semanage-interface(8) — Linux manual page

semanage-interface(8)                              semanage-interface(8)

NAME 

       semanage-interface - SELinux Policy Management network interface
       tool

SYNOPSIS 

       semanage interface [-h] [-n] [-N] [-S STORE] [ --add -t TYPE -r
       RANGE interface | --delete interface | --deleteall | --extract |
       --list [-C] | --modify -t TYPE -r RANGE interface ]

DESCRIPTION 

       semanage is used to configure certain elements of SELinux policy
       without requiring modification to or recompilation from policy
       sources.  semanage interface controls the labels assigned to
       network interfaces.

OPTIONS 

       -h, --help
              Show this help message and exit

       -n, --noheading
              Do not print heading when listing the specified object
              type

       -N, --noreload
              Do not reload policy after commit

       -S STORE, --store STORE
              Select an alternate SELinux Policy Store to manage

       -C, --locallist
              List local customizations

       -a, --add
              Add a record of the specified object type

       -d, --delete
              Delete a record of the specified object type

       -m, --modify
              Modify a record of the specified object type

       -l, --list
              List records of the specified object type

       -E, --extract
              Extract customizable commands, for use within a
              transaction

       -D, --deleteall
              Remove all local customizations

       -t TYPE, --type TYPE
              SELinux type for the object

       -r RANGE, --range RANGE
              MLS/MCS Security Range (MLS/MCS Systems only) SELinux
              Range for SELinux login mapping defaults to the SELinux
              user record range. SELinux Range for SELinux user defaults
              to s0.

EXAMPLE 

       list all interface definitions
       # semanage interface -l
       Assign type netif_t and MLS/MCS range s0:c0.c1023 to interface eth0
       # semanage interface -a -t netif_t -r s0:c0.c1023 eth0

SEE ALSO 

       selinux(8), semanage(8)

AUTHOR 

       This man page was written by Daniel Walsh <dwalsh@redhat.com>

COLOPHON 

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the
       project can be found at 
       ⟨https://github.com/SELinuxProject/selinux/wiki⟩.  If you have a
       bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2024-06-14.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2023-05-11.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       man-pages@man7.org

                                20130617           semanage-interface(8)

Pages that refer to this page: semanage(8)

...
https://man7.org/linux/man-pages/man8/semanage-interface.8.html