Docs/Drafts/SELinux User Guide/Previous TOC Ideas

What the Documentation Covers (in no particular order, and subject to change)
From the current SELinux documentation todo list:
 * Draft table of contents.
 * "Explain how to interpret an AVC message and how to get additional information via SYSCALL audit, including how to add a simple syscall audit filter to enable collection of PATH information".
 * Document Confined Users".
 * "Update FC5 FAQ".
 * "Document the use of the mount command for overriding file context".
 * "Describe Audit2allow and how it can just Fix the machine".
 * "Update and organize the Fedora SELinux FAQ".

- Previous TOC Ideas (06:19:50 PM) hatty: Hi, I get this in my log audit(1216043069.444:37): avc: denied { search } for  pid=726 comm="busybox" name="", what is the meaning of name="" ?
 * Basic access control concepts.
 * SELinux concepts:
 * Domains and Types.
 * Contexts.
 * Targets/Processes/Files.
 * How do I find out if SELinux is enabled on my system?
 * Confined and unconfined processes.
 * Main files:  and.
 * How to correctly disable SELinux (not sure if we want this ;) )
 * Maintaining correct labels:
 * View labels using
 * Copying Vs moving files.
 * Using user_home_t files on other machines, such as a user moving their  file to another machine.
 * Relabeling an entire file system.
 * Possible problems caused from running in permissive mode, such as having permissions to mislabel files.
 * mislabeled files, relabeled but still problems,  (Dans journal).
 * Red Hat Enterprise Linux 5 Deployment Guide: End User Control of SELinux.
 * SELinux and virtualization (relabeling images if images are not in ).
 * Logging:
 * Are SELinux denials taking up too much space? This came from #selinux.
 * Amount of denials in permissive mode Vs enforcing mode.
 * Searching for specific denials (from #selinux, ).
 * Where are the log files kept? (, , etc. Basic explanation of which one will be used).
 * Basic interpretation of SELinux denials, and where to get help, (maybe mail ). From #selinux:

"(08:58:22 PM) domg472: anyways hatty consider this: target objects can be any objects, object arent just file object but there also other kimds of object that may not carry a name for example ports interfaces or the ojects of subject ( process objects )"
 * Controlling system daemons with booleans:
 * , ; how to find information about booleans listed from getsebool.
 * Common items people want to change.
 * Installing and upgrading SELinux packages.
 * Upgrade problems if you start from a non-SELinux labeled file system?
 * Missing SELinux users
 * Not running X :, run  , .
 * Confining Users
 * .
 * .
 * Mounting:
 * Do mount points need to be ?

Commands: getsebool -a setsebool -P sestatus -v restorecon fixfiles newrole