man7.org > Linux > man-pages

Linux/UNIX system programming training

semanage-permissive(8) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | SEE ALSO | AUTHOR | COLOPHON 

semanage-permissive(8)                             semanage-permissive(8)

NAME         top

       semanage-permissive - SELinux Policy Management permissive mapping
       tool

SYNOPSIS         top

       semanage permissive [-h] [-n] [-N] [-S STORE] (--add TYPE |
       --delete TYPE | --deleteall | --extract | --list)

DESCRIPTION         top

       semanage is used to configure certain elements of SELinux policy
       without requiring modification to or recompilation from policy
       sources.  semanage permissive adds or removes a SELinux Policy
       permissive module. Please note that this command can make any
       ___domain permissive, but can only remove the permissive property
       from domains where it was added by semanage permissive ("semanage
       permissive -d" can only be used on types listed as "Customized
       Permissive Types" by "semanage permissive -l").

OPTIONS         top

       -h, --help
              Show this help message and exit

       -a, --add
              Add a record of the specified object type

       -d, --delete
              Delete a record of the specified object type

       -D, --deleteall
              Remove all local customizations of permissive domains

       -l, --list
              List records of the specified object type

       -E, --extract
              Extract customizable commands, for use within a transaction

       -n, --noheading
              Do not print heading when listing the specified object type

       -N, --noreload
              Do not reload the policy after commit

       -S STORE, --store STORE
              Select an alternate SELinux Policy Store to manage

EXAMPLE         top

       List all permissive domains ("Builtin Permissive Types" where set by the system policy, or a custom policy module)
       # semanage permissive -l
       Make httpd_t (Web Server) a permissive ___domain
       # semanage permissive -a httpd_t

SEE ALSO         top

       selinux(8), semanage(8)

AUTHOR         top

       This man page was written by Daniel Walsh <[email protected]>

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the project
       can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩.
       If you have a bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-02-02.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2025-01-29.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there is
       a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       [email protected]

                                 20130617          semanage-permissive(8)

Pages that refer to this page: semanage(8)

HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI