On Thu, 2009-04-23 at 14:25 +1000, Scott Radvan wrote:
> The Fedora SELinux managing-confined-services guide I have been working
> on is nearing completion.
>
> I would greatly appreciate any and all comments or corrections that
> anyone has on it.
Nice, thank you.
Currently i only have a few comments:
-By default, Linux users run unconfined in Fedora, which is why the
testfile file is labeled with the SELinux unconfined_u user
+testfile is labeled with the SELinux unconfined_u user because a unix
user that is mapped to the unconfined_u SELinux user created the file.
Maybe you can mention "semanage boolean' instead of /or besides
get/setsebool.
semanage can do it as well and it might be easier for people that do not
know better if a lot of this stuff is done in a centralized place.
I think dwalsh is working on getting semanage to do most of this stuff.
So that one doesnt have to use 4 different utils to get something done.
semanage boolean -{d|m} [--on|--off|-1|-0] -F boolean | boolean_file
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
