selinux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page
@ 2020-04-20 11:47 Christian Göttsche
  2020-04-20 11:47 ` [PATCH 2/2] semodule: mention ignoredirs setting in genhomedircon " Christian Göttsche
  2020-04-26 18:15 ` [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in " Nicolas Iooss
  0 siblings, 2 replies; 4+ messages in thread
From: Christian Göttsche @ 2020-04-20 11:47 UTC (permalink / raw)
  To: selinux

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libsemanage/man/man5/semanage.conf.5 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5
index 8efc7dd5..7d6f2fef 100644
--- a/libsemanage/man/man5/semanage.conf.5
+++ b/libsemanage/man/man5/semanage.conf.5
@@ -95,8 +95,8 @@ to this option set to "false").
 
 .TP
 .B handle-unknown
-This option controls the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
-It can be set to "deny", "reject" or "allow".
+This option overrides the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
+It can be set to "deny", "reject" or "allow". By default the setting from the policy is taken.
 
 .TP
 .B bzip-blocksize
-- 
2.26.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] semodule: mention ignoredirs setting in genhomedircon man page
  2020-04-20 11:47 [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page Christian Göttsche
@ 2020-04-20 11:47 ` Christian Göttsche
  2020-04-26 18:15 ` [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in " Nicolas Iooss
  1 sibling, 0 replies; 4+ messages in thread
From: Christian Göttsche @ 2020-04-20 11:47 UTC (permalink / raw)
  To: selinux

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 policycoreutils/semodule/genhomedircon.8 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policycoreutils/semodule/genhomedircon.8 b/policycoreutils/semodule/genhomedircon.8
index 2a3315b5..ecab7ba3 100644
--- a/policycoreutils/semodule/genhomedircon.8
+++ b/policycoreutils/semodule/genhomedircon.8
@@ -16,6 +16,9 @@ This script is usually executed by
 although this default behavior can be optionally modified by setting to "true" the
 "disable-genhomedircon" in /etc/selinux/semanage.conf.
 
+Directories can be excluded from the list of home directories by the setting "ignoredirs"
+in /etc/selinux/semanage.conf.
+
 .SH AUTHOR
 This manual page was written by
 .I Dan Walsh <dwalsh@redhat.com>
-- 
2.26.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page
  2020-04-20 11:47 [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page Christian Göttsche
  2020-04-20 11:47 ` [PATCH 2/2] semodule: mention ignoredirs setting in genhomedircon " Christian Göttsche
@ 2020-04-26 18:15 ` Nicolas Iooss
  2020-04-28  7:34   ` Nicolas Iooss
  1 sibling, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2020-04-26 18:15 UTC (permalink / raw)
  To: Christian Göttsche; +Cc: SElinux list

On Mon, Apr 20, 2020 at 1:47 PM Christian Göttsche
<cgzones@googlemail.com> wrote:
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

For both patches:

Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>

If nobody raises an objection, I will merge the 2 patches tomorrow,
with "unkown" replaced with "unknown" in the subject of the first one.

Thanks,
Nicolas
> ---
>  libsemanage/man/man5/semanage.conf.5 | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5
> index 8efc7dd5..7d6f2fef 100644
> --- a/libsemanage/man/man5/semanage.conf.5
> +++ b/libsemanage/man/man5/semanage.conf.5
> @@ -95,8 +95,8 @@ to this option set to "false").
>
>  .TP
>  .B handle-unknown
> -This option controls the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
> -It can be set to "deny", "reject" or "allow".
> +This option overrides the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
> +It can be set to "deny", "reject" or "allow". By default the setting from the policy is taken.
>
>  .TP
>  .B bzip-blocksize
> --
> 2.26.1
>


^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page
  2020-04-26 18:15 ` [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in " Nicolas Iooss
@ 2020-04-28  7:34   ` Nicolas Iooss
  0 siblings, 0 replies; 4+ messages in thread
From: Nicolas Iooss @ 2020-04-28  7:34 UTC (permalink / raw)
  To: Christian Göttsche; +Cc: SElinux list

On Sun, Apr 26, 2020 at 8:15 PM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>
> On Mon, Apr 20, 2020 at 1:47 PM Christian Göttsche
> <cgzones@googlemail.com> wrote:
> >
> > Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
>
> For both patches:
>
> Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
>
> If nobody raises an objection, I will merge the 2 patches tomorrow,
> with "unkown" replaced with "unknown" in the subject of the first one.

Merged both patches about man pages. As discussed in another thread, I
did not merge the third patch (mark security_context_t typedef as
deprecated).

Thanks,
Nicolas
> > ---
> >  libsemanage/man/man5/semanage.conf.5 | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5
> > index 8efc7dd5..7d6f2fef 100644
> > --- a/libsemanage/man/man5/semanage.conf.5
> > +++ b/libsemanage/man/man5/semanage.conf.5
> > @@ -95,8 +95,8 @@ to this option set to "false").
> >
> >  .TP
> >  .B handle-unknown
> > -This option controls the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
> > -It can be set to "deny", "reject" or "allow".
> > +This option overrides the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
> > +It can be set to "deny", "reject" or "allow". By default the setting from the policy is taken.
> >
> >  .TP
> >  .B bzip-blocksize
> > --
> > 2.26.1
> >


^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-04-28  7:34 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-20 11:47 [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page Christian Göttsche
2020-04-20 11:47 ` [PATCH 2/2] semodule: mention ignoredirs setting in genhomedircon " Christian Göttsche
2020-04-26 18:15 ` [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in " Nicolas Iooss
2020-04-28  7:34   ` Nicolas Iooss

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).