auto-import changelog data from libselinux-1.15.3-2.src.rpm

Thu Aug 12 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-2
- Add man page for boolean functions and SELinux
This commit is contained in:
cvsdist 2004-09-09 07:44:20 +00:00
parent 6edaf310fa
commit 26188d788e
2 changed files with 169 additions and 1 deletions

163
libselinux-rhat.patch Normal file
View File

@ -0,0 +1,163 @@
--- libselinux-1.15.3/man/man8/selinux.8.rhat 2004-08-12 13:50:51.176363962 -0400
+++ libselinux-1.15.3/man/man8/selinux.8 2004-08-12 13:51:30.845891464 -0400
@@ -0,0 +1,86 @@
+.TH "selinux" "1" "11 Aug 2004" "dwalsh@redhat.com" "SELinux
+Command Line documentation"
+
+SELinux is an implementation of Mandatory Access Control on the
+Linux Operating System.
+.br
+
+This manual page describes SELinux.
+.br
+
+Security-enhanced Linux is a patch of the Linux kernel and a num-
+ber of utilities with enhanced security functionality designed to
+add mandatory access controls to Linux. The Security-enhanced
+Linux kernel contains new architectural components originally de-
+veloped to improve the security of the Flask operating system.
+These architectural components provide general support for the
+enforcement of many kinds of mandatory access control policies,
+including those based on the concepts of Type Enforcement®, Role-
+based Access Control, and Multi-level Security.
+.br
+
+SELinux can be disabled by setting the enfironment SELINUX variable to disabled in the the /etc/selinux/config file.
+SELinux can also be run in either enforcing or permissive mode. Permissive means that
+log file will receive an access denied messages but still allow the access to happen. Permissive and Enforcing mode do not necessarily report the same messages to the log file. You can enable SELinux but setting the SELINUX variable in the /etc/selinux/config file to either Enforcing or Permissive.
+.br
+
+SELinux was designed to allow Flexible Mandatory Access Control, so multiple policies could be run on a system (Only one at a time). Two types of SELinux policy are Targeted and Strict. Targeted policy is designed as a policy where everything is allowed and certain applications (daemons) transition to locked down domains. For example the user would run in a totaly unconfined domain while the named daemon will run in very limited domain. Strict policy is designed where everything is denied by default. In order to run strict policy you should have a very controlled environment. It is envisioned in the future other policies will be created (MLS for example). You can define which policy you will run by setting the SELINUXTYPE environment variable within /etc/selinux/config. Policyfiles must be installed in the /etc/selinux/POLICYTYPE/ directories.
+.br
+
+You can also further manipulate the way SELinux enforced policy via booleans and tunables.
+.pr
+
+system-config-securitylevel is a GUI which allows you to manipulate the SELinux runs.
+.SH AUTHOR
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
+
+.SH "SEE ALSO"
+.BR setsebool"(8)", selinuxenabled"(8)", booleans"(8)"
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
--- libselinux-1.15.3/man/man8/setsebool.8.rhat 2004-08-12 13:50:40.606555643 -0400
+++ libselinux-1.15.3/man/man8/setsebool.8 2004-08-12 13:06:47.466426159 -0400
@@ -0,0 +1,24 @@
+.TH "setsebool" "1" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
+setsebool \- set SELinux boolean value
+
+.SH "SYNOPSIS"
+.B setsebool
+.I "boolean value"
+
+.SH "DESCRIPTION"
+This manual page describes the
+.BR setsebool
+command.
+.B setsebool
+sets the state of a particular SELinux boolean.
+.SH OPTIONS
+.TP
+
+.SH AUTHOR
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
+The program was written by Stephen Smalley <sds@epoch.ncsc.mil>.
+
+
+.SH "SEE ALSO"
+.BR getsebool"(8)", booleans"(8)"
--- libselinux-1.15.3/man/man8/booleans.8.rhat 2004-08-12 13:50:46.735864601 -0400
+++ libselinux-1.15.3/man/man8/booleans.8 2004-08-12 13:27:17.207780310 -0400
@@ -0,0 +1,15 @@
+.TH "booleans" "1" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
+booleans \- Booleans are a switches that allow you to configure SELinux policy.
+
+.SH "DESCRIPTION"
+This manual page describes SELinux booleans.
+.BR
+
+Policy is written with a several if/than/else clauses around boolean values. These booleans allow an administrator to manipulate the way policy works. For example the boolean httpd_enable_cgi allows the httpd daemon to run cgi scripts if it is enabled.
+If the admin does not want to allow cgi scripts, he can turn this boolean value off. Booleans values are stored in the /etc/selinux/POLICYTYPE/booleans file, where POLICYTYPE if the type of policy currently being run on the system as defined in the /etc/selinux/config file. system-config-securitylevel is a gui that allows you to manipulates booleans.
+.SH AUTHOR
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
+
+.SH "SEE ALSO"
+.BR getsebool"(8)", setsebool"(8)", selinux"(8)"
--- libselinux-1.15.3/man/man8/getsebool.8.rhat 2004-08-12 13:50:37.999849534 -0400
+++ libselinux-1.15.3/man/man8/getsebool.8 2004-08-12 13:04:52.878345268 -0400
@@ -0,0 +1,26 @@
+.TH "getsebool" "1" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
+.SH "NAME"
+getsebool \- get SELinux boolean value(s)
+
+.SH "SYNOPSIS"
+.B getsebool
+.I "[-a] [boolean]"
+
+.SH "DESCRIPTION"
+This manual page describes the
+.BR getsebool
+command.
+.B getsebool
+reports the current state of either a particular SELinux boolean or all SELinux booleans.
+.SH OPTIONS
+.TP
+.B \-a
+Show all SELinux booleans.
+
+.SH AUTHOR
+This manual page was written by Dan Walsh <dwalsh@redhat.com>.
+The program was written by Stephen Smalley <sds@epoch.ncsc.mil>.
+
+
+.SH "SEE ALSO"
+.BR setsebool"(8)", selinuxenabled"(8)"

View File

@ -1,10 +1,11 @@
Summary: SELinux library and simple utilities Summary: SELinux library and simple utilities
Name: libselinux Name: libselinux
Version: 1.15.3 Version: 1.15.3
Release: 1 Release: 2
License: Public domain (uncopyrighted) License: Public domain (uncopyrighted)
Group: System Environment/Libraries Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz Source: http://www.nsa.gov/selinux/archives/libselinux-%{version}.tgz
Patch: libselinux-rhat.patch
Prefix: %{_prefix} Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-buildroot BuildRoot: %{_tmppath}/%{name}-buildroot
Provides: libselinux.so Provides: libselinux.so
@ -35,6 +36,7 @@ needed for developing SELinux applications.
%prep %prep
%setup -q %setup -q
%patch -p1 -b .rhat
%build %build
make make
@ -69,6 +71,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_mandir}/man8/* %{_mandir}/man8/*
%changelog %changelog
* Thu Aug 12 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-2
- Add man page for boolean functions and SELinux
* Sat Aug 8 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-1 * Sat Aug 8 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-1
- Latest from NSA - Latest from NSA