Date: Fri, 3 Jun 2005 15:08:56 GMT From: Andrew Reisse <areisse@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 77928 for review Message-ID: <200506031508.j53F8uCX057938@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=77928 Change 77928 by areisse@areisse_tislabs on 2005/06/03 15:08:40 SEBSD documentation updates: Version numbers and path names. Affected files ... .. //depot/projects/trustedbsd/sebsd/SEBSD-Installation.txt#3 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/SEBSD-Installation.txt#3 (text+ko) ==== @@ -72,10 +72,12 @@ 4. Inspect the SEBSD policy. The system comes pre-installed with a sample policy, but local changes might be required. The policy source is located in /etc/security/sebsd/policy and the compiled - (binary) version is installed in /etc/security/sebsd/policy.bin by + (binary) version is installed in /etc/security/sebsd/policy/policy.bin by default. Only the binary version is loaded by the SEBSD module at boot time. An alternate location for the binary policy file may be - specified at the boot loader or in /boot/loader.conf. + specified at the boot loader or in /boot/loader.conf. The boot loader + uses a symbolic link "policy.bin" in the same directory as policy.17, + in case a different policy file version is necessary. Since SEBSD uses the same policy language as SELinux, the SELinux report titled, "Configuring the SELinux Policy", (available at the @@ -89,7 +91,7 @@ loaded into the kernel. The /sbin/sebsd_loadpolicy program can be used instead of a reboot: - /sbin/sebsd_loadpolicy /etc/security/sebsd/policy.bin + /sbin/sebsd_loadpolicy /etc/security/sebsd/policy/policy.bin Note that policy.bin is installed by default as a symlink to another file. If you plan to generate your own policy file then you might
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200506031508.j53F8uCX057938>