getsebool -d
|
View:
New views
2 Messages
—
Rating Filter:
Alert me
|
 |
getsebool -d
by Matthew Ife-2
::
Rate this Message:
|
|
|
Re: getsebool -d
by Dominick Grift
::
Rate this Message:
On Thu, Oct 01, 2009 at 11:05:36AM +0100, Matthew Ife wrote:
> Would it be possible to add a description flag for getsebool so that it > will produce a description of a bool out to the user when they pass -d? > > One of the problems of getsebool is that it only shows you what bools > are there but not what they are supposed to do. I expect this should > make it much more straightforward for sysadmins to implement selinux on > their systems. > > Im aware that man pages do produce useful descriptions of bools however > I would think it would be much more convenient to do it this way. Also > some tunables for whatever reason might not be documented in man pages > or custom policy may not have man pages for it but it could add the bool > description in XML somewhere else. > > Additionally getsebool -a -d should produce a description for all bools > so a sysadmin can grep for keywords. [root@notebook2 ~]# semanage boolean -l | grep httpd | head -n 1 httpd_can_network_relay -> off Allow httpd to act as a relay > > How feasible would this be to do? > > -- > fedora-selinux-list mailing list > fedora-selinux-list@... > https://www.redhat.com/mailman/listinfo/fedora-selinux-list -- fedora-selinux-list mailing list fedora-selinux-list@... https://www.redhat.com/mailman/listinfo/fedora-selinux-list |
attachment0 (204 bytes) | Free embeddable forum powered by Nabble | Forum Help |
