From SELinux Wiki
(Difference between revisions)
|Revision as of 04:25, 30 June 2008 (edit)
JamesMorris (Talk | contribs)
← Previous diff
|Revision as of 17:59, 30 June 2008 (edit) (undo)
DaveQuigley (Talk | contribs)
Next diff →
|Line 15:||Line 15:|
|* Document Confined Users||* Document Confined Users|
|* Document HOWTO write setroubleshoot plugins||* Document HOWTO write setroubleshoot plugins|
|+||* Explain least privilege and how you can consider it and SELinux during application development.|
|+||* Document some common tasks performed with apol that might be useful to users.|
Revision as of 17:59, 30 June 2008
- How to upgrade a system from a previously SELinux-disabled system (e.g. how to ensure any restored data like /home is correctly labeled)
- Update and organize the Fedora SELinux FAQ.
- Explain how and when to use semanage fcontext, port, login and user.
- Explain how to interpret an AVC message and how to get additional information via SYSCALL audit, including how to add a simple syscall audit filter to enable collection of PATH information.
- Write a HOWTO for writing simple policy modules.
- Write a HOWTO for how to iteratively generate policy using audit2allow and permissive domains.
- A brief high-level user-oriented overview of SELinux which people can use to understand what SELinux does, how it's part of a defense in depth approach, the value it provides and what is involved in using it effectively (e.g. set expectations of benefit/cost).
- Update FC5 FAQ
- Translate danwalsh.livejounal.com in to a beginner user guide
- Document all major policy domains, apache, samba, bind, ftp ... Basically man httpd_selinux, What are the types/booleans available for a particular domain, and how do I assign them
- Document the use of the mount command for overriding file context.
- Describe Leaked File Descriptors
- Describe Audit2allow and how it can just Fix the machine
- Document Network Labeling
- Document Confined Users
- Document HOWTO write setroubleshoot plugins
- Explain least privilege and how you can consider it and SELinux during application development.
- Document some common tasks performed with apol that might be useful to users.