c986c18381
- Make mcstransd watch for content being written to /run/setrans for files names containing translations. -- This will allow apps like libvirt to write content nameing randomly selected MCS labels - Fix memory leak in mcstransd
198 lines
4.7 KiB
Diff
198 lines
4.7 KiB
Diff
diff -up mcstrans-0.3.3/man/man8/mcstransd.8.man mcstrans-0.3.3/man/man8/mcstransd.8
|
|
--- mcstrans-0.3.3/man/man8/mcstransd.8.man 2011-12-06 08:45:02.000000000 -0500
|
|
+++ mcstrans-0.3.3/man/man8/mcstransd.8 2013-03-26 12:54:30.653747835 -0400
|
|
@@ -11,7 +11,8 @@ This manual page describes the
|
|
.BR mcstransd
|
|
program.
|
|
.P
|
|
-This daemon reads /etc/selinux/{SELINUXTYPE}/setrans.conf configuration file, and communicates with libselinux via a socket in /var/run/setrans.
|
|
+This daemon reads /etc/selinux/{SELINUXTYPE}/setrans.conf and /etc/selinux/{SELINUXTYPE}/secolors.conf configuration files, and communicates with libselinux via a socket in /var/run/setrans.
|
|
+It also watches for files created in /var/run/setrans and uses the contents of these files to generate translations to the names. For example writing a file /var/run/setrans/mydomain with content of s0:c1,c2 will cause mcstrans to translate s0:c1,c2 to mydomain.
|
|
|
|
.SH "AUTHOR"
|
|
This man page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
diff -up mcstrans-0.3.3/man/man8/secolor.conf.8.man mcstrans-0.3.3/man/man8/secolor.conf.8
|
|
--- mcstrans-0.3.3/man/man8/secolor.conf.8.man 2013-03-26 12:51:30.505001415 -0400
|
|
+++ mcstrans-0.3.3/man/man8/secolor.conf.8 2013-03-26 12:51:30.504001411 -0400
|
|
@@ -0,0 +1,180 @@
|
|
+.TH "secolor.conf" "8" "08 April 2011" "SELinux API documentation"
|
|
+.SH "NAME"
|
|
+secolor.conf \- The SELinux color configuration file
|
|
+.
|
|
+.SH "DESCRIPTION"
|
|
+The
|
|
+.I /etc/selinux/{SELINUXTYPE}/secolor.conf
|
|
+configuation file controls the color to be associated to the context components associated to the
|
|
+.I raw
|
|
+context passed by
|
|
+.BR selinux_raw_context_to_color "(3),"
|
|
+when context related information is to be displayed in color by an SELinux-aware application.
|
|
+.sp
|
|
+.BR selinux_raw_context_to_color "(3)"
|
|
+obtains this color information from the active policy
|
|
+.B secolor.conf
|
|
+file as returned by
|
|
+.BR selinux_colors_path "(3)."
|
|
+.
|
|
+.SH "FILE FORMAT"
|
|
+The file format is as follows:
|
|
+.RS
|
|
+.B color
|
|
+.I color_name
|
|
+.BI "= #"color_mask
|
|
+.br
|
|
+[...]
|
|
+.sp
|
|
+.I context_component string
|
|
+.B =
|
|
+.I fg_color_name bg_color_name
|
|
+.br
|
|
+[...]
|
|
+.sp
|
|
+.RE
|
|
+
|
|
+Where:
|
|
+.br
|
|
+.B color
|
|
+.RS
|
|
+The color keyword. Each color entry is on a new line.
|
|
+.RE
|
|
+.I color_name
|
|
+.RS
|
|
+A single word name for the color (e.g. red).
|
|
+.RE
|
|
+.I color_mask
|
|
+.RS
|
|
+A color mask starting with a hash (#) that describes the hexadecimal RGB colors with black being #000000 and white being #ffffff.
|
|
+.RE
|
|
+.I context_component
|
|
+.RS
|
|
+The context component name that must be one of the following:
|
|
+.br
|
|
+.RS
|
|
+user, role, type or range
|
|
+.RE
|
|
+Each
|
|
+.IR context_component " " string " ..."
|
|
+entry is on a new line.
|
|
+.RE
|
|
+.I string
|
|
+.RS
|
|
+This is the
|
|
+.I context_component
|
|
+string that will be matched with the
|
|
+.I raw
|
|
+context component passed by
|
|
+.BR selinux_raw_context_to_color "(3)."
|
|
+.br
|
|
+A wildcard '*' may be used to match any undefined string for the user, role and type
|
|
+.I context_component
|
|
+entries only.
|
|
+.RE
|
|
+
|
|
+.I fg_color_name
|
|
+.RS
|
|
+The color_name string that will be used as the foreground color.
|
|
+A
|
|
+.I color_mask
|
|
+may also be used.
|
|
+.RE
|
|
+.I bg_color_name
|
|
+.RS
|
|
+The color_name string that will be used as the background color.
|
|
+A
|
|
+.I color_mask
|
|
+may also be used.
|
|
+.RE
|
|
+.
|
|
+.SH "EXAMPLES"
|
|
+Example 1 entries are:
|
|
+.RS
|
|
+color black = #000000
|
|
+.br
|
|
+color green = #008000
|
|
+.br
|
|
+color yellow = #ffff00
|
|
+.br
|
|
+color blue = #0000ff
|
|
+.br
|
|
+color white = #ffffff
|
|
+.br
|
|
+color red = #ff0000
|
|
+.br
|
|
+color orange = #ffa500
|
|
+.br
|
|
+color tan = #D2B48C
|
|
+.sp
|
|
+user * = black white
|
|
+.br
|
|
+role * = white black
|
|
+.br
|
|
+type * = tan orange
|
|
+.br
|
|
+range s0\-s0:c0.c1023 = black green
|
|
+.br
|
|
+range s1\-s1:c0.c1023 = white green
|
|
+.br
|
|
+range s3\-s3:c0.c1023 = black tan
|
|
+.br
|
|
+range s5\-s5:c0.c1023 = white blue
|
|
+.br
|
|
+range s7\-s7:c0.c1023 = black red
|
|
+.br
|
|
+range s9\-s9:c0.c1023 = black orange
|
|
+.br
|
|
+range s15:c0.c1023 = black yellow
|
|
+.RE
|
|
+
|
|
+.sp
|
|
+Example 2 entries are:
|
|
+.RS
|
|
+color black = #000000
|
|
+.br
|
|
+color green = #008000
|
|
+.br
|
|
+color yellow = #ffff00
|
|
+.br
|
|
+color blue = #0000ff
|
|
+.br
|
|
+color white = #ffffff
|
|
+.br
|
|
+color red = #ff0000
|
|
+.br
|
|
+color orange = #ffa500
|
|
+.br
|
|
+color tan = #d2b48c
|
|
+.sp
|
|
+user unconfined_u = #ff0000 green
|
|
+.br
|
|
+role unconfined_r = red #ffffff
|
|
+.br
|
|
+type unconfined_t = red orange
|
|
+.br
|
|
+user user_u = black green
|
|
+.br
|
|
+role user_r = white black
|
|
+.br
|
|
+type user_t = tan red
|
|
+.br
|
|
+user xguest_u = black yellow
|
|
+.br
|
|
+role xguest_r = black red
|
|
+.br
|
|
+type xguest_t = black green
|
|
+.br
|
|
+user sysadm_u = white black
|
|
+.br
|
|
+range s0:c0.c1023 = black white
|
|
+.br
|
|
+user * = black white
|
|
+.br
|
|
+role * = black white
|
|
+.br
|
|
+type * = black white
|
|
+.RE
|
|
+.
|
|
+.SH "SEE ALSO"
|
|
+.BR mcstransd "(8), " selinux_raw_context_to_color "(3), " selinux_colors_path "(3)"
|