• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • VCS
  • Interview Questions
  • Database
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

semanage: command not found

by admin

An SELinux security policy defines access parameters for every process and resource on the system. It enforces rules for allowing or denying different domains and types to access each other. Using semanage, we can list, edit, add, or delete the different values in the policy, and even export and import our customizations.

Let’s learn with the help of an example. Let’s see which ports httpd_t can access with:

# semanage port -l | grep http
http_cache_port_t              tcp      8080, 8118, 8123, 10001-10010
http_cache_port_t              udp      3130
http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000

As we can see, http_port_t, used by Apache Daemon, is allowed, by default, to use the ports 80, 81, 443, 488, 8008, 9009, 8443, and 9000 via tcp. That means that if we want to run Apache on any of those ports, no changes to policy will be required.

When invoking semanage, it will output that it has some subcommands we can use, such as the following:

  • import: This allows the importing of local modifications.
  • export: This allows the exporting of local changes.
  • login: This allows the login and SELinux user associations to be managed.
  • user: This manages SELinux users with roles and levels.
  • port: This manages port definitions and types.
  • ibpkey: This manages InfiniBand definitions.
  • ibendport: This manages end port InfiniBand definitions.
  • interface: This defines network interface definitions.
  • module: This manages policy modules for SELinux.
  • node: This manages definitions of network nodes.
  • fcontext: This manages file context definitions.
  • boolean: This manages Booleans for tweaking policies.
  • permissive: This manages the enforcing mode.
  • dontaudit: This manages the dontaudit rules in the policy.

If you encounter the below error while running the semanage command:

semanage: command not found

you may try installing the below package as per your choice of distribution:

OS Distribution Command
Debian apt-get install policycoreutils-python-utils
Ubuntu apt-get install policycoreutils-python-utils
Kali Linux apt-get install policycoreutils-python-utils
CentOS yum install policycoreutils-python
Fedora dnf install policycoreutils-python-utils
Raspbian apt-get install policycoreutils-python-utils

semanage Command Examples

1. Output local customizations:

# semanage -S store -o path/to/output_file

2. Take a set of commands from a specified file and load them in a single transaction:

# semanage -S store -i path/to/input_file

3. Manage booleans. Booleans allow the administrator to modify the confinement of processes based on the current configuration:

# semanage boolean -S store --delete|--modify|--list|--noheading|--deleteall -on|-off -F boolean|boolean_file

4. Manage policy modules:

# semanage module -S store --add|--delete|--list|--modify --enable|--disable module_name

5. Disable/Enable dontaudit rules in policy:

# semanage dontaudit -S store on|off

Filed Under: Linux

Some more articles you might also be interested in …

  1. beep Command Examples in Linux
  2. fsck Command Examples in Linux
  3. slapt-src Command Examples in Linux
  4. ascii Command Examples in Linux
  5. fstrim Command Examples in Linux
  6. grumphp Command Examples
  7. mailstat Command Examples in Linux
  8. hive Command Examples
  9. Sample /etc/mke2fs.conf file
  10. chcon: command not found

You May Also Like

Primary Sidebar

Recent Posts

  • Vanilla OS 2 Released: A New Era for Linux Enthusiasts
  • mk Command Examples
  • mixxx Command Examples
  • mix Command Examples

© 2025 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright