semanage

SELinux Policy Management tool. More information: https://linux.die.net/man/8/semanage.

• Output local customizations:

semanage -S {{store}} -o {{path/to/output_file}}

• Take a set of commands from a specified file and load them in a single transaction:

semanage -S {{store}} -i {{path/to/input_file}}

• Manage booleans. Booleans allow the administrator to modify the confinement of processes based on the current configuration:

semanage boolean -S {{store}} {{--delete|--modify|--list|--noheading|--deleteall}} {{-on|-off}} -F {{boolean|boolean_file}}

• Manage policy modules:

semanage module -S {{store}} {{--add|--delete|--list|--modify}} {{--enable|--disable}} {{module_name}}

• Disable/Enable dontaudit rules in policy:

semanage dontaudit -S {{store}} {{on|off}}