James Carter <jwcart2@xxxxxxxxx> writes:
> On Thu, May 4, 2023 at 8:06 AM Vit Mojzis <vmojzis@xxxxxxxxxx> wrote:
>>
>> - Explain applying range/list of categories
>> - "-d" removes all categories of given file/user
>> - Add examples
>>
>> Signed-off-by: Vit Mojzis <vmojzis@xxxxxxxxxx>
>
> For all four of these patches:
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
Merged, thanks!
>> ---
>> python/chcat/chcat.8 | 23 ++++++++++++++++-------
>> 1 file changed, 16 insertions(+), 7 deletions(-)
>>
>> diff --git a/python/chcat/chcat.8 b/python/chcat/chcat.8
>> index d095a255..3e1f7ca2 100644
>> --- a/python/chcat/chcat.8
>> +++ b/python/chcat/chcat.8
>> @@ -1,6 +1,6 @@
>> .TH CHCAT "8" "September 2005" "chcat" "User Commands"
>> .SH NAME
>> -chcat \- change file SELinux security category
>> +chcat \- change SELinux security categories of files/users
>> .SH SYNOPSIS
>> .B chcat
>> \fIcategory file\fR...
>> @@ -25,23 +25,33 @@ chcat \- change file SELinux security category
>> .br
>> .SH DESCRIPTION
>> .PP
>> -Change/Remove the security \fIcategory\fR for each \fIfile\fR or \fIuser\fR.
>> -.PP
>> -Use +/- to add/remove categories from a \fIfile\fR or \fIuser\fR.
>> +Use +/- to add/remove categories from a \fIfile\fR or \fIuser\fR (only a single category can be specified at a time). Or specify the desired list/range of categories to be applied (replacing the existing categories).
>> .PP
>> .B
>> Note:
>> -When removing a category you must specify '\-\-' on the command line before using the \-Category syntax. This tells the command that you have finished entering options and are now specifying a category name instead.
>> +When removing a category you must specify '\-\-' on the command line before using the \-Category syntax. This tells the command that you have finished entering options and are now specifying a category name instead.
>>
>> .TP
>> \fB\-d\fR
>> -delete the category from each FILE/USER.
>> +delete all categories from given FILE/USER.
>> .TP
>> \fB\-L\fR
>> list available categories.
>> .TP
>> \fB\-l\fR
>> Tells chcat to operate on users instead of files.
>> +
>> +.SH EXAMPLE
>> +.nf
>> +Replace categories of user "test" with c0.c6
>> +# chcat -l c0.c6 test
>> +Add category c1023 to user "test"
>> +# chcat -l +c1023 test
>> +Remove category c5 from file "file"
>> +# chcat -- -c5 file
>> +Remove all categories from file "file"
>> +# chcat -d file
>> +
>> .SH "SEE ALSO"
>> .TP
>> chcon(1), selinux(8), semanage(8)
>> @@ -52,4 +62,3 @@ When operating on files this script wraps the chcon command.
>> /etc/selinux/{SELINUXTYPE}/setrans.conf
>> .br
>> /etc/selinux/{SELINUXTYPE}/seusers
>> -
>> --
>> 2.40.0
>>
