Vincent Danjean wrote: ... > But if selinux is installed by default on all system, then I really > thing > that a basic documentation for Debian administrators (I mean people > managing machines with the Debian distribution on it, not admin of > official Debian machines) MUST be provided.
+1 ... > > Best regards, > Vincent > Oh, and talking about man pages, it looks like there's only documentation about the commands and such but nothing else (like an intro) [1]. I know some basic stuff about SELinux, and I still consider shipping the packages by disabled and by default *and* without any pointer to a nice introduction is useless. I do agree that there are changes that need people to be educated first, but one can not just provide the stuff by default without any special reference to them an expect people to adopt and use them. Cheers, Raphael Geissert [1] $ apropos selinux avc_add_callback (3) - additional event notification for SELinux userspace object managers. avc_audit (3) - obtain and audit SELinux access decisions. avc_av_stats (3) - obtain userspace SELinux AVC statistics. avc_cache_stats (3) - obtain userspace SELinux AVC statistics. avc_cleanup (3) - userspace SELinux AVC setup and teardown. avc_compute_create (3) - obtain SELinux label for new object. avc_compute_member (3) - obtain SELinux label for new object. avc_context_to_sid (3) - obtain and manipulate SELinux security ID's. avc_destroy (3) - userspace SELinux AVC setup and teardown. avc_entry_ref_init (3) - obtain and audit SELinux access decisions. avc_get_initial_context (3) - obtain and manipulate SELinux security ID's. avc_has_perm (3) - obtain and audit SELinux access decisions. avc_has_perm_noaudit (3) - obtain and audit SELinux access decisions. avc_init (3) - userspace SELinux AVC setup and teardown. avc_reset (3) - userspace SELinux AVC setup and teardown. avc_sid_stats (3) - obtain userspace SELinux AVC statistics. avc_sid_to_context (3) - obtain and manipulate SELinux security ID's. checkPasswdAccess (3) - query the SELinux policy database in the kernel. context_free (3) - Routines to manipulate SELinux security contexts context_new (3) - Routines to manipulate SELinux security contexts context_range_get (3) - Routines to manipulate SELinux security contexts context_range_set (3) - Routines to manipulate SELinux security contexts context_role_get (3) - Routines to manipulate SELinux security contexts context_role_set (3) - Routines to manipulate SELinux security contexts context_type_get (3) - Routines to manipulate SELinux security contexts context_type_set (3) - Routines to manipulate SELinux security contexts context_user_get (3) - Routines to manipulate SELinux security contexts context_user_set (3) - Routines to manipulate SELinux security contexts freecon (3) - free memory associated with SELinux security contexts. freeconary (3) - free memory associated with SELinux security contexts. fsetfilecon (3) - set SELinux security context of a file get_default_context (3) - determine SELinux context(s) for user sessions get_default_context_with_level (3) - determine SELinux context(s) for user sessions get_default_context_with_role (3) - determine SELinux context(s) for user sessions get_default_context_with_rolelevel (3) - determine SELinux context(s) for user sessions get_ordered_context_list (3) - determine SELinux context(s) for user sessions get_ordered_context_list_with_level (3) - determine SELinux context(s) for user sessions getcon (3) - get SELinux security context of a process. getexeccon (3) - get or set the SELinux security context used for executing a new process. getfilecon (3) - get SELinux security context of a file getfscreatecon (3) - get or set the SELinux security context used for creating a new file system object. getpeercon (3) - get SELinux security context of a process. getpidcon (3) - get SELinux security context of a process. getprevcon (3) - get SELinux security context of a process. getseuserbyname (3) - get SELinux username and level for a given Linux username is_context_customizable (3) - check whether SELinux context type is customizable by the administrator. is_selinux_enabled (3) - check whether SELinux is enabled lsetfilecon (3) - set SELinux security context of a file manual_user_enter_context (3) - determine SELinux context(s) for user sessions matchmediacon (3) - get the default SELinux security context for the specified mediatype from the policy. matchpathcon (3) - get the default SELinux security context for the specified path from the file contexts... pam_selinux (8) - PAM module to set the default security context pam_sepermit (8) - PAM module to allow/deny login depending on SELinux enforcement state query_user_context (3) - determine SELinux context(s) for user sessions rpm_execcon (3) - get or set the SELinux security context used for executing a new process. security_av_perm_to_string (3) - convert between SELinux class and permission values and string names. security_av_string (3) - convert between SELinux class and permission values and string names. security_check_context (3) - check the validity of a SELinux context security_class_to_string (3) - convert between SELinux class and permission values and string names. security_commit_booleans (3) - routines for manipulating SELinux boolean values security_compute_av (3) - query the SELinux policy database in the kernel. security_compute_create (3) - query the SELinux policy database in the kernel. security_compute_member (3) - query the SELinux policy database in the kernel. security_compute_relabel (3) - query the SELinux policy database in the kernel. security_compute_user (3) - query the SELinux policy database in the kernel. security_get_boolean_active (3) - routines for manipulating SELinux boolean values security_get_boolean_names (3) - routines for manipulating SELinux boolean values security_get_boolean_pending (3) - routines for manipulating SELinux boolean values security_get_initial_context (3) - query the SELinux policy database in the kernel. security_getenforce (3) - get or set the enforcing state of SELinux security_load_booleans (3) - routines for manipulating SELinux boolean values security_load_policy (3) - load a new SELinux policy security_policyvers (3) - get the version of the SELinux policy security_set_boolean (3) - routines for manipulating SELinux boolean values security_setenforce (3) - get or set the enforcing state of SELinux selabel_close (3) - userspace SELinux labeling interface. selabel_lookup (3) - obtain SELinux security context from a string label. selabel_open (3) - userspace SELinux labeling interface. selabel_stats (3) - obtain SELinux labeling statistics. selinux_binary_policy_path (3) - These functions return the paths to the active SELinux policy configuration ... selinux_booleans_path (3) - These functions return the paths to the active SELinux policy configuration direc... selinux_check_securetty_context (3) - check whether a SELinux tty security context is defined as a securetty ... selinux_contexts_path (3) - These functions return the paths to the active SELinux policy configuration direc... selinux_default_context_path (3) - These functions return the paths to the active SELinux policy configuratio... selinux_failsafe_context_path (3) - These functions return the paths to the active SELinux policy configurati... selinux_file_context_path (3) - These functions return the paths to the active SELinux policy configuration d... selinux_getenforcemode (3) - get the enforcing state of SELinux selinux_media_context_path (3) - These functions return the paths to the active SELinux policy configuration ... selinux_policy_root (3) - return the path of the SELinux policy files for this machine. selinux_removable_context_path (3) - These functions return the paths to the active SELinux policy configurat... selinux_securetty_types_path (3) - These functions return the paths to the active SELinux policy configuratio... selinux_set_callback (3) - userspace SELinux callback facilities. selinux_user_contexts_path (3) - These functions return the paths to the active SELinux policy configuration ... set_matchpathcon_printf (3) - get the default SELinux security context for the specified path from the file c... setcon (3) - get SELinux security context of a process. setexeccon (3) - get or set the SELinux security context used for executing a new process. setfilecon (3) - set SELinux security context of a file setfscreatecon (3) - get or set the SELinux security context used for creating a new file system object. sidget (3) - obtain and manipulate SELinux security ID's. sidput (3) - obtain and manipulate SELinux security ID's. string_to_av_perm (3) - convert between SELinux class and permission values and string names. string_to_security_class (3) - convert between SELinux class and permission values and string names -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
