From 09ad91e1fb8640e48cef895ead49d9c770016915 Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Thu, 4 May 2023 14:04:47 +0200
Subject: [PATCH] python/chcat: Improve man pages
Content-type: text/plain

- Explain applying range/list of categories
- "-d" removes all categories of given file/user
- Add examples

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Acked-by: James Carter <jwcart2@gmail.com>
---
 python/chcat/chcat.8 | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/python/chcat/chcat.8 b/python/chcat/chcat.8
index d095a2558d3a..3e1f7ca23361 100644
--- a/python/chcat/chcat.8
+++ b/python/chcat/chcat.8
@@ -1,6 +1,6 @@
 .TH CHCAT "8" "September 2005" "chcat" "User Commands"
 .SH NAME
-chcat \- change file SELinux security category
+chcat \- change SELinux security categories of files/users
 .SH SYNOPSIS
 .B chcat
 \fIcategory file\fR...
@@ -25,23 +25,33 @@ chcat \- change file SELinux security category
 .br
 .SH DESCRIPTION
 .PP
-Change/Remove the security \fIcategory\fR for each \fIfile\fR or \fIuser\fR.
-.PP
-Use +/- to add/remove categories from a \fIfile\fR or \fIuser\fR.
+Use +/- to add/remove categories from a \fIfile\fR or \fIuser\fR (only a single category can be specified at a time). Or specify the desired list/range of categories to be applied (replacing the existing categories).
 .PP
 .B
 Note:
-When removing a category you must specify '\-\-' on the command line before using the \-Category syntax.  This tells the command that you have finished entering options and are now specifying a category name instead.
+When removing a category you must specify '\-\-' on the command line before using the \-Category syntax. This tells the command that you have finished entering options and are now specifying a category name instead.
 
 .TP
 \fB\-d\fR
-delete the category from each FILE/USER.
+delete all categories from given FILE/USER.
 .TP
 \fB\-L\fR
 list available categories.
 .TP
 \fB\-l\fR
 Tells chcat to operate on users instead of files.
+
+.SH EXAMPLE
+.nf
+Replace categories of user "test" with c0.c6
+# chcat -l c0.c6 test
+Add category c1023 to user "test"
+# chcat -l +c1023 test
+Remove category c5 from file "file"
+# chcat -- -c5 file
+Remove all categories from file "file"
+# chcat -d file
+
 .SH "SEE ALSO"
 .TP
 chcon(1), selinux(8), semanage(8)
@@ -52,4 +62,3 @@ When operating on files this script wraps the chcon command.
 /etc/selinux/{SELINUXTYPE}/setrans.conf 
 .br
 /etc/selinux/{SELINUXTYPE}/seusers
-
-- 
2.41.0