[libsemanage] Add Guido Trentalancia semanage.conf man page

Daniel J Walsh dwalsh at fedoraproject.org
Mon Sep 19 11:29:56 UTC 2011 

commit 0b324a21d75af5bcd26fcb8d9cfe6ff1b2872949
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Mon Sep 19 07:29:40 2011 -0400

    Add Guido Trentalancia semanage.conf man page

 libsemanage-rhat.patch |  115 ++++++++++++++++++++++++++++++++++++++++++++++++
 libsemanage.spec       |    4 ++
 2 files changed, 119 insertions(+), 0 deletions(-)
---
diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch
index 9af62d8..744f70c 100644
--- a/libsemanage-rhat.patch
+++ b/libsemanage-rhat.patch
@@ -1,3 +1,118 @@
+diff --git a/libsemanage/man/Makefile b/libsemanage/man/Makefile
+index 8b2a2b9..ede8813 100644
+--- a/libsemanage/man/Makefile
++++ b/libsemanage/man/Makefile
+@@ -1,9 +1,11 @@
+ # Installation directories.
+ MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
++MAN5DIR ?= $(DESTDIR)/usr/share/man/man5
+ 
+ all:
+ 
+ install: all
+ 	mkdir -p $(MAN3DIR)
+ 	install -m 644 man3/*.3 $(MAN3DIR)
++	install -m 644 man5/*.5 $(MAN5DIR)
+ 
+diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5
+new file mode 100644
+index 0000000..c60bdc6
+--- /dev/null
++++ b/libsemanage/man/man5/semanage.conf.5
+@@ -0,0 +1,93 @@
++.TH semanage.conf "5" "September 2011" "semanage.conf" "Linux System Administration"
++.SH NAME
++semanage.conf \- global configuration file for the SELinux Management library
++.SH DESCRIPTION
++.PP
++The
++.BR semanage.conf
++file is usually located under the directory /etc/selinux and it is used for run-time configuration of the
++behavior of the SELinux Management library.
++
++.PP
++Each line should contain a configuration parameter followed by the equal sign ("=") and then followed by the configuration value for that
++parameter. Anything after the "#" symbol is ignored similarly to empty lines.
++
++.PP
++The following parameters are allowed:
++
++.RS
++.TP
++.B module-store 
++Specify how the SELinux Management library should interact with the SELinux policy store. When set to "direct", the SELinux
++Management library writes to the SELinux policy module store directly (this is the default setting).
++Otherwise a socket path or a server name can be used for the argument.
++If the argument begins with "/" (as in "/foo/bar"), it represents the path to a named socket that should be used to connect the policy management
++server.
++If the argument does not begin with a "/" (as in "foo.com:4242"), it should be interpreted as the name of a remote policy management server
++to be used through a TCP connection (default port is 4242 unless a different one is specified after the server name using the colon to separate
++the two fields).
++
++.TP
++.B policy-version 
++When generating the policy, by default
++.BR semanage
++will set the policy version to POLICYDB_VERSION_MAX, as defined in <sepol/policydb/policydb.h>. Change this setting if a different
++version needs to be set for the policy.
++
++.TP
++.B expand-check
++Whether or not to check "neverallow" rules when executing all
++.BR semanage
++command. It can be set to either "0" (disabled) or "1" (enabled) and by default it is enabled. There might be a large
++penalty in execution time if this option is enabled.
++
++.TP
++.B file-mode
++By default the permission mode for the run-time policy files is set to 0644.
++
++.TP
++.B save-previous
++It controls whether the previous module directory is saved after a successful commit to the policy store and it can be set to
++either "true" or "false". By default it is set to "false" (the previous version is deleted).
++
++.TP
++.B save-linked
++It controls whether the previously linked module is saved (with name "base.linked") after a successful commit to the policy store.
++It can be set to either "true" or "false" and by default it is set to "false" (the previous module is deleted).
++
++.TP
++.B usepasswd 
++Whether or not to enable the use getpwent() to obtain a list of home directories to label. It can be set to either "true" or "false".
++By default it is set to "true".
++
++.TP
++.B disable-genhomedircon
++It controls whether or not the genhomedircon function is executed when using the
++.BR semanage
++command and it can be set to either "false" or "true". By default the genhomedircon functionality is enabled (equivalent
++to this option set to "false").
++
++.TP
++.B handle-unknown
++This option controls the kernel behavior for handling permissions defined in the kernel but missing from the actual policy.
++It can be set to "deny", "reject" or "allow".
++
++.TP
++.B bzip-blocksize
++It should be in the range 0-9. A value of 0 means no compression. By default the bzip block size is set to 9 (actual block
++size value is obtained after multiplication by 100000).
++
++.TP
++.B bzip-small
++When set to "true", the bzip algorithm shall try to reduce its system memory usage. It can be set to either "true" or "false" and
++by default it is set to "false".
++
++.SH "SEE ALSO"
++.TP
++semanage(8)
++.PP
++
++.SH AUTHOR
++This manual page was written by Guido Trentalancia <guido at trentalancia.com>.
++
++The SELinux management library was written by Tresys Technology LLC and Red Hat Inc.
 diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
 index 847d87e..2870fa8 100644
 --- a/libsemanage/src/genhomedircon.c
diff --git a/libsemanage.spec b/libsemanage.spec
index 4e3e2bb..71d4b3a 100644
--- a/libsemanage.spec
+++ b/libsemanage.spec
@@ -164,6 +164,7 @@ rm -rf ${RPM_BUILD_ROOT}
 %dir %{_includedir}/semanage
 %{_includedir}/semanage/*.h
 %{_mandir}/man3/*
+%{_mandir}/man5/*
 
 %files python
 %defattr(-,root,root)
@@ -179,6 +180,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %endif # if with_python3
 
 %changelog
+* Mon Sep 19 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.4-2
+-    Add Guido Trentalancia semanage.conf man page
+
 * Mon Sep 19 2011 Dan Walsh <dwalsh at redhat.com> - 2.1.4-1
 -Update to upstream
 	* Create a new preserve_tunables flag

More information about the scm-commits mailing list