[release-notes] Security.xml| Some typos, some xml tag improvements.
stephenw
stephenw at fedoraproject.org
Mon Oct 29 20:46:24 UTC 2012
commit 22bf45e1c043813ab0341fb4492c5ad96104a10a
Author: Stephen Wadeley <swadeley at redhat.com>
Date: Mon Oct 29 21:36:16 2012 +0100
Security.xml| Some typos, some xml tag improvements.
en-US/Security.xml | 38 +++++++++++++++++++-------------------
1 files changed, 19 insertions(+), 19 deletions(-)
---
diff --git a/en-US/Security.xml b/en-US/Security.xml
index 6594e19..187b05b 100644
--- a/en-US/Security.xml
+++ b/en-US/Security.xml
@@ -8,36 +8,36 @@
<title>Security</title>
<section>
- <title><productname>Active Directory</productname> made easy </title>
- <para> Fedora can be used on an <productname>Active Directory</productname> domain (or other kerberos realms, such as IPA) out of the box. It should be easy to configure domain logins on a Fedora machine, and then it should be intuitive and uneventful to login with those credentials. </para>
- <para>These improvements will also increase reliability and ease usage for any Kerberos realm, not just active directory. Improvement has been made in much of the login and authentication stack, which now includes <package>realmd</package> and <package>adcli</package>. </para>
- <para>The GNOME <guilabel>User Accounts</guilabel> Settings GUI features support for enterprise logins. </para>
- <para> With Fedora 18 it is possible to create a trust relationship between an IPA and an <productname>Active Directory</productname> domain which would allow users from one domain to access resource of the other domain. The <orgname>FreeIPA</orgname> project has documented the feature at <ulink url="http://freeipa.org/page/IPAv3_testing_AD_trust">http://freeipa.org/page/IPAv3_testing_AD_trust.</ulink>
+ <title><productname>Active Directory</productname> made easy</title>
+ <para> Fedora can be used on an <productname>Active Directory</productname> domain (or other Kerberos realms, such as IPA) out of the box. It should be easy to configure domain logins on a Fedora machine, and then it should be intuitive and uneventful to login with those credentials.</para>
+ <para>These improvements will also increase reliability and ease usage for any Kerberos realm, not just Active Directory. Improvement has been made in much of the login and authentication stack, which now includes <package>realmd</package> and <package>adcli</package>.</para>
+ <para>The GNOME <guilabel>User Accounts</guilabel> Settings GUI features support for enterprise logins.</para>
+ <para> With Fedora 18 it is possible to create a trust relationship between an IPA and an <productname>Active Directory</productname> domain which would allow users from one domain to access resources of the other domain. The <orgname>FreeIPA</orgname> project has documented the feature at <ulink url="http://freeipa.org/page/IPAv3_testing_AD_trust">http://freeipa.org/page/IPAv3_testing_AD_trust.</ulink>
</para>
</section><section>
- <title>Secure Boot </title>
- <para>UEFI Secure Boot will be supported in Fedora 18. This will allow Fedora to boot on systems that have Secure Boot enabled. Tools are available for administrators to create custom certificates to sign local changes to <application>GRUB</application> or the kernel. </para>
+ <title>Secure Boot</title>
+ <para>UEFI Secure Boot will be supported in Fedora 18. This will allow Fedora to boot on systems that have Secure Boot enabled. Tools are available for administrators to create custom certificates to sign local changes to <application>GRUB</application> or the kernel.</para>
</section><section>
- <title>rngd </title>
- <para>Random number generation is improved by enabling <package>rngd</package> by default. </para>
+ <title>rngd</title>
+ <para>Random number generation is improved by enabling <package>rngd</package> by default.</para>
</section><section>
- <title>Secure Containers </title>
- <para>Using SELinux and <package>virt-sandbox</package>, services can be run in secure sandboxes, even as root. The <package>virt-sandbox-service</package> package will create mount points and a libvirt container. </para>
+ <title>Secure Containers</title>
+ <para>Using SELinux and <package>virt-sandbox</package>, services can be run in secure sandboxes, even as root. The <package>virt-sandbox-service</package> package will create mount points and a libvirt container.</para>
</section><section>
- <title>SELinux boolean renaming </title>
- <para>In order to clarify the purpose of SELinux booleans, all settings that begin with <literal>allow</literal> will be renamed to reflect their domain. Existing policy booleans will continue to be supported. </para>
+ <title>SELinux boolean renaming</title>
+ <para>In order to clarify the purpose of SELinux booleans, all settings that begin with <literal>allow</literal> will be renamed to reflect their domain. Existing policy booleans will continue to be supported.</para>
</section><section>
- <title>SELinux Systemd Access Control </title>
+ <title>SELinux Systemd Access Control</title>
<para>Support has been added to <package>systemd</package> to check unit files against SELinux settings before allowing a process to start or stop the service.</para>
</section><section>
- <title>System calls restricted </title>
- <para>The <package>libseccomp</package> library is now available, which provides applications with an easy way to reduce the potential damage of exploits by leveraging kernel syscall filters. Virtual machines benefit from this as <application>QEMU/KVM</application> now uses <package>libseccomp</package>. </para>
+ <title>System calls restricted</title>
+ <para>The <package>libseccomp</package> library is now available, which provides applications with an easy way to reduce the potential damage of exploits by using kernel syscall filters. Virtual machines benefit from this as <application>QEMU/KVM</application> now uses <package>libseccomp</package>.</para>
</section><section>
<title>usermode</title>
@@ -46,11 +46,11 @@
</section>
<section>
<title><productname>Kerberos</productname> credentials moved and improved </title>
- <para> Fedora 18 changes the standard location of <productname>Kerberos</productname> credential caches to <filename>/run/user/$UID</filename> in order to increase security and simplify locating the caches for NFSv4. Fedora's <productname>Kerberos</productname> support will now allow users to maintain credentials for multiple identities and for the <function>GSSAPI</function> client code to automatically select credentials based on the target service and hostname. </para>
+ <para>Fedora 18 changes the standard location of <productname>Kerberos</productname> credential caches to <filename>/run/user/$UID</filename> in order to increase security and simplify locating the caches for NFSv4. Fedora's <productname>Kerberos</productname> support will now allow users to maintain credentials for multiple identities and for the <function>GSSAPI</function> client code to automatically select credentials based on the target service and hostname.</para>
</section><section>
- <title>halt, poweroff, reboot Configuration Moved </title>
- <para> The ability to use <literal>halt(8)</literal>, <literal>poweroff(8)</literal> and <literal>reboot(8)</literal> commands by unprivileged users is now controlled using <package>polkit</package>. See the actions in <filename>/usr/share/polkit-1/actions/org.freedesktop.login1.policy</filename>. The PAM configuration files in <filename>/etc/pam.d/{halt,poweroff,reboot}</filename> are no longer used and their content, if any, is ignored. </para>
+ <title><command>halt</command>, <command>poweroff</command>, and <command>reboot</command> Configuration Moved</title>
+ <para>The ability to use <filename>halt(8)</filename>, <filename>poweroff(8)</filename> and <filename>reboot(8)</filename> commands by unprivileged users is now controlled using <package>polkit</package>. See the actions in <filename>/usr/share/polkit-1/actions/org.freedesktop.login1.policy</filename>. The PAM configuration files in <filename>/etc/pam.d/{halt,poweroff,reboot}</filename> are no longer used and their content, if any, is ignored.</para>
</section>
</section>
More information about the docs-commits
mailing list