36 lines
1.2 KiB
Groff
36 lines
1.2 KiB
Groff
.TH "kerberos_selinux" "8" "17 Jan 2005" "dwalsh@redhat.com" "kerberos Selinux Policy documentation"
|
|
.de EX
|
|
.nf
|
|
.ft CW
|
|
..
|
|
.de EE
|
|
.ft R
|
|
.fi
|
|
..
|
|
.SH "NAME"
|
|
kerberos_selinux \- Security Enhanced Linux Policy for Kerberos.
|
|
.SH "DESCRIPTION"
|
|
|
|
Security-Enhanced Linux secures the system via flexible mandatory access
|
|
control. By default Kerberos access is not allowed, since it requires daemons to be allowed greater access to certain secure files and addtional access to the network.
|
|
.SH BOOLEANS
|
|
.PP
|
|
You must set the allow_kerberos boolean to allow your system to work properly in a Kerberos environment.
|
|
.EX
|
|
setsebool -P allow_kerberos 1
|
|
.EE
|
|
If you are running Kerberos daemons kadmind or krb5kdc you can disable the SELinux protection on these daemons by setting the krb5kdc_disable_trans and kadmind_disable_trans booleans.
|
|
.EX
|
|
setsebool -P krb5kdc_disable_trans 1
|
|
service krb5kdc restart
|
|
setsebool -P kadmind_disable_trans 1
|
|
service kadmind restart
|
|
.EE
|
|
.PP
|
|
system-config-securitylevel is a GUI tool available to customize SELinux policy settings.
|
|
.SH AUTHOR
|
|
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
|
|
|
|
.SH "SEE ALSO"
|
|
selinux(8), kerberos(1), chcon(1), setsebool(8)
|