67 lines
2.7 KiB
Diff
67 lines
2.7 KiB
Diff
--- libselinux-1.23.10/man/man8/selinux.8.rhat 2005-04-29 14:07:14.000000000 -0400
|
|
+++ libselinux-1.23.10/man/man8/selinux.8 2005-05-11 10:56:10.000000000 -0400
|
|
@@ -1,4 +1,4 @@
|
|
-.TH "selinux" "8" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
+.TH "selinux" "8" "29 Apr 2005" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
|
|
.SH "NAME"
|
|
selinux \- NSA Security-Enhanced Linux (SELinux)
|
|
@@ -62,11 +62,22 @@
|
|
.B system-config-securitylevel
|
|
allows customization of these booleans and tunables.
|
|
|
|
+.br
|
|
+Many domains that are protected by SELinux also include selinux man pages explainging how to customize their policy.
|
|
+
|
|
+.SH FILE LABELING
|
|
+
|
|
+All files, directories, devices ... have a security context/label associated with them. These context are stored in the extended attributes of the file system.
|
|
+Problems with SELinux often arise from the file system being mislabeled. This can be caused by booting the machine with a non selinux kernel. If you see an error message containing file_t, that is usually a good indicator that you have a serious problem with file system labeling.
|
|
+.br
|
|
+The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files.
|
|
+
|
|
.SH AUTHOR
|
|
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
|
|
.SH "SEE ALSO"
|
|
-booleans(8), setsebool(8), selinuxenabled(8), togglesebool(8)
|
|
+booleans(8), setsebool(8), selinuxenabled(8), togglesebool(8), restorecon(8), setfiles(8), ftpd_selinux(8), named_selinux(8), rsync_selinux(8), httpd_selinux(8), nfs_selinux(8), samba_selinux(8), kerberos_selinux(8), nis_selinux(8), ypbind_selinux(8)
|
|
+
|
|
|
|
.SH FILES
|
|
/etc/selinux/config
|
|
--- libselinux-1.23.10/utils/avcstat.c.rhat 2005-04-29 14:07:14.000000000 -0400
|
|
+++ libselinux-1.23.10/utils/avcstat.c 2005-05-11 10:57:30.000000000 -0400
|
|
@@ -90,12 +90,15 @@
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
+ struct avc_cache_stats tot, rel, last;
|
|
int fd, i, cumulative = 0;
|
|
struct sigaction sa;
|
|
char avcstatfile[PATH_MAX];
|
|
snprintf(avcstatfile, sizeof avcstatfile, "%s%s", selinux_mnt, DEF_STAT_FILE);
|
|
progname = basename(argv[0]);
|
|
|
|
+ memset(&last, 0, sizeof(last));
|
|
+
|
|
while((i = getopt(argc, argv, "cf:h?-")) != -1) {
|
|
switch (i) {
|
|
case 'c':
|
|
@@ -144,7 +147,6 @@
|
|
for (i = 0;; i++) {
|
|
char *line;
|
|
ssize_t ret, parsed = 0;
|
|
- struct avc_cache_stats tot, rel, last;
|
|
|
|
memset(buf, 0, DEF_BUF_SIZE);
|
|
ret = read(fd, buf, DEF_BUF_SIZE);
|
|
@@ -166,7 +168,6 @@
|
|
"hits", "misses", "allocs", "reclaims", "frees");
|
|
|
|
memset(&tot, 0, sizeof(tot));
|
|
- memset(&last, 0, sizeof(last));
|
|
|
|
while ((line = strtok(NULL, "\n"))) {
|
|
struct avc_cache_stats tmp;
|