selinux-faq/en_US selinux-faq.xml,1.2,1.3

Chad Sellers (csellers) fedora-docs-commits at redhat.com
Fri Mar 24 17:56:41 UTC 2006 

Author: csellers

Update of /cvs/docs/selinux-faq/en_US
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15666

Modified Files:
	selinux-faq.xml 
Log Message:
updated log file location for FC5 release, added targeted domains FAQ


Index: selinux-faq.xml
===================================================================
RCS file: /cvs/docs/selinux-faq/en_US/selinux-faq.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- selinux-faq.xml	22 Mar 2006 03:04:53 -0000	1.2
+++ selinux-faq.xml	24 Mar 2006 17:56:33 -0000	1.3
@@ -333,55 +333,103 @@
 	    </para>
           </answer>
         </qandaentry>
-<!-- Need to update this for FC5
         <qandaentry>
           <question>
             <para>
-              What daemons are protected by the targeted policy?
+              What programs are protected by the targeted policy?
             </para>
           </question>
           <answer>
             <para>
-              Currently, the list of daemons is:
+              Currently, the list of programs is approximately:
 	    </para>
-	    <itemizedlist>
-	      <listitem>
-		<para><command>dhcpd</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>httpd</command>
-		  (<filename>apache.te</filename>)</para>
-	      </listitem>
-	      <listitem>
-		<para><command>named</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>nscd</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>ntpd</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>portmap</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>snmpd</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>squid</command></para>
-	      </listitem>
-	      <listitem>
-		<para><command>syslogd</command></para>
-	      </listitem>
-	    </itemizedlist>
 	    <para>
-	      The policy files for these daemons are found in
-	      <filename>/etc/selinux/targeted/src/policy/domains/program</filename>. 
-	      In the future, more daemons will be added to the targeted policy
-	      protection.
-            </para>
+	      <filename>accton</filename>,
+	      <filename>amanda</filename>,
+	      <filename>httpd</filename> (apache),
+	      <filename>arpwatch</filename>,
+	      <filename>pam</filename>,
+	      <filename>automount</filename>,
+	      <filename>avahi</filename>,
+	      <filename>named</filename>,
+	      <filename>bluez</filename>,
+	      <filename>lilo</filename>,
+	      <filename>grub</filename>,
+	      <filename>canna</filename>,
+	      <filename>comsat</filename>,
+	      <filename>cpucontrol</filename>,
+	      <filename>cpuspeed</filename>,
+	      <filename>cups</filename>,
+	      <filename>cvs</filename>,
+	      <filename>cyrus</filename>,
+	      <filename>dbskkd</filename>,
+	      <filename>dbus</filename>,
+	      <filename>dhcpd</filename>,
+	      <filename>dictd</filename>,
+	      <filename>dmidecode</filename>,
+	      <filename>dovecot</filename>,
+	      <filename>fetchmail</filename>,
+	      <filename>fingerd</filename>,
+	      <filename>ftpd</filename> (vsftpd, proftpd, and muddleftpd),
+	      <filename>gpm</filename>,
+	      <filename>hald</filename>,
+	      <filename>hotplug</filename>,
+	      <filename>howl</filename>,
+	      <filename>innd</filename>,
+	      <filename>kerberos</filename>,
+	      <filename>ktalkd</filename>,
+	      <filename>openldap</filename>,
+	      <filename>auditd</filename>,
+	      <filename>syslog</filename>,
+	      <filename>logwatch</filename>,
+	      <filename>lpd</filename>,
+	      <filename>lvm</filename>,
+	      <filename>mailman</filename>,
+	      <filename>module-init-tools</filename>,
+	      <filename>mount</filename>,
+	      <filename>mysql</filename>,
+	      <filename>NetworkManager</filename>,
+	      <filename>NIS</filename>,
+	      <filename>nscd</filename>,
+	      <filename>ntp</filename>,
+	      <filename>pegasus</filename>,
+	      <filename>portmap</filename>,
+	      <filename>postfix</filename>,
+	      <filename>postgresql</filename>,
+	      <filename>pppd</filename>,
+	      <filename>pptp</filename>,
+	      <filename>privoxy</filename>,
+	      <filename>procmail</filename>,
+	      <filename>radiusd</filename>,
+	      <filename>radvd</filename>,
+	      <filename>rlogin</filename>,
+	      <filename>nfs</filename>,
+	      <filename>rsync</filename>,
+	      <filename>samba</filename>,
+	      <filename>saslauthd</filename>,
+	      <filename>snmpd</filename>,
+	      <filename>spamd</filename>,
+	      <filename>squid</filename>,
+	      <filename>stunnel</filename>,
+	      <filename>dhcpc</filename>,
+	      <filename>ifconfig</filename>,
+	      <filename>sysstat</filename>,
+	      <filename>tcp wrappers</filename>,
+	      <filename>telnetd</filename>,
+	      <filename>tftpd</filename>,
+	      <filename>updfstab</filename>,
+	      <filename>user management</filename> (passwd, useradd, etc.),
+	      <filename>crack</filename>,
+	      <filename>uucpd</filename>,
+	      <filename>vpnc</filename>,
+	      <filename>webalizer</filename>,
+	      <filename>xend</filename>,
+	      <filename>xfs</filename>,
+	      <filename>zebra</filename>
+	    </para>
           </answer>
         </qandaentry>
+<!--
         <qandaentry>
           <question>
             <para>
@@ -1099,7 +1147,7 @@
 	      additional customizations.
 	    </para>
 <screen>
-<computeroutput>audit2allow -M local -l -i /var/log/audit/audit.log
+<computeroutput>audit2allow -M local -l -i /var/log/messages
 Generating type enforcment file: local.te
 Compiling policy
 checkmodule -M -m -o local.mod local.te
@@ -1113,6 +1161,10 @@
 semodule -i local.pp</computeroutput>
 </screen>
 	    <para>
+	      Note that the above assumes you are not using the audit daemon.
+	      If you were using the audit daemon, then you should use
+	      <filename>/var/log/audit/audit.log</filename> instead of
+	      <filename>/var/log/messages</filename> as your log file.
 	      This will generate a <filename>local.te</filename> file, that
 	      looks something like the following:
 	    </para>
@@ -1475,7 +1527,9 @@
             <para>
               I get a specific permission denial only when &SEL; is in enforcing
               mode, but I don't see any audit messages in
-              <filename>/var/log/audit/audit.log</filename>.  How can I identify the
+	      <filename>/var/log/messages</filename> (or
+              <filename>/var/log/audit/audit.log</filename> if using the audit
+	      daemon).  How can I identify the
               cause of these silent denials?
             </para>
           </question>
@@ -2243,6 +2297,27 @@
 	    </itemizedlist>
 	  </answer>
 	</qandaentry>
+        <qandaentry>
+          <question>
+            <para>
+              Where are &SEL; AVC messages (denial logs, etc.) stored?
+            </para>
+          </question>
+          <answer>
+            <para>
+              In &FC; 2 and 3, SELinux AVC messages could be found in
+	      <filename>/var/log/messages</filename>.
+	      In &FC; 4, the audit daemon was added, and these messages
+	      moved to
+	      <filename>/var/log/audit/audit.log</filename>.
+	      In &FC; 5, the audit daemon is not installed by default, and
+	      consequently these messages can be found in
+	      <filename>/var/log/messages</filename> unless you choose to
+	      install the audit daemon, in which case AVC messages will be in
+	      <filename>/var/log/audit/audit.log</filename>.
+            </para>
+          </answer>
+        </qandaentry>
       </qandadiv>
       <qandadiv id="faq-div-deploying-selinux">
         <title>Deploying &SEL;</title>

More information about the Fedora-docs-commits mailing list