32 lines
1.1 KiB
Groff
32 lines
1.1 KiB
Groff
|
.TH "kerberos_selinux" "8" "17 Jan 2005" "dwalsh@redhat.com" "kerberos Selinux Policy documentation"
|
||
|
.SH "NAME"
|
||
|
kerberos_selinux \- Security Enhanced Linux Policy for Kerberos.
|
||
|
.SH "DESCRIPTION"
|
||
|
|
||
|
Security-Enhanced Linux secures the system via flexible mandatory access
|
||
|
control. By default Kerberos access is not allowed, since it requires daemons to be allowed greater access to certain secure files and addtional access to the network.
|
||
|
.SH BOOLEANS
|
||
|
.TP
|
||
|
You must set the allow_kerberos boolean to allow your system to work properly in a Kerberos environment.
|
||
|
.TP
|
||
|
setsebool -P allow_kerberos 1
|
||
|
.TP
|
||
|
If you are running Kerberos daemons kadmind or krb5kdc you can disable the SELinux protection on these daemons by setting the krb5kdc_disable_trans and kadmind_disable_trans booleans.
|
||
|
.br
|
||
|
|
||
|
setsebool -P krb5kdc_disable_trans 1
|
||
|
.br
|
||
|
service krb5kdc restart
|
||
|
.br
|
||
|
setsebool -P kadmind_disable_trans booleans 1
|
||
|
.br
|
||
|
service kadmind restart
|
||
|
|
||
|
.TP
|
||
|
system-config-securitylevel is a GUI tool available to customize SELinux policy settings.
|
||
|
.SH AUTHOR
|
||
|
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
||
|
|
||
|
.SH "SEE ALSO"
|
||
|
selinux(8), kerberos(1), chcon(1), setsebool(8)
|