semanage-module - Man Page

semanage module [-h] [-n] [-N] [-S STORE] (-a | -r | -e | -d | --extract | --list [-C] | --deleteall) [module_name]

semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage module installs, removes, disables, or enables SELinux Policy modules.

-h,  --help

Show this help message and exit

-n,  --noheading

Do not print heading when listing the specified object type

-N,  --noreload

Do not reload policy after commit

-S STORE, --store STORE

Select an alternate SELinux Policy Store to manage

-a,  --add

Install specified module. Accepts both binary policy files (.pp) and CIL source files

-r,  --remove

Remove specified module

-D,  --deleteall

Remove all local customizations related to modules

-d --disable

Disable specified module

-e --enable

Enable specified module

-E,  --extract

Extract customizable commands, for use within a transaction

-l,  --list

List records of the specified object type

-C,  --locallist

List local customizations

List all modules
# semanage module -l
Disable unconfined module
# semanage module --disable unconfined
Install custom apache policy module (same as #semodule -i myapache.pp)
# semanage module -a myapache.pp

selinux(8), semanage(8), semodule(8)

This man page was written by Daniel Walsh <dwalsh@redhat.com>

semanage(8).