Documentation TODO

From SELinux Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 14:08, 17 June 2008 (edit)
JamesMorris (Talk | contribs)

← Previous diff
Revision as of 11:26, 23 June 2008 (edit) (undo)
DanWalsh (Talk | contribs)

Next diff →
Line 6: Line 6:
* Write a HOWTO for how to iteratively generate policy using audit2allow and permissive domains. * Write a HOWTO for how to iteratively generate policy using audit2allow and permissive domains.
* A brief high-level user-oriented overview of SELinux which people can use to understand what SELinux does, how it's part of a defense in depth approach, the value it provides and what is involved in using it effectively (e.g. set expectations of benefit/cost). * A brief high-level user-oriented overview of SELinux which people can use to understand what SELinux does, how it's part of a defense in depth approach, the value it provides and what is involved in using it effectively (e.g. set expectations of benefit/cost).
 +* Update FC5 FAQ
 +* Translate danwalsh.livejounal.com in to a beginner user guide
 +* Document all major policy domains, apache, samba, bind, ftp ... Basically man httpd_selinux, What are the types/booleans available for a particular domain, and how do I assign them
 +* Document the use of the mount command for overriding file context.
 +* Describe Leaked File Descriptors
 +* Describe Audit2allow and how it can just Fix the machine
 +* Document Network Labeling
 +* Document Confined Users

Revision as of 11:26, 23 June 2008

  • How to upgrade a system from a previously SELinux-disabled system (e.g. how to ensure any restored data like /home is correctly labeled)
  • Update and organize the Fedora SELinux FAQ.
  • Explain how and when to use semanage fcontext, port, login and user.
  • Explain how to interpret an AVC message and how to get additional information via SYSCALL audit, including how to add a simple syscall audit filter to enable collection of PATH information.
  • Write a HOWTO for writing simple policy modules.
  • Write a HOWTO for how to iteratively generate policy using audit2allow and permissive domains.
  • A brief high-level user-oriented overview of SELinux which people can use to understand what SELinux does, how it's part of a defense in depth approach, the value it provides and what is involved in using it effectively (e.g. set expectations of benefit/cost).
  • Update FC5 FAQ
  • Translate danwalsh.livejounal.com in to a beginner user guide
  • Document all major policy domains, apache, samba, bind, ftp ... Basically man httpd_selinux, What are the types/booleans available for a particular domain, and how do I assign them
  • Document the use of the mount command for overriding file context.
  • Describe Leaked File Descriptors
  • Describe Audit2allow and how it can just Fix the machine
  • Document Network Labeling
  • Document Confined Users
Personal tools