semanage-node - Man Page

SELinux Policy Management node mapping tool

Synopsis

semanage node [-h] [-n] [-N] [-S STORE] [ --add -M NETMASK -p PROTOCOL -t TYPE -r RANGE node | --delete -M NETMASK -p PROTOCOL node | --deleteall | --extract | --list [-C] | --modify -M NETMASK -p PROTOCOL -t TYPE -r RANGE node ]

Description

semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage node controls the IP address to node type definitions.

Options

-h,  --help

Show this help message and exit

-n,  --noheading

Do not print heading when listing the specified object type

-N,  --noreload

Do not reload policy after commit

-S STORE, --store STORE

Select an alternate SELinux Policy Store to manage

-C,  --locallist

List local customizations

-a,  --add

Add a record of the specified object type

-d,  --delete

Delete a record of the specified object type

-m,  --modify

Modify a record of the specified object type

-l,  --list

List records of the specified object type

-E,  --extract

Extract customizable commands, for use within a transaction

-D,  --deleteall

Remove all local customizations

-M NETMASK, --netmask NETMASK

Network Mask, either in CIDR (/16) or address mask notation (255.255.0.0, ffff::)

-t TYPE, --type TYPE

SELinux type for the object

-r RANGE, --range RANGE

MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.

-p PROTO, --proto PROTO

Protocol for the specified port (tcp|udp) or internet protocol version for the specified node (ipv4|ipv6).

Example

Apply type node_t to ipv4 node 127.0.0.2
# semanage node -a -t node_t -p ipv4 -M 255.255.255.255 127.0.0.2

See Also

selinux(8), semanage(8)

Referenced By

semanage(8).

20130617