31 lines
1.1 KiB
Groff
31 lines
1.1 KiB
Groff
|
.TH "nfs_selinux" "8" "17 Jan 2005" "dwalsh@redhat.com" "nfs Selinux Policy documentation"
|
||
|
.SH "NAME"
|
||
|
nfs_selinux \- Security Enhanced Linux Policy for NFS
|
||
|
.SH "DESCRIPTION"
|
||
|
|
||
|
Security-Enhanced Linux secures the nfs server via flexible mandatory access
|
||
|
control.
|
||
|
.SH BOOLEANS
|
||
|
SELinux policy is customizable based on least access required. So by
|
||
|
default SElinux policy does not allow nfs to share files. If you want to
|
||
|
setup this machine to share nfs partitions read only, you must set the boolean nfs_export_all_ro boolean.
|
||
|
|
||
|
.TP
|
||
|
setsebool -P nfs_export_all_ro 1
|
||
|
.TP
|
||
|
If you want to share files read/write you must set the nfs_export_all_rw boolean.
|
||
|
.TP
|
||
|
setsebool -P nfs_export_all_rw 1
|
||
|
|
||
|
.TP
|
||
|
If you want to use a remote NFS server for the home directories on this machine, you must set the use_nfs_home_dir boolean.
|
||
|
.TP
|
||
|
setsebool -P use_nfs_home_dirs 1
|
||
|
.TP
|
||
|
system-config-securitylevel is a GUI tool available to customize SELinux policy settings.
|
||
|
.SH AUTHOR
|
||
|
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
||
|
|
||
|
.SH "SEE ALSpppO"
|
||
|
selinux(8), chcon(1), setsebool(8)
|