danwalsh


Dan Walsh's Blog

Got SELinux?


Previous Entry Add to Memories Share Next Entry
Fedora 17 New Security Feature part VI - man pages for SELinux user/role domains
danwalsh
Ok, maybe this should be Security Feature IV.5 but Roman numerals do not support decimal points.  :^)

After I wrote the tool to generate service domains man pages, Miroslav Grepl thought it would be a good idea to generate similar policy for user domains and roles.

We hacked up a new script called segenuserman, which generates 13 new SELinux user and Role man pages.

auditadm_selinux.8  git_shell_selinux.8  logadm_selinux.8 secadm_selinux.8    sysadm_selinux.8 user_selinux.8    xguest_selinux.8 dbadm_selinux.8 guest_selinux.8  nx_server_selinux.8  staff_selinux.8 unconfined_selinux.8  webadm_selinux.8

Note segenuserman also requires senetwork.py.

Here is the staff_selinux.8 for an SELinux user, and webadm_selinux.8 for an SELinux role.

I have also updated the SELinux service domain man pages to include booleans,process types, file context paths, better descriptions, network ports.

Here is an update zebra_selinux.8




You are viewing danwalsh