Change the SELinux security context of the /var/www directory to httpd_sys_content_t:

    semanage fcontext -a -t httpd_sys_content_t "/var/www(/.*)?"
restorecon -Rv /var/www

  • Change the httpd security context back to default:

    semanage fcontext -d -t httpd_sys_content_t "/var/www(/.*)?"
restorecon -Rv /var/www

  • Enable httpd_can_network_connect permission:

    semanage port -a -t http_port_t -p tcp 8080
semanage port -a -t http_port_t -p tcp 8888
semanage boolean -m httpd_can_network_connect 1

  • Display all installed SELinux modules:

    semanage module -l

  • Install a new SELinux module:

    semanage module -i /root/example.pp

  • Remove SELinux module:

    semanage module -r example

  • List all SELinux users:

    semanage login -l

  • Add a new SELinux user:

    semanage login -a -s user_u -r s0-s0:c0.c1023 example_user

  • Remove a SELinux user:

    semanage login -d example_user
© 2024 CMD Generator