Description of problem: User should easily find all tools for selinux with following commands: $ apropos selinux $ man -k selinux I can't find in listing basic commands, for example "chcon" which is very important for changing security context of folders/files. How reproducible: always
apropos selinux 'security context' finds many more, but as you'll see the relevant man pages are not restricted to coreutils ones. In fact, a large proportion seem to come from libselinux-devel. chcon (1) - change security context context_free [context_new] (3) - Routines to manipulate SELinux security contexts context_new (3) - Routines to manipulate SELinux security contexts context_range_get [context_new] (3) - Routines to manipulate SELinux security contexts context_range_set [context_new] (3) - Routines to manipulate SELinux security contexts context_role_get [context_new] (3) - Routines to manipulate SELinux security contexts context_role_set [context_new] (3) - Routines to manipulate SELinux security contexts context_str [context_new] (3) - Routines to manipulate SELinux security contexts context_type_get [context_new] (3) - Routines to manipulate SELinux security contexts context_type_set [context_new] (3) - Routines to manipulate SELinux security contexts context_user_get [context_new] (3) - Routines to manipulate SELinux security contexts context_user_set [context_new] (3) - Routines to manipulate SELinux security contexts fgetfilecon [getfilecon] (3) - get SE Linux security context of a file fixfiles (8) - fix file security contexts freecon (3) - free memory associated with SE Linux security contexts freeconary [freecon] (3) - free memory associated with SE Linux security contexts fsetfilecon [setfilecon] (3) - set SE Linux security context of a file getcon (3) - get SE Linux security context of a process getexeccon (3) - get or set the SE Linux security context used for executing a new process getfilecon (3) - get SE Linux security context of a file getfscreatecon (3) - get or set the SE Linux security context used for creating a new file system object getpeercon [getcon] (3) - get security context of a peer socket getpidcon [getcon] (3) - get SE Linux security context of a process getprevcon [getcon] (3) - get SE Linux security context of a process lgetfilecon [getfilecon] (3) - get SE Linux security context of a file lsetfilecon [setfilecon] (3) - set SE Linux security context of a file matchmediacon (3) - get the default security context for the specified mediatype from the policy matchpathcon (3) - get the default security context for the specified path from the file contexts configuration matchpathcon (8) - get the default security context for the specified path from the file contexts configuration pam_selinux (8) - PAM module to set the default security context restorecon (8) - set file security contexts rpm_execcon [getexeccon] (3) - run a helper for rpm in an appropriate security context runcon (1) - run command with specified security context sepol_check_context (3) - Check the validity of a security context against a binary policy setcon [getcon] (3) - set current security context of a process setexeccon [getexeccon] (3) - get or set the SE Linux security context used for executing a new process setfilecon (3) - set SE Linux security context of a file setfiles (8) - set file security contexts setfscreatecon [getfscreatecon] (3) - get or set the SE Linux security context used for creating a new file system object
Fixed in libselinux-1.33.4-2.el5 policycoreutils-1.33.12-2 man -k selinux | wc now shows 157 versus 79 before update. chcon still requires change to coreutils. I have a fix for that if we want to get it into RHEL5. Already checked fix into devel
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Since this bugzilla is in a component that is not approved for the current release, it has been closed with resolution deferred. You may reopen this bugzilla for consideration in the next release.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0310.html