mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-23 22:42:06 +00:00
setfiles: Update utilities for the new digest scheme
Update restorecon_xattr and man pages for new digest scheme managed by selinux_restorecon(3). Note that the Russian man pages require updating. Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
This commit is contained in:
parent
e016502c0a
commit
526534e304
@ -100,7 +100,7 @@ section for further details.
|
||||
.B \-D
|
||||
Set or update any directory SHA1 digests. Use this option to
|
||||
enable usage of the
|
||||
.IR security.restorecon_last
|
||||
.IR security.sehash
|
||||
extended attribute.
|
||||
.TP
|
||||
.B \-m
|
||||
@ -184,10 +184,10 @@ option to
|
||||
.B restorecon
|
||||
will cause it to store a SHA1 digest of the default specfiles set in an extended
|
||||
attribute named
|
||||
.IR security.restorecon_last
|
||||
on the directory specified in each
|
||||
.IR security.sehash
|
||||
on each directory specified in
|
||||
.IR pathname \ ...
|
||||
once the relabeling has been completed successfully. This digest will be
|
||||
once the relabeling has been completed successfully. These digests will be
|
||||
checked should
|
||||
.B restorecon
|
||||
.B \-D
|
||||
@ -204,7 +204,7 @@ option will ignore the SHA1 digest from each directory specified in
|
||||
and provided the
|
||||
.B \-n
|
||||
option is NOT set and recursive mode is set, files will be relabeled as
|
||||
required with the digest then being updated provided there are no errors.
|
||||
required with the digests then being updated provided there are no errors.
|
||||
|
||||
.SH "AUTHOR"
|
||||
This man page was written by Dan Walsh <dwalsh@redhat.com>.
|
||||
|
@ -1,7 +1,7 @@
|
||||
.TH "restorecon_xattr" "8" "24 Sept 2016" "" "SELinux User Command"
|
||||
.SH "NAME"
|
||||
restorecon_xattr \- manage
|
||||
.I security.restorecon_last
|
||||
.I security.sehash
|
||||
extended attribute entries added by
|
||||
.BR setfiles (8)
|
||||
or
|
||||
@ -24,7 +24,7 @@ or
|
||||
.SH "DESCRIPTION"
|
||||
.B restorecon_xattr
|
||||
will display the SHA1 digests added to extended attributes
|
||||
.I security.restorecon_last
|
||||
.I security.sehash
|
||||
or delete the attribute completely. These attributes are set by
|
||||
.BR restorecon (8)
|
||||
or
|
||||
@ -43,7 +43,7 @@ from.
|
||||
and
|
||||
.B TMPFS
|
||||
filesystems do not support the
|
||||
.I security.restorecon_last
|
||||
.I security.sehash
|
||||
extended attribute and are automatically excluded from searches.
|
||||
.sp
|
||||
By default
|
||||
@ -62,12 +62,12 @@ option.
|
||||
.TP
|
||||
.B \-d
|
||||
delete all non-matching
|
||||
.I security.restorecon_last
|
||||
.I security.sehash
|
||||
directory digest entries.
|
||||
.TP
|
||||
.B \-D
|
||||
delete all
|
||||
.I security.restorecon_last
|
||||
.I security.sehash
|
||||
directory digest entries.
|
||||
.TP
|
||||
.B \-m
|
||||
@ -87,7 +87,10 @@ Do not append "Match" or "No Match" to displayed digests.
|
||||
recursively descend directories.
|
||||
.TP
|
||||
.B \-v
|
||||
display SHA1 digest generated by specfile set.
|
||||
display SHA1 digest generated by specfile set (Note that this digest is not
|
||||
used to match the
|
||||
.I security.sehash
|
||||
directory digest entries, and is shown for reference only).
|
||||
.TP
|
||||
.B \-e
|
||||
.I directory
|
||||
@ -101,11 +104,6 @@ an optional
|
||||
.I specfile
|
||||
containing file context entries as described in
|
||||
.BR file_contexts (5).
|
||||
This will be used by
|
||||
.BR selabel_open (3)
|
||||
to retrieve the set of labeling entries, with the SHA1 digest being
|
||||
retrieved by
|
||||
.BR selabel_digest (3).
|
||||
If the option is not specified, then the default file_contexts will be used.
|
||||
|
||||
.SH "ARGUMENTS"
|
||||
|
@ -27,7 +27,7 @@ static __attribute__((__noreturn__)) void usage(const char *progname)
|
||||
"-D Delete all digest entries.\n\t"
|
||||
"-e Directory to exclude (repeat option for more than one directory).\n\t"
|
||||
"-f Optional specfile for calculating the digest.\n\t"
|
||||
"pathname Path to search for xattr \"security.restorecon_last\" entries.\n\n",
|
||||
"pathname Path to search for xattr \"security.sehash\" entries.\n\n",
|
||||
progname);
|
||||
exit(-1);
|
||||
}
|
||||
|
@ -90,7 +90,7 @@ section for further details.
|
||||
.B \-D
|
||||
Set or update any directory SHA1 digests. Use this option to
|
||||
enable usage of the
|
||||
.IR security.restorecon_last
|
||||
.IR security.sehash
|
||||
extended attribute.
|
||||
.TP
|
||||
.B \-l
|
||||
@ -228,10 +228,10 @@ option to
|
||||
will cause it to store a SHA1 digest of the
|
||||
.B spec_file
|
||||
set in an extended attribute named
|
||||
.IR security.restorecon_last
|
||||
on the directory specified in each
|
||||
.IR security.sehash
|
||||
on each directory specified in
|
||||
.IR pathname \ ...
|
||||
once the relabeling has been completed successfully. This digest will be
|
||||
once the relabeling has been completed successfully. These digests will be
|
||||
checked should
|
||||
.B setfiles
|
||||
.B \-D
|
||||
@ -250,7 +250,7 @@ option will ignore the SHA1 digest from each directory specified in
|
||||
.IR pathname \ ...
|
||||
and provided the
|
||||
.B \-n
|
||||
option is NOT set, files will be relabeled as required with the digest then
|
||||
option is NOT set, files will be relabeled as required with the digests then
|
||||
being updated provided there are no errors.
|
||||
|
||||
.SH "AUTHOR"
|
||||
|
Loading…
Reference in New Issue
Block a user