≡ Menu

RHEL 6: semanage SELinux Command Not Found

I‘m trying to use semanage command to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources under RHEL 6 server. But, I’m not able to find out this command and/or package name. How do I install semanage command under RedHat Enterprise Linux?

You need to use the yum command to find out which package provides file called /usr/sbin/semanage. Type the following command:
# yum provides /usr/sbin/semanage
# yum whatprovides /usr/sbin/semanage
Sample outputs:

Loaded plugins: rhnplugin
policycoreutils-python-2.0.83-19.8.el6_0.x86_64 : SELinux policy core python utilities
Repo        : rhel-x86_64-server-6
Matched from:
Filename    : /usr/sbin/semanage

policycoreutils-python-2.0.83-19.1.el6.x86_64 : SELinux policy core python utilities
Repo        : rhel-x86_64-server-6
Matched from:
Filename    : /usr/sbin/semanage

Type the following command to install the same, enter:
# yum -y install policycoreutils-python
Sample outputs:

 policycoreutils-python                                         x86_64                                         2.0.83-19.8.el6_0                                          rhel-x86_64-server-6                                         334 k
Installing for dependencies:
 audit-libs-python                                              x86_64                                         2.0.4-1.el6                                                rhel-x86_64-server-6                                          56 k
 libselinux-python                                              x86_64                                         2.0.94-2.el6                                               rhel-x86_64-server-6                                         201 k
 libsemanage-python                                             x86_64                                         2.0.43-4.el6                                               rhel-x86_64-server-6                                          81 k
 setools-libs                                                   x86_64                                         3.3.7-4.el6                                                rhel-x86_64-server-6                                         400 k
 setools-libs-python                                            x86_64                                         3.3.7-4.el6                                                rhel-x86_64-server-6                                         222 k

Transaction Summary
Install       6 Package(s)
Upgrade       0 Package(s)

Total download size: 1.3 M
Installed size: 0  
Is this ok [y/N]: y
Downloading Packages:
(1/6): audit-libs-python-2.0.4-1.el6.x86_64.rpm                                                                                                                                                                       |  56 kB     00:00     
(2/6): libselinux-python-2.0.94-2.el6.x86_64.rpm                                                                                                                                                                      | 201 kB     00:00     
(3/6): libsemanage-python-2.0.43-4.el6.x86_64.rpm                                                                                                                                                                     |  81 kB     00:00     
(4/6): policycoreutils-python-2.0.83-19.8.el6_0.x86_64.rpm                                                                                                                                                            | 334 kB     00:00     
(5/6): setools-libs-3.3.7-4.el6.x86_64.rpm                                                                                                                                                                            | 400 kB     00:00     
(6/6): setools-libs-python-3.3.7-4.el6.x86_64.rpm                                                                                                                                                                     | 222 kB     00:00     
Total                                                                                                                                                                                                        1.7 MB/s | 1.3 MB     00:00     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : setools-libs-3.3.7-4.el6.x86_64                                                                                                                                                                                       1/6 
  Installing     : setools-libs-python-3.3.7-4.el6.x86_64                                                                                                                                                                                2/6 
  Installing     : libsemanage-python-2.0.43-4.el6.x86_64                                                                                                                                                                                3/6 
  Installing     : audit-libs-python-2.0.4-1.el6.x86_64                                                                                                                                                                                  4/6 
  Installing     : libselinux-python-2.0.94-2.el6.x86_64                                                                                                                                                                                 5/6 
  Installing     : policycoreutils-python-2.0.83-19.8.el6_0.x86_64                                                                                                                                                                       6/6 

  policycoreutils-python.x86_64 0:2.0.83-19.8.el6_0                                                                                                                                                                                          

Dependency Installed:
  audit-libs-python.x86_64 0:2.0.4-1.el6         libselinux-python.x86_64 0:2.0.94-2.el6         libsemanage-python.x86_64 0:2.0.43-4.el6         setools-libs.x86_64 0:3.3.7-4.el6         setools-libs-python.x86_64 0:3.3.7-4.el6        


Now you can use semanage command:
# semanage
Sample outputs:

semanage [ -S store ] -i [ input_file | - ]
semanage [ -S store ] -o [ output_file | - ]

semanage {boolean|login|user|port|interface|module|node|fcontext} -{l|D|E} [-n]
semanage login -{a|d|m} [-sr] login_name | %groupname
semanage user -{a|d|m} [-LrRP] selinux_name
semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range
semanage interface -{a|d|m} [-tr] interface_spec
semanage module -{a|d|m} [--enable|--disable] module
semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr
semanage fcontext -{a|d|m} [-efrst] file_spec
semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
semanage permissive -{d|a|l} type 
semanage dontaudit [ on | off ]

Primary Options:

	-a, --add        Add a OBJECT record NAME
	-d, --delete     Delete a OBJECT record NAME
	-m, --modify     Modify a OBJECT record NAME
        -i, --input      Input multiple semange commands in a transaction 
        -o, --output     Output current customizations as semange commands 
	-l, --list       List the OBJECTS
	-E, --extract    extract customizable commands
	-C, --locallist  List OBJECTS local customizations
	-D, --deleteall  Remove all OBJECTS local customizations

	-h, --help       Display this message
	-n, --noheading  Do not print heading when listing OBJECTS
        -S, --store      Select and alternate SELinux store to manage

Object-specific Options (see above):

	-f, --ftype      File Type of OBJECT 
		"" (all files) 
		-- (regular file) 
		-d (directory) 
		-c (character device) 
		-b (block device) 
		-s (socket) 
		-l (symbolic link) 
		-p (named pipe) 

        -F, --file       Treat target as an input file for command, change multiple settings
	-p, --proto      Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
	-M, --mask       Netmask
        -e, --equal      Substitue source path for dest path when labeling
	-P, --prefix     Prefix for home directory labeling
	-L, --level      Default SELinux Level (MLS/MCS Systems only)
	-R, --roles      SELinux Roles (ex: "sysadm_r staff_r")
	-s, --seuser     SELinux User Name
	-t, --type       SELinux Type for the object
	-r, --range      MLS/MCS Security Range (MLS/MCS Systems only)
        --enable         Enable a module
        --disable        Disable a module

Requires 2 or more arguments

See also:

You can also view the manual page on semanage using the following command:
$ man semanage

Share this tutorial on:

Like this? Follow us on Twitter OR support us by using Patreon

{ 17 comments… add one }
  • Linlin Yang June 27, 2011, 5:20 am

    Thanks a lot !

  • Harrison August 18, 2011, 3:09 am

    Thanks! This helped!

  • indiangood August 30, 2011, 1:48 pm

    Thanks buddy….Great help…..

  • theinfiltrated April 14, 2012, 4:36 pm

    Helpful! Very thanks! Should be included in CentOs wiki…

  • hsiaoting May 22, 2012, 3:10 am

    It helps! I am so new to CentOS. Thanks a lot. It saves my a lot of time.

  • adriyas August 17, 2012, 8:13 am

    Ha! Ha! Thanks Vivek, as always! ^_^ more power.

  • nelsonTW August 30, 2012, 9:03 am

    Thanks a lot ! It’s helpful !

  • ChengCheng August 30, 2012, 9:04 am

    Thanks a lot !! It’s helpful !

  • Marcin EF September 19, 2012, 3:30 pm

    Thanks a lot! Very handy!

  • JNieto September 24, 2012, 3:46 pm

    Thanks a lot!!!; very helpful and a saver time.

  • mmg February 7, 2013, 8:23 am

    Cheers for this, it helped.

  • Marco77 April 1, 2013, 12:57 am

    I found that doing a “

    # yum update selinux-policy

    ” would fetch selinux-policy-targeted and somewhat fix my broken install (said “Could not open kernel policy /etc/selinux/targeted/modules/active/policy.kern for reading” whenever I ran semanage)

    After that,

    # semanage port -a -t syslogd_port_t -p tcp [port or portrange]

    and log tcp forwarding would work like a charm (well, setenforce 0 would also “solve” the issue).

    Thanks for the great advice, it came in handy as always!

  • aris top September 22, 2014, 2:57 am

    it’s great n work for me

  • Nawar Khoury October 21, 2014, 7:21 am

    Worked for me! thnx man, you are a life Savior ;)

  • nhema April 21, 2015, 2:01 am

    It works !!!

  • shazzad August 29, 2016, 10:37 am

    Thanks bro

  • sriram October 25, 2016, 12:06 pm


Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">

   Tagged with: , , , , , , , , , , , , , , , , ,