[deployment-guide/comm-rel: 91/727] Updated the /etc/sysconfig/selinux section.
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 12:31:48 UTC 2010
commit 30e9343020d44a88fbefbf8ba5716788847ffb53
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Wed Jul 21 14:31:52 2010 +0200
Updated the /etc/sysconfig/selinux section.
en-US/The_sysconfig_Directory.xml | 22 +++++++++++++++++++++-
1 files changed, 21 insertions(+), 1 deletions(-)
---
diff --git a/en-US/The_sysconfig_Directory.xml b/en-US/The_sysconfig_Directory.xml
index bc62ec0..8ede634 100644
--- a/en-US/The_sysconfig_Directory.xml
+++ b/en-US/The_sysconfig_Directory.xml
@@ -839,8 +839,28 @@
<secondary><filename>/etc/sysconfig/selinux</filename></secondary>
</indexterm>
<para>
- The <filename>/etc/sysconfig/selinux</filename> file contains the basic configuration options for SELinux. This file is a symbolic link to <filename>/etc/selinux/config</filename>.
+ The <filename>/etc/sysconfig/selinux</filename> file contains the basic configuration options for SELinux. It is a symbolic link to <filename>/etc/selinux/config</filename>, and by default, it contains the following options:
</para>
+ <variablelist>
+ <varlistentry>
+ <term><option>SELINUX=<replaceable>value</replaceable></option></term>
+ <listitem>
+ <para>
+ The security policy. The <replaceable>value </replaceable> can be either <option>enforcing</option> (the security policy is always enforced), <option>permissive</option> (instead of enforcing the policy, appropriate warnings are displayed), or <option>disabled</option> (no policy is used). For example:
+ </para>
+ <screen>SELINUX=enforcing</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>SELINUXTYPE=<replaceable>value</replaceable></option></term>
+ <listitem>
+ <para>
+ The protection type. The <replaceable>value</replaceable> can be either <option>targeted</option> (the targeted processes are protected), or <option>mls</option> (the Multi Level Security protection). For example:
+ </para>
+ <screen>SELINUXTYPE=targeted</screen>
+ </listitem>
+ </varlistentry>
+ </variablelist>
</section>
<section id="s2-sysconfig-sendmail">
<title><filename>/etc/sysconfig/sendmail</filename></title>
More information about the docs-commits
mailing list