• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

semanage: command not found

by admin

An SELinux security policy defines access parameters for every process and resource on the system. It enforces rules for allowing or denying different domains and types to access each other. Using semanage, we can list, edit, add, or delete the different values in the policy, and even export and import our customizations.

Let’s learn with the help of an example. Let’s see which ports httpd_t can access with:

# semanage port -l | grep http
http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010
http_cache_port_t              udp      3130
http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000

As we can see, http_port_t, used by Apache Daemon, is allowed, by default, to use the ports 80, 81, 443, 488, 8008, 9009, 8443, and 9000 via tcp. That means that if we want to run Apache on any of those ports, no changes to policy will be required.

When invoking semanage, it will output that it has some subcommands we can use, such as the following:

  • import: This allows the importing of local modifications.
  • export: This allows the exporting of local changes.
  • login: This allows the login and SELinux user associations to be managed.
  • user: This manages SELinux users with roles and levels.
  • port: This manages port definitions and types.
  • ibpkey: This manages InfiniBand definitions.
  • ibendport: This manages end port InfiniBand definitions.
  • interface: This defines network interface definitions.
  • module: This manages policy modules for SELinux.
  • node: This manages definitions of network nodes.
  • fcontext: This manages file context definitions.
  • boolean: This manages Booleans for tweaking policies.
  • permissive: This manages the enforcing mode.
  • dontaudit: This manages the dontaudit rules in the policy.

If you encounter the below error while running the semanage command:

semanage: command not found

you may try installing the below package as per your choice of distribution:

OS Distribution Command
Debian apt-get install policycoreutils-python-utils
Ubuntu apt-get install policycoreutils-python-utils
Kali Linux apt-get install policycoreutils-python-utils
CentOS yum install policycoreutils-python
Fedora dnf install policycoreutils-python-utils
Raspbian apt-get install policycoreutils-python-utils

semanage Command Examples

1. Output local customizations:

# semanage -S store -o path/to/output_file

2. Take a set of commands from a specified file and load them in a single transaction:

# semanage -S store -i path/to/input_file

3. Manage booleans. Booleans allow the administrator to modify the confinement of processes based on the current configuration:

# semanage boolean -S store --delete|--modify|--list|--noheading|--deleteall -on|-off -F boolean|boolean_file

4. Manage policy modules:

# semanage module -S store --add|--delete|--list|--modify --enable|--disable module_name

5. Disable/Enable dontaudit rules in policy:

# semanage dontaudit -S store on|off

Filed Under: Linux

Some more articles you might also be interested in …

  1. sort: command not found
  2. aura Command Examples
  3. How to Change runlevels/targets using systemd in Ubuntu
  4. genkernel Command Examples in Linux
  5. Linux OS Service ‘sysstat’
  6. Shell Script to print pyramid of Stars
  7. extrace Command Examples in Linux
  8. CentOS / RHEL : How to create a Thinly Provisioned Logical Volume
  9. How to Compress and Decompress .bz2 files in Linux Using bzip2 Command
  10. CentOS / RHEL 6 : How to extract initramfs image and edit/view it

You May Also Like

Primary Sidebar

Recent Posts

  • protonvpn-cli Command Examples in Linux
  • protonvpn-cli connect Command Examples
  • procs Command Examples in Linux
  • prlimit: command not found

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright