semanage
SELinux Policy Management tool
semanage fcontext -{a|d|m} [-frst] file_spec
semanage fcontext -lchcon
change file SELinux security context
chcon -t <type> <file> chcon --reference <file1> <file2>
restorecon
restore file(s) default SELinux security contexts
restorecon -RF /var/www
sealert
setroubleshoot client tool
sealert -a /var/log/audit/audit.log
audit2allow
generate SELinux policy allow rules from logs of denied operations
grep dovecot_t /var/log/audit/audit.log | audit2allow -m dovecot
