118 lines
4.2 KiB
Diff
118 lines
4.2 KiB
Diff
From 1540d4dd89af42b6a6c66e517142a2f5bade0974 Mon Sep 17 00:00:00 2001
|
|
From: Vit Mojzis <vmojzis@redhat.com>
|
|
Date: Thu, 1 Jun 2023 16:39:15 +0200
|
|
Subject: [PATCH] libselinux: Add examples to man pages
|
|
|
|
Also fix some typos and remove trailing whitespaces.
|
|
|
|
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
|
|
Acked-by: Petr Lautrbach <lautrbach@redhat.com>
|
|
---
|
|
libselinux/man/man8/getsebool.8 | 18 +++++++++++-------
|
|
libselinux/man/man8/matchpathcon.8 | 19 +++++++++++++------
|
|
2 files changed, 24 insertions(+), 13 deletions(-)
|
|
|
|
diff --git a/libselinux/man/man8/getsebool.8 b/libselinux/man/man8/getsebool.8
|
|
index d70bf1e4..9e36f04f 100644
|
|
--- a/libselinux/man/man8/getsebool.8
|
|
+++ b/libselinux/man/man8/getsebool.8
|
|
@@ -1,6 +1,6 @@
|
|
.TH "getsebool" "8" "11 Aug 2004" "dwalsh@redhat.com" "SELinux Command Line documentation"
|
|
.SH "NAME"
|
|
-getsebool \- get SELinux boolean value(s)
|
|
+getsebool \- get SELinux boolean value(s)
|
|
.
|
|
.SH "SYNOPSIS"
|
|
.B getsebool
|
|
@@ -8,17 +8,16 @@ getsebool \- get SELinux boolean value(s)
|
|
.RI [ boolean ]
|
|
.
|
|
.SH "DESCRIPTION"
|
|
-.B getsebool
|
|
-reports where a particular SELinux boolean or
|
|
-all SELinux booleans are on or off
|
|
-In certain situations a boolean can be in one state with a pending
|
|
-change to the other state. getsebool will report this as a pending change.
|
|
+.B getsebool
|
|
+reports whether a particular SELinux boolean, or all SELinux booleans, are on or off.
|
|
+In certain situations a boolean can be in one state with a pending
|
|
+change to the other state. getsebool will report this as a pending change.
|
|
The pending value indicates
|
|
the value that will be applied upon the next boolean commit.
|
|
|
|
The setting of boolean values occurs in two stages; first the pending
|
|
value is changed, then the booleans are committed, causing their
|
|
-active values to become their pending values. This allows a group of
|
|
+active values to become their pending values. This allows a group of
|
|
booleans to be changed in a single transaction, by setting all of
|
|
their pending values as desired and then committing once.
|
|
.
|
|
@@ -27,6 +26,11 @@ their pending values as desired and then committing once.
|
|
.B \-a
|
|
Show all SELinux booleans.
|
|
.
|
|
+.SH EXAMPLE
|
|
+.nf
|
|
+Show current state of httpd_can_connect_ftp
|
|
+# getsebool httpd_can_connect_ftp
|
|
+.
|
|
.SH AUTHOR
|
|
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
The program was written by Tresys Technology.
|
|
diff --git a/libselinux/man/man8/matchpathcon.8 b/libselinux/man/man8/matchpathcon.8
|
|
index 50c0d392..6d848f43 100644
|
|
--- a/libselinux/man/man8/matchpathcon.8
|
|
+++ b/libselinux/man/man8/matchpathcon.8
|
|
@@ -25,8 +25,8 @@ queries the system policy and outputs the default security context associated wi
|
|
Identical paths can have different security contexts, depending on the file
|
|
type (regular file, directory, link file, char file ...).
|
|
|
|
-.B matchpathcon
|
|
-will also take the file type into consideration in determining the default security context if the file exists. If the file does not exist, no file type matching will occur.
|
|
+.B matchpathcon
|
|
+will also take the file type into consideration in determining the default security context if the file exists. If the file does not exist, no file type matching will occur.
|
|
.
|
|
.SH OPTIONS
|
|
.TP
|
|
@@ -34,19 +34,19 @@ will also take the file type into consideration in determining the default secur
|
|
Force file type for the lookup.
|
|
Valid types are
|
|
.BR file ", " dir ", "pipe ", " chr_file ", " blk_file ", "
|
|
-.BR lnk_file ", " sock_file .
|
|
+.BR lnk_file ", " sock_file
|
|
.TP
|
|
.B \-n
|
|
-Do not display path.
|
|
+Do not display path
|
|
.TP
|
|
.B \-N
|
|
-Do not use translations.
|
|
+Do not use translations
|
|
.TP
|
|
.BI \-f " file_context_file"
|
|
Use alternate file_context file
|
|
.TP
|
|
.BI \-p " prefix"
|
|
-Use prefix to speed translations
|
|
+Use prefix to speed up translations
|
|
.TP
|
|
.BI \-P " policy_root_path"
|
|
Use alternate policy root path
|
|
@@ -54,6 +54,13 @@ Use alternate policy root path
|
|
.B \-V
|
|
Verify file context on disk matches defaults
|
|
.
|
|
+.SH EXAMPLE
|
|
+.nf
|
|
+Show the default label of sock_file cups.sock
|
|
+# matchpathcon -m sock_file /var/run/cups/cups.sock
|
|
+Verify that /var/www/html directory is labeled correctly (the content of the folder is not checked)
|
|
+# matchpathcon -V /var/www/html
|
|
+.
|
|
.SH AUTHOR
|
|
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
.
|
|
--
|
|
2.40.0
|
|
|