semanage-port - SELinux Policy Management port mapping tool
semanage port [-h] [-n] [-N] [-S STORE] [ --add -t TYPE -p PROTOCOL -r RANGE
port_name | port_range | --delete -p PROTOCOL port_name | port_range |
--deleteall | --extract | --list [-C] | --modify -t TYPE -p PROTOCOL -r RANGE
port_name | port_range ]
semanage is used to configure certain elements of SELinux policy without
requiring modification to or recompilation from policy sources. semanage port
controls the port number to port type definitions.
- -h, --help
- show this help message and exit
- -n, --noheading
- Do not print heading when listing the specified object
type
- -N, --noreload
- Do not reload policy after commit
- -S STORE, --store STORE
- Select an alternate SELinux Policy Store to manage
- -C, --locallist
- List local customizations
- -a, --add
- Add a record of the specified object type
- -d, --delete
- Delete a record of the specified object type
- -m, --modify
- Modify a record of the specified object type
- -l, --list
- List records of the specified object type
- -E, --extract
- Extract customizable commands, for use within a
transaction
- -D, --deleteall
- Remove all local customizations
- -t TYPE, --type TYPE
- SELinux type for the object
- -r RANGE, --range RANGE
- MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range
for SELinux login mapping defaults to the SELinux user record range.
SELinux Range for SELinux user defaults to s0.
- -p PROTO, --proto PROTO
- Protocol for the specified port (tcp|udp|dccp|sctp) or
internet protocol version for the specified node (ipv4|ipv6).
List all port definitions
# semanage port -l
Allow Apache to listen on tcp port 81
# semanage port -a -t http_port_t -p tcp 81
Allow sshd to listen on tcp port 8991
# semanage port -a -t ssh_port_t -p tcp 8991
selinux(8),
semanage(8)
This man page was written by Daniel Walsh <
[email protected]>