Samuel Fusato <samuelfusato@xxxxxxxxx> writes: >> Hope you are well. When you have time, can you kindly let me know why the >> command "semanage boolean -l" shows "homedirs" and "home dirs" on the >> Description of the booleans? Examples: >> >> [root@workstation ~]# semanage boolean -l | grep httpd_enable_homedirs >> httpd_enable_homedirs (off , off) Allow httpd to enable >> *homedirs* >> >> [root@workstation ~]# semanage boolean -l | grep use_nfs_home_dirs >> use_nfs_home_dirs (off , off) Allow use to nfs *home dirs* >> >> Why is there not a sort of standardization there? >> In this case descriptions are generated from boolean names. The algorithm is simple - the boolean name is split using '_', first world is usually subject then perm then object. 'Allow' is at adaed to the beginning and 'to' is added between subject and perm. It generally works reasonably well: httpd_enable_homedirs -> Allow httpd to enable homedirs but use_nfs_home_dirs -> Allow use to nfs home dirs If you want better descriptions, you can install `selinux-policy-devel`: # dnf install selinux-policy-devel # semanage boolean -l | grep httpd_enable_homedirs httpd_enable_homedirs (off , off) Allow httpd to read home directories As for the boolean names - httpd_enable_homedirs vs use_nfs_home_dirs - I don't know why they are inconsistent. It might be related to the fact that `homedirs` could be a feature for httpd, but it home dirs when we talk about nfs. I don't know. Petr _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
