[deployment-guide/comm-rel: 91/727] Updated the /etc/sysconfig/selinux section.

Jaromir Hradilek jhradile at fedoraproject.org
Tue Oct 19 12:31:48 UTC 2010 

commit 30e9343020d44a88fbefbf8ba5716788847ffb53
Author: Jaromir Hradilek <jhradile at redhat.com>
Date:   Wed Jul 21 14:31:52 2010 +0200

    Updated the /etc/sysconfig/selinux section.

 en-US/The_sysconfig_Directory.xml |   22 +++++++++++++++++++++-
 1 files changed, 21 insertions(+), 1 deletions(-)
---
diff --git a/en-US/The_sysconfig_Directory.xml b/en-US/The_sysconfig_Directory.xml
index bc62ec0..8ede634 100644
--- a/en-US/The_sysconfig_Directory.xml
+++ b/en-US/The_sysconfig_Directory.xml
@@ -839,8 +839,28 @@
         <secondary><filename>/etc/sysconfig/selinux</filename></secondary>
       </indexterm>
       <para>
-        The <filename>/etc/sysconfig/selinux</filename> file contains the basic configuration options for SELinux. This file is a symbolic link to <filename>/etc/selinux/config</filename>.
+        The <filename>/etc/sysconfig/selinux</filename> file contains the basic configuration options for SELinux. It is a symbolic link to <filename>/etc/selinux/config</filename>, and by default, it contains the following options:
       </para>
+      <variablelist>
+        <varlistentry>
+          <term><option>SELINUX=<replaceable>value</replaceable></option></term>
+          <listitem>
+            <para>
+              The security policy. The <replaceable>value </replaceable> can be either <option>enforcing</option> (the security policy is always enforced), <option>permissive</option> (instead of enforcing the policy, appropriate warnings are displayed), or <option>disabled</option> (no policy is used). For example:
+            </para>
+            <screen>SELINUX=enforcing</screen>
+          </listitem>
+        </varlistentry>
+        <varlistentry>
+          <term><option>SELINUXTYPE=<replaceable>value</replaceable></option></term>
+          <listitem>
+            <para>
+              The protection type. The <replaceable>value</replaceable> can be either <option>targeted</option> (the targeted processes are protected), or <option>mls</option> (the Multi Level Security protection). For example:
+            </para>
+            <screen>SELINUXTYPE=targeted</screen>
+          </listitem>
+        </varlistentry>
+      </variablelist>
     </section>
     <section id="s2-sysconfig-sendmail">
       <title><filename>/etc/sysconfig/sendmail</filename></title>

More information about the docs-commits mailing list