-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This patch looks good to me. acked. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk/I+jgACgkQrlYvE4MpobMFnwCcDSq4SIg56FuWQPA9JLK9DHpC dMkAnjNFEVj2lwIFquuypN3nGYAtS9DZ =9Mzq -----END PGP SIGNATURE-----
>From fabd705c32a9eb8270dafac775da90e8edc6b091 Mon Sep 17 00:00:00 2001 From: Dan Walsh <dwalsh@xxxxxxxxxx> Date: Thu, 3 May 2012 19:21:18 -0400 Subject: [PATCH 57/90] add some definition to the standard types available for sandboxes --- policycoreutils/sandbox/sandbox.8 | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/policycoreutils/sandbox/sandbox.8 b/policycoreutils/sandbox/sandbox.8 index 3f05c79..00d9b37 100644 --- a/policycoreutils/sandbox/sandbox.8 +++ b/policycoreutils/sandbox/sandbox.8 @@ -41,6 +41,19 @@ Create a Sandbox with temporary files for $HOME and /tmp. .TP \fB\-t type\fR Use alternate sandbox type, defaults to sandbox_t or sandbox_x_t for -X. + +\fBExamples:\fR +.br +sandbox_t - No X, No Network Access, No Open, read/write on passed in file descriptors. +.br +sandbox_min_t - No Network Access +.br +sandbox_x_t - Printer Ports +.br +sandbox_web_t - Ports required for web browsing +.br +sandbox_net_t - All network ports + .TP \fB\-T\ tmpdir Use alternate tempory directory to mount on /tmp. Defaults to tmpfs. Requires -X or -M. -- 1.7.10.2
