|
|
| (6 intermediate revisions by one other user not shown) |
| Line 1: |
Line 1: |
| = Information Plan =
| | This page has moved to https://fedorahosted.org/managing-confined-services/wiki/InformationPlan |
|
| |
|
| * [http://www.redhat.com/search?q=selinux&site=redhat_kbase&asp_charset=ISO-8859-1&filter=0&client=kbase&proxystylesheet=kbase&lr=lang_en Existing Red Hat Knowledgebase articles.]
| | [[Category:SELinux docs]] |
| | |
| == Purpose of the documentation ==
| |
| | |
| Provide administrators with a guide that details how to work with and manage confined services in Fedora 11. Documentation will cover:
| |
| | |
| * brief introduction to SELinux.
| |
| * performing system administration tasks without turning SELinux off.
| |
| * troubleshoot issues (include Red Hat Bugzilla and permissive domains).
| |
| * allow administrators to manage SELinux without employing someone else to do so.
| |
| | |
| == Audience ==
| |
| | |
| System administrators.
| |
| | |
| | |
| == Audience goals ==
| |
| | |
| Perform system administration tasks without turning SELinux off:
| |
| | |
| * share files via Samba, FTP, NFS, and HTTP.
| |
| * share files between multiple services.
| |
| * manage BIND (for example, accept zone updates).
| |
| * label files so that services can access them (semanage fcontext).
| |
| * customize the ports services listen on (semanage port -a).
| |
| * use non-default directories to store files for services.
| |
| | |
| == Table of Contents ideas ==
| |
| | |
| {{{
| |
| 1. Introduction
| |
| | |
| - brief introduction to SELinux.
| |
| - brief introduction to confined and unconfined services.
| |
| | |
| 2. Apache HTTP Server
| |
| - what httpd is and does.
| |
| 2.1 The Apache HTTP Server and SELinux
| |
| - explain default behavior:
| |
| * ports to listen on (http_port_t).
| |
| * files/directories httpd can and cannot access.
| |
| 2.2. Types
| |
| - how to list them.
| |
| - defined types.
| |
| - how to change them and when to change them (chcon, semanage).
| |
| | |
| 2.3. Booleans
| |
| - how to list httpd related Booleans.
| |
| - describe each Boolean.
| |
| - getsebool and setsebool.
| |
| | |
| 2.4. Configuration examples
| |
| - see man pages.
| |
| - non-default directories for services.
| |
| - customized port numbers.
| |
| - sharing files.
| |
| | |
| Repeat #2 for Samba, FTP, NFS, BIND, etc...
| |
| | |
| X. Troubleshooting
| |
| }}}
| |
