From patchwork Mon Apr 20 11:47:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 11498697 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6448213B2 for ; Mon, 20 Apr 2020 11:47:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4C32F21744 for ; Mon, 20 Apr 2020 11:47:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=googlemail.com header.i=@googlemail.com header.b="DnvsrCzK" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726209AbgDTLrV (ORCPT ); Mon, 20 Apr 2020 07:47:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52486 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1726091AbgDTLrU (ORCPT ); Mon, 20 Apr 2020 07:47:20 -0400 Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com [IPv6:2a00:1450:4864:20::343]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6B2E6C061A0C for ; Mon, 20 Apr 2020 04:47:20 -0700 (PDT) Received: by mail-wm1-x343.google.com with SMTP id h2so10640797wmb.4 for ; Mon, 20 Apr 2020 04:47:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=1ktnTUMLK2Cu+FYu192KLoC7OTLTp2NsKgjLT1rzfHA=; b=DnvsrCzKsPcoqzan2pWOmpib5M6T7F7lGfLjh12g6ElEU9a01IyrjuSJtALjoNhvKt N5bv/u7PPw8haCVhfEUAILAIeUxCSJLpOW9iHXLWPtnqjskS9/VeFE9a/SlCDSgo81al zUCPGsiEw4yxX0LvMWVUW3RfF1HsR+zny8tNrKpfHHD7Ch4QQdvU34qrPrT8wNZrGUVv B+QNSnJ83mi1ULnLt3gQjyRKlUjmW8jocIQPpiO6B3j+a9l04loULQRPY7ZBRXeJ2Rek AjegomYkY6G7Kz+AYSyvMrhnwhGZ32vc4kC8rvXyhQC5cDlHznrwt7WerMp8kp+zSPyv muig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=1ktnTUMLK2Cu+FYu192KLoC7OTLTp2NsKgjLT1rzfHA=; b=eW3P8jhD1sSldtnFfuVRrN30OctssinwqYyIV6Yn8TEmjrxHcAMsKIbI19ps5013dz Rme3UWpDMPY5WppCeJy+LmpYJZ6TqtKOKHBPGfjGpGUowdTiH7dPFbE/3CcgnnouOgUF 69i3vumAoXH7dVvezrA8b/kKF33eACveNtAQ/8RU8zqRUzelEjDxTW5pWMQ/Zz20eX2Q xIUvslq7kRjgINAp42cJ+LzzF2p83cE1HkRLwEvbJnn/rqQsWb8KwoX6OY7ct7TW1EQk 5AMxEtftMjrySuTyleIxjtEu2ZyxgOK56/QWtUpMAz3aTNgnhC5NWTawY27AbnqTC7FL Tf8g== X-Gm-Message-State: AGi0PuaDxFpj+rJ842EIZpqd/j4ScAln6Glw6ZwhBz1pPzze6z9tgHSf Q6Nim5Dvir1Me5+S4WeNi2Uo1X2F X-Google-Smtp-Source: APiQypL1qVDY9pTwb0TW/WVt/XnKS2b1UT7X730hAdFlU9O2dS4Ijg2DC1EJU213qCFBPLzRnwvphw== X-Received: by 2002:a1c:6389:: with SMTP id x131mr18178566wmb.155.1587383238856; Mon, 20 Apr 2020 04:47:18 -0700 (PDT) Received: from debianHome.localdomain (x4d063804.dyn.telefonica.de. [77.6.56.4]) by smtp.gmail.com with ESMTPSA id l9sm871448wrq.83.2020.04.20.04.47.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Apr 2020 04:47:18 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 1/2] libsemanage: clarify handle-unkown configuration setting in man page Date: Mon, 20 Apr 2020 13:47:11 +0200 Message-Id: <20200420114712.19160-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.26.1 MIME-Version: 1.0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche Acked-by: Nicolas Iooss --- libsemanage/man/man5/semanage.conf.5 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5 index 8efc7dd5..7d6f2fef 100644 --- a/libsemanage/man/man5/semanage.conf.5 +++ b/libsemanage/man/man5/semanage.conf.5 @@ -95,8 +95,8 @@ to this option set to "false"). .TP .B handle-unknown -This option controls the kernel behavior for handling permissions defined in the kernel but missing from the actual policy. -It can be set to "deny", "reject" or "allow". +This option overrides the kernel behavior for handling permissions defined in the kernel but missing from the actual policy. +It can be set to "deny", "reject" or "allow". By default the setting from the policy is taken. .TP .B bzip-blocksize From patchwork Mon Apr 20 11:47:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 11498699 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5778E13B2 for ; Mon, 20 Apr 2020 11:47:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3F97321744 for ; Mon, 20 Apr 2020 11:47:22 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=googlemail.com header.i=@googlemail.com header.b="ipoxeU1l" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726307AbgDTLrW (ORCPT ); Mon, 20 Apr 2020 07:47:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52488 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S1726091AbgDTLrV (ORCPT ); Mon, 20 Apr 2020 07:47:21 -0400 Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4D7BAC061A0C for ; Mon, 20 Apr 2020 04:47:21 -0700 (PDT) Received: by mail-wm1-x341.google.com with SMTP id u16so2382027wmc.5 for ; Mon, 20 Apr 2020 04:47:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=+nfRorOyWGkI5IxFjebiAQ9muMypM+ha5q0S7Bmrq3Y=; b=ipoxeU1lRNmgp+G6OExBiPlizimrdZe+R2BgQ++eyEAm2P5u1QRM6xNE0zFURQrwf7 DJ5RFNvuPZySiyqYF022JJ+d2P2MohWSgpL2CfLcOKBmYf5LlxygEtk84bRDSitm++if dtwjDHyGH2eMI0Pq+jogJwwelmSdv5zWFqSQSP/iFqeUzA/ZfhWgN6OC4iQHzfUtGqo2 mjEbx1WMQrNbNuYjTzxGynZhS1Ns7TbIJQQOoDYFBfkKb3o6nyVTJzbCDmJFyMRPY1Ue jZ90IitCengNLr3SkVMsNPRSCa5AFlUg79eNKIRSHNE5o8m5YuCFQ5ZGnPFXfgwnNZUj xUDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+nfRorOyWGkI5IxFjebiAQ9muMypM+ha5q0S7Bmrq3Y=; b=CjIRZdISbduRilUEvG/u6L19Kkau/aBF4MOItO/3kXElBv+kwosfszFNzl2cDCgUqn UVLFWLhvAZRKgy0uMi/1VwkQ/yKOEDEDQK17WmBTUQxwsG9RQ4cRpY47W5lmhOUbXexk m8b8ft2dOV98pGZCzKIPWbaE04iDQO7jw/YBp+KWB7g6DPhTtVKYTtXQyAQSJEqUoMGL MbPLilUXlTAjagG64UxrjBcIsiqtyXow6aNfh5eR6MCXm8gt4Bj888T7m500ueEuJg9P Iam9kq63BtRBMgOURlPvNce4+YpsBzcvnSSMWXbt4KjQY3BRdzxT9bjvuVM4/c2WnYEF 3g7w== X-Gm-Message-State: AGi0PuYV681lV1jyPCD1W9EXTrpO96zCAJE/le6Tq6H0uprpDRWwvnJE Jt4cnfzL/nVVikIrzm2PSTYzTuw2 X-Google-Smtp-Source: APiQypKqlP8toWXL7vYo2IvYqrWZzWg1b853PAHzCdom2NpkEpVT8FGCy71ocAWhx7Bk52pNcS9G4g== X-Received: by 2002:a1c:5fc4:: with SMTP id t187mr18230947wmb.181.1587383239731; Mon, 20 Apr 2020 04:47:19 -0700 (PDT) Received: from debianHome.localdomain (x4d063804.dyn.telefonica.de. [77.6.56.4]) by smtp.gmail.com with ESMTPSA id l9sm871448wrq.83.2020.04.20.04.47.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Apr 2020 04:47:19 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 2/2] semodule: mention ignoredirs setting in genhomedircon man page Date: Mon, 20 Apr 2020 13:47:12 +0200 Message-Id: <20200420114712.19160-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.26.1 In-Reply-To: <20200420114712.19160-1-cgzones@googlemail.com> References: <20200420114712.19160-1-cgzones@googlemail.com> MIME-Version: 1.0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche --- policycoreutils/semodule/genhomedircon.8 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/policycoreutils/semodule/genhomedircon.8 b/policycoreutils/semodule/genhomedircon.8 index 2a3315b5..ecab7ba3 100644 --- a/policycoreutils/semodule/genhomedircon.8 +++ b/policycoreutils/semodule/genhomedircon.8 @@ -16,6 +16,9 @@ This script is usually executed by although this default behavior can be optionally modified by setting to "true" the "disable-genhomedircon" in /etc/selinux/semanage.conf. +Directories can be excluded from the list of home directories by the setting "ignoredirs" +in /etc/selinux/semanage.conf. + .SH AUTHOR This manual page was written by .I Dan Walsh