RHEL 6/7/8 – semanage SELinux Command Not Found

last updated in Categories , ,

I‘m trying to use semanage command to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources under RHEL 6 server. But, I’m not able to find out this command and/or package name. How do I install semanage command under RedHat Enterprise Linux?

This page shows how to install semanage command on RHEL version 6/7/8 using the yum command when you get semanage: command not found error at bash shell prompt.


-bash: semanage: command not found

You need to use the yum command to find out which package provides file called /usr/sbin/semanage. Type the following command:
# yum provides /usr/sbin/semanage
# yum whatprovides /usr/sbin/semanage
Sample outputs from RHEL 6.x server:

Loaded plugins: rhnplugin
policycoreutils-python-2.0.83-19.8.el6_0.x86_64 : SELinux policy core python utilities
Repo        : rhel-x86_64-server-6
Matched from:
Filename    : /usr/sbin/semanage

policycoreutils-python-2.0.83-19.1.el6.x86_64 : SELinux policy core python utilities
Repo        : rhel-x86_64-server-6
Matched from:
Filename    : /usr/sbin/semanage

Sample outputs from RHEL 8.x/CentOS 8.x

Execute the following command in RHEL/CentOS version 8.x:
yum provides /usr/sbin/semanage
Sample outputs:

Last metadata expiration check: 2:18:13 ago on Monday 30 December 2019 10:53:45 AM UTC.
policycoreutils-python-utils-2.8-16.1.el8.noarch : SELinux policy core python utilities
Repo        : @System
Matched from:
Filename    : /usr/sbin/semanage

policycoreutils-python-utils-2.8-16.1.el8.noarch : SELinux policy core python utilities
Repo        : BaseOS
Matched from:
Filename    : /usr/sbin/semanage

How to install semanage command in RHEL 6/7/8

Type the following command to install the semanage on an RHEL 6/7:
# yum -y install policycoreutils-python
Sample outputs:

 policycoreutils-python                                         x86_64                                         2.0.83-19.8.el6_0                                          rhel-x86_64-server-6                                         334 k
Installing for dependencies:
 audit-libs-python                                              x86_64                                         2.0.4-1.el6                                                rhel-x86_64-server-6                                          56 k
 libselinux-python                                              x86_64                                         2.0.94-2.el6                                               rhel-x86_64-server-6                                         201 k
 libsemanage-python                                             x86_64                                         2.0.43-4.el6                                               rhel-x86_64-server-6                                          81 k
 setools-libs                                                   x86_64                                         3.3.7-4.el6                                                rhel-x86_64-server-6                                         400 k
 setools-libs-python                                            x86_64                                         3.3.7-4.el6                                                rhel-x86_64-server-6                                         222 k

Transaction Summary
Install       6 Package(s)
Upgrade       0 Package(s)

Total download size: 1.3 M
Installed size: 0  
Is this ok [y/N]: y
Downloading Packages:
(1/6): audit-libs-python-2.0.4-1.el6.x86_64.rpm                                                                                                                                                                       |  56 kB     00:00     
(2/6): libselinux-python-2.0.94-2.el6.x86_64.rpm                                                                                                                                                                      | 201 kB     00:00     
(3/6): libsemanage-python-2.0.43-4.el6.x86_64.rpm                                                                                                                                                                     |  81 kB     00:00     
(4/6): policycoreutils-python-2.0.83-19.8.el6_0.x86_64.rpm                                                                                                                                                            | 334 kB     00:00     
(5/6): setools-libs-3.3.7-4.el6.x86_64.rpm                                                                                                                                                                            | 400 kB     00:00     
(6/6): setools-libs-python-3.3.7-4.el6.x86_64.rpm                                                                                                                                                                     | 222 kB     00:00     
Total                                                                                                                                                                                                        1.7 MB/s | 1.3 MB     00:00     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : setools-libs-3.3.7-4.el6.x86_64                                                                                                                                                                                       1/6 
  Installing     : setools-libs-python-3.3.7-4.el6.x86_64                                                                                                                                                                                2/6 
  Installing     : libsemanage-python-2.0.43-4.el6.x86_64                                                                                                                                                                                3/6 
  Installing     : audit-libs-python-2.0.4-1.el6.x86_64                                                                                                                                                                                  4/6 
  Installing     : libselinux-python-2.0.94-2.el6.x86_64                                                                                                                                                                                 5/6 
  Installing     : policycoreutils-python-2.0.83-19.8.el6_0.x86_64                                                                                                                                                                       6/6 

  policycoreutils-python.x86_64 0:2.0.83-19.8.el6_0                                                                                                                                                                                          

Dependency Installed:
  audit-libs-python.x86_64 0:2.0.4-1.el6         libselinux-python.x86_64 0:2.0.94-2.el6         libsemanage-python.x86_64 0:2.0.43-4.el6         setools-libs.x86_64 0:3.3.7-4.el6         setools-libs-python.x86_64 0:3.3.7-4.el6        


Installing semanage on an RHEL 8 or CentOS 8

Run the yum command/dnf command:
# yum -y install policycoreutils-python-utils
semanage SELinux Command Not Found and how to install semanage in RHEL or CentOS

How do I use the semanage command?

Now, you can use semanage command:
# semanage
Sample outputs:

semanage [ -S store ] -i [ input_file | - ]
semanage [ -S store ] -o [ output_file | - ]

semanage {boolean|login|user|port|interface|module|node|fcontext} -{l|D|E} [-n]
semanage login -{a|d|m} [-sr] login_name | %groupname
semanage user -{a|d|m} [-LrRP] selinux_name
semanage port -{a|d|m} [-tr] [ -p proto ] port | port_range
semanage interface -{a|d|m} [-tr] interface_spec
semanage module -{a|d|m} [--enable|--disable] module
semanage node -{a|d|m} [-tr] [ -p protocol ] [-M netmask] addr
semanage fcontext -{a|d|m} [-efrst] file_spec
semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
semanage permissive -{d|a|l} type 
semanage dontaudit [ on | off ]

Primary Options:

	-a, --add        Add a OBJECT record NAME
	-d, --delete     Delete a OBJECT record NAME
	-m, --modify     Modify a OBJECT record NAME
        -i, --input      Input multiple semange commands in a transaction 
        -o, --output     Output current customizations as semange commands 
	-l, --list       List the OBJECTS
	-E, --extract    extract customizable commands
	-C, --locallist  List OBJECTS local customizations
	-D, --deleteall  Remove all OBJECTS local customizations

	-h, --help       Display this message
	-n, --noheading  Do not print heading when listing OBJECTS
        -S, --store      Select and alternate SELinux store to manage

Object-specific Options (see above):

	-f, --ftype      File Type of OBJECT 
		"" (all files) 
		-- (regular file) 
		-d (directory) 
		-c (character device) 
		-b (block device) 
		-s (socket) 
		-l (symbolic link) 
		-p (named pipe) 

        -F, --file       Treat target as an input file for command, change multiple settings
	-p, --proto      Port protocol (tcp or udp) or internet protocol version of node (ipv4 or ipv6)
	-M, --mask       Netmask
        -e, --equal      Substitue source path for dest path when labeling
	-P, --prefix     Prefix for home directory labeling
	-L, --level      Default SELinux Level (MLS/MCS Systems only)
	-R, --roles      SELinux Roles (ex: "sysadm_r staff_r")
	-s, --seuser     SELinux User Name
	-t, --type       SELinux Type for the object
	-r, --range      MLS/MCS Security Range (MLS/MCS Systems only)
        --enable         Enable a module
        --disable        Disable a module

Requires 2 or more arguments


You learned how to search and install semanage SELinux command on a CentOS or RHEL 6/7/8 server. You can also view the manual page on semanage using the following command:
$ man semanage


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Start the discussion at www.nixcraft.com

Historical Comment Archive

18 comment

  1. I found that doing a “

    # yum update selinux-policy

    ” would fetch selinux-policy-targeted and somewhat fix my broken install (said “Could not open kernel policy /etc/selinux/targeted/modules/active/policy.kern for reading” whenever I ran semanage)

    After that,

    # semanage port -a -t syslogd_port_t -p tcp [port or portrange]

    and log tcp forwarding would work like a charm (well, setenforce 0 would also “solve” the issue).

    Thanks for the great advice, it came in handy as always!

  2. Seriously, why would centos ship the operating system WITHOUT the mangement tools required? Who’s the moron that approved that decision?

    Still, have a question? Get help on our forum!