Bug 733039 - There is no selinux man page for ABRT
Summary: There is no selinux man page for ABRT
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.2
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-08-24 14:55 UTC by Miroslav Grepl
Modified: 2012-10-16 12:32 UTC (History)
2 users (show)

Fixed In Version: selinux-policy-3.7.19-109.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-12-06 10:13:28 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1511 normal SHIPPED_LIVE selinux-policy bug fix and enhancement update 2011-12-06 00:39:17 UTC

Description Miroslav Grepl 2011-08-24 14:55:27 UTC
Description of problem:

The ABRT event script support was added to selinux-policy using the abrt_handle_event boolean which is not documented.

Comment 1 Miroslav Grepl 2011-08-24 14:56:03 UTC
How about:


abrt_selinux(8)        ABRT SELinux Policy documentation       abrt_selinux(8)

NAME
       abrt_selinux - Security-Enhanced Linux Policy for the ABRT daemon

DESCRIPTION
       Security-Enhanced Linux (SELinux) secures the squid server via flexible mandatory access control.

SHARING FILES
       If   you  want  to share files with multiple domains (Apache, FTP, rsync, Samba, ABRT), you can set a file context
       of public_content_t and public_content_rw_t. These context allow any of the above domains to read the content.  If
       you  want   a   particular   domain  to  write  to  the  public_content_rw_t  domain, you must set the appropriate
       boolean. DOMAIN_anon_write.  So for ABRT you would execute:

       setsebool -P abrt_anon_write 1

BOOLEANS
       If  you  want  to allow ABRT to run ABRT event scripts properly, you need to set the abrt_handle_event boolean on.
       Then an event script will run in the own SELinux domain.

       setsebool -P abrt_handle_event 1

       Note  that you can also use the system-config-selinux utility that allows you to customize SELinux policy settings
       in the graphical user interface.

AUTHOR
       This manual page was written by Miroslav Grepl <mgrepl@redhat.com>.

Comment 2 Miroslav Grepl 2011-08-29 06:20:01 UTC
-Security-Enhanced Linux (SELinux) secures the squid server via flexible
mandatory access control.
+Security-Enhanced Linux (SELinux) secures the ABRT server via flexible
mandatory access control.

Comment 3 Miroslav Grepl 2011-08-31 20:01:08 UTC
Fixed in selinux-policy-3.7.19-109.el6

Comment 6 errata-xmlrpc 2011-12-06 10:13:28 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1511.html


Note You need to log in before you can comment on or make changes to this bug.