diff --git a/Changelog b/Changelog index 8fe62ff..afa8aa4 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,4 @@ +- Man page updates from Dan Walsh. - Two patches from Paul Moore to for ipsec to remove redundant rules and have setkey read the config file. - Move booleans and tunables to modules when it is only used in a single diff --git a/man/man8/ftpd_selinux.8 b/man/man8/ftpd_selinux.8 index 017b212..42f96b9 100644 --- a/man/man8/ftpd_selinux.8 +++ b/man/man8/ftpd_selinux.8 @@ -39,14 +39,10 @@ setsebool -P ftp_home_dir 1 ftpd can run either as a standalone daemon or as part of the xinetd domain. If you want to run ftpd as a daemon you must set the ftpd_is_daemon boolean. .TP setsebool -P ftpd_is_daemon 1 -.TP -You can disable SELinux protection for the ftpd daemon by executing: -.TP -setsebool -P ftpd_disable_trans 1 .br service vsftpd restart .TP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/httpd_selinux.8 b/man/man8/httpd_selinux.8 index 3330e00..4bacdfc 100644 --- a/man/man8/httpd_selinux.8 +++ b/man/man8/httpd_selinux.8 @@ -110,22 +110,7 @@ setsebool -P httpd_can_network_connect 1 .EE .PP -You can disable suexec transition, set httpd_suexec_disable_trans deny this - -.EX -setsebool -P httpd_suexec_disable_trans 1 -.EE - -.PP -You can disable SELinux protection for the httpd daemon by executing: - -.EX -setsebool -P httpd_disable_trans 1 -service httpd restart -.EE - -.PP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/kerberos_selinux.8 b/man/man8/kerberos_selinux.8 index 52ca3b3..8d299ed 100644 --- a/man/man8/kerberos_selinux.8 +++ b/man/man8/kerberos_selinux.8 @@ -18,16 +18,9 @@ control. By default Kerberos access is not allowed, since it requires daemons to You must set the allow_kerberos boolean to allow your system to work properly in a Kerberos environment. .EX setsebool -P allow_kerberos 1 -.EE -If you are running Kerberos daemons kadmind or krb5kdc you can disable the SELinux protection on these daemons by setting the krb5kdc_disable_trans and kadmind_disable_trans booleans. -.EX -setsebool -P krb5kdc_disable_trans 1 -service krb5kdc restart -setsebool -P kadmind_disable_trans 1 -service kadmind restart .EE .PP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/named_selinux.8 b/man/man8/named_selinux.8 index d2f601b..4dab2e2 100644 --- a/man/man8/named_selinux.8 +++ b/man/man8/named_selinux.8 @@ -20,13 +20,7 @@ default SElinux policy does not allow named to write master zone files. If you setsebool -P named_write_master_zones 1 .EE .PP -You can disable SELinux protection for the named daemon by executing: -.EX -setsebool -P named_disable_trans 1 -service named restart -.EE -.PP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/nfs_selinux.8 b/man/man8/nfs_selinux.8 index 422f042..0065b4a 100644 --- a/man/man8/nfs_selinux.8 +++ b/man/man8/nfs_selinux.8 @@ -22,7 +22,7 @@ If you want to use a remote NFS server for the home directories on this machine, .TP setsebool -P use_nfs_home_dirs 1 .TP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/rsync_selinux.8 b/man/man8/rsync_selinux.8 index fece9c7..0214f67 100644 --- a/man/man8/rsync_selinux.8 +++ b/man/man8/rsync_selinux.8 @@ -36,13 +36,7 @@ setsebool -P allow_rsync_anon_write=1 .SH BOOLEANS .TP -You can disable SELinux protection for the rsync daemon by executing: -.EX -setsebool -P rsync_disable_trans 1 -service xinetd restart -.EE -.TP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/samba_selinux.8 b/man/man8/samba_selinux.8 index f0268cc..42e56ec 100644 --- a/man/man8/samba_selinux.8 +++ b/man/man8/samba_selinux.8 @@ -41,17 +41,7 @@ If you want to use a remote Samba server for the home directories on this machin setsebool -P use_samba_home_dirs 1 .TP -You can disable SELinux protection for the samba daemon by executing: -.br - -setsebool -P smbd_disable_trans 1 -.br -service smb restart -.TP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. - - - +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh . diff --git a/man/man8/ypbind_selinux.8 b/man/man8/ypbind_selinux.8 index ed07681..6ea0d6c 100644 --- a/man/man8/ypbind_selinux.8 +++ b/man/man8/ypbind_selinux.8 @@ -11,7 +11,7 @@ You must set the allow_ypbind boolean to allow your system to work properly in a .TP setsebool -P allow_ypbind 1 .TP -system-config-securitylevel is a GUI tool available to customize SELinux policy settings. +system-config-selinux is a GUI tool available to customize SELinux policy settings. .SH AUTHOR This manual page was written by Dan Walsh .