From Fedora Project Wiki
< Design
No edit summary |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= Current UI = | |||
Flat navigation between the following tabs: | |||
* [[Design/SELinuxConfig#Status | Status]] | |||
* [[Design/SELinuxConfig#Boolean | Boolean]] | |||
* [[Design/SELinuxConfig#File_Labeling | File Labeling]] | |||
* [[Design/SELinuxConfig#User_Mapping | User Mapping]] | |||
* [[Design/SELinuxConfig#SELinux_User | SELinux User]] | |||
* [[Design/SELinuxConfig#Translation | Translation]] | |||
* [[Design/SELinuxConfig#Network_Port | Network Port]] | |||
* [[Design/SELinuxConfig#Policy_Module | Policy Module]] | |||
* [[Design/SELinuxConfig#Process_Domain | Process Domain]] | |||
== Screenshots == | |||
=== Status === | |||
[[Image:sysconfig-selinux-screenshot-status.png]] | |||
=== Boolean === | |||
[[Image:sysconfig-selinux-screenshot-boolean.png]] | |||
=== File Labeling === | |||
[[Image:sysconfig-selinux-screenshot-filelabels.png]] | |||
=== User Mapping === | |||
[[Image:sysconfig-selinux-screenshot-usermapping.png]] | |||
=== SELinux User=== | |||
[[Image:sysconfig-selinux-screenshot-selinuxuser.png]] | |||
=== Translation === | |||
[[Image:sysconfig-selinux-screenshot-translation.png]] | |||
=== Network Port === | |||
[[Image:sysconfig-selinux-screenshot-networkports.png]] | |||
=== Policy Module === | |||
[[Image:sysconfig-selinux-screenshot-policymods.png]] | |||
=== Process Domain === | |||
[[Image:sysconfig-selinux-screenshot-procdoms.png]] | |||
= Mockup Proposal 1 = | = Mockup Proposal 1 = | ||
| Line 49: | Line 91: | ||
=== Processes === | === Processes === | ||
Issues: | |||
* It's not actually displaying all process domains but a rough guess at them. | |||
* Domains which are defined as permissive in a policy module not name <domain>_Permissive will be displayed as enforcing. | |||
The idea of permissive domains is to turn SELinux off for some things but not everything. | |||
[[Image:sysconfig-selinux-procs.png]] | [[Image:sysconfig-selinux-procs.png]] | ||
= Mockup Proposal 2 = | = Mockup Proposal 2 = | ||
Keep the tabs flat as they are today, integrating the two user-related tabs, but make the tabs go straight across. | Keep the tabs flat as they are today, integrating the two user-related tabs, but make the tabs go straight across. | ||
Revision as of 14:56, 17 July 2009
Current UI
Flat navigation between the following tabs:
- Status
- Boolean
- File Labeling
- User Mapping
- SELinux User
- Translation
- Network Port
- Policy Module
- Process Domain
Screenshots
Status
Boolean
File Labeling
User Mapping
SELinux User
Translation
Network Port
Policy Module
Process Domain
Mockup Proposal 1
Gist of the changes - split the tabs into two main sections - SELinux configuration, and SELinux managed objects:
- SELinux Configuration:
- current enforcing mode / default enforcing mode / policy provider / current policy (advanced)
- policy modules
- booleans
- security levels
- SELinux Managed Objects:
- files
- users (integration of selinux users & user mappings)
- network ports
- processes
Mockup source: Media:sysconfig-selinux-mocks1_source.svg
SELinux Configuration
General
Policy Modules
File:Sysconfig-selinux-policymods.png (in progress)
Booleans
File:Sysconfig-selinux-bools.png (in progress)
Security Levels
File:Sysconfig-selinux-seclevels.png (in progress)
SELinux Managed Objects
Files
Users
Network Ports
Processes
Issues:
- It's not actually displaying all process domains but a rough guess at them.
- Domains which are defined as permissive in a policy module not name <domain>_Permissive will be displayed as enforcing.
The idea of permissive domains is to turn SELinux off for some things but not everything.
Mockup Proposal 2
Keep the tabs flat as they are today, integrating the two user-related tabs, but make the tabs go straight across.