semanage-module - Man Page

SELinux Policy Management module mapping tool

Synopsis

semanage module [-h] [-n] [-N] [-S STORE] (-a | -r | -e | -d | --extract | --list [-C] | --deleteall) [module_name]

Description

semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage module installs, removes, disables, or enables SELinux Policy modules.

Options

-h,  --help

Show this help message and exit

-n,  --noheading

Do not print heading when listing the specified object type

-N,  --noreload

Do not reload policy after commit

-S STORE, --store STORE

Select an alternate SELinux Policy Store to manage

-a,  --add

Install specified module. Accepts both binary policy files (.pp) and CIL source files

-r,  --remove

Remove specified module

-D,  --deleteall

Remove all local customizations related to modules

-d --disable

Disable specified module

-e --enable

Enable specified module

-E,  --extract

Extract customizable commands, for use within a transaction

-l,  --list

List records of the specified object type

-C,  --locallist

List local customizations

Example

List all modules
# semanage module -l
Disable unconfined module
# semanage module --disable unconfined
Install custom apache policy module (same as #semodule -i myapache.pp)
# semanage module -a myapache.pp

See Also

selinux(8), semanage(8), semodule(8)

Author

This man page was written by Daniel Walsh <dwalsh@redhat.com>

Referenced By

semanage(8).

20130617