Review selinux SOP
Signed-off-by: Michal Konečný <mkonecny@redhat.com>
This commit is contained in:
Michal Konečný
parent
c24a05ee10
commit
2c1be00843
2 changed files with 10 additions and 20 deletions
|
|
@ -97,7 +97,7 @@
|
|||
** xref:resultsdb.adoc[ResultsDB - SOP]
|
||||
** xref:retrace.adoc[Retrace - SOP]
|
||||
** xref:scmadmin.adoc[SCM Admin - SOP]
|
||||
** xref:selinux.adoc[selinux - SOP in review ]
|
||||
** xref:selinux.adoc[SELinux Infrastructure - SOP]
|
||||
** xref:sigul-upgrade.adoc[sigul-upgrade - SOP in review ]
|
||||
** xref:simple_koji_ci.adoc[simple_koji_ci - SOP in review ]
|
||||
** xref:sshaccess.adoc[sshaccess - SOP in review ]
|
||||
|
|
|
|||
|
|
@ -7,24 +7,15 @@ an unfathomable rate, and is full of custom software that needs to be
|
|||
locked down. The goal of this SOP is to make it simple to track down and
|
||||
fix SELinux policy related issues within Fedora's Infrastructure.
|
||||
|
||||
Fully deploying SELinux is still an ongoing task, and can be tracked in
|
||||
fedora-infrastructure [45]ticket #230.
|
||||
|
||||
== Contents
|
||||
|
||||
[arabic]
|
||||
. Contact Information
|
||||
. Step One: Realizing you have a problem
|
||||
. Step Two: Tracking down the violation
|
||||
. Step Three: Fixing the violation
|
||||
|
||||
____
|
||||
[arabic]
|
||||
. Allowing ports
|
||||
. Toggling an SELinux boolean
|
||||
. Setting custom context
|
||||
. Deploying custom policy modules
|
||||
____
|
||||
* <<_contact_information>>
|
||||
* <<_step_one_realizing_you_have_a_problem>>
|
||||
* <<_step_two_tracking_down_the_violation>>
|
||||
* <<_step_three_fixing_the_violation>>
|
||||
** <<_toggling_an_selinux_boolean>>
|
||||
** <<_setting_custom_context>>
|
||||
** <<_fixing_odd_errors_from_the_logs>>
|
||||
|
||||
== Contact Information
|
||||
|
||||
|
|
@ -72,7 +63,6 @@ properly configured, this can be changed to 'include selinux-enforcing'
|
|||
to enable SELinux Enforcing mode.
|
||||
|
||||
[NOTE]
|
||||
.Note
|
||||
====
|
||||
Most services have $service_selinux manpages that are automatically
|
||||
generated from policy.
|
||||
|
|
@ -80,8 +70,8 @@ generated from policy.
|
|||
|
||||
=== Toggling an SELinux boolean
|
||||
|
||||
SELinux booleans, which can be viewed by running [.title-ref]#semanage
|
||||
boolean -l#, can easily be configured using the following syntax within
|
||||
SELinux booleans, which can be viewed by running `semanage boolean -l`,
|
||||
can easily be configured using the following syntax within
|
||||
your ansible configuration.:
|
||||
|
||||
....
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue