Hello, as those commands were not documented in info documentation, I wrote basic info documentation for runcon and chcon command (and related SELinux context menu section). It is completely based on man documentation, I would say just the first step to have them documented. Patch is in attachement.
Greetings,
Ondřej Vašík
From 0b46a52b8f94fcbf145e0def84174cadd06bc4d2 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= <[EMAIL PROTECTED]>
Date: Mon, 6 Oct 2008 14:18:53 +0200
Subject: [PATCH] Coreutils.texi: Document runcon and chcon in SELinux context section
* coreutils.texi: Document commands runcon and chcon,
add SELinux context section
---
doc/coreutils.texi | 177 +++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 176 insertions(+), 1 deletions(-)
diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 67da740..48976ee 100644
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -32,7 +32,6 @@
@c * [: (coreutils)[ invocation. File/string tests.
@c * pinky: (coreutils)pinky invocation. FIXME.
@c * mktemp: (coreutils)mktemp invocation. FIXME.
[EMAIL PROTECTED] * chcon: (coreutils)chcon invocation. FIXME.
@dircategory Individual utilities
@direntry
@@ -40,6 +39,7 @@
* base64: (coreutils)base64 invocation. Base64 encode/decode data.
* basename: (coreutils)basename invocation. Strip directory and suffix.
* cat: (coreutils)cat invocation. Concatenate and write files.
+* chcon: (coreutils)chcon invocation. Change SELinux CTX of files.
* chgrp: (coreutils)chgrp invocation. Change file groups.
* chmod: (coreutils)chmod invocation. Change file permissions.
* chown: (coreutils)chown invocation. Change file owners/groups.
@@ -95,6 +95,7 @@
* readlink: (coreutils)readlink invocation. Print referent of a symlink.
* rm: (coreutils)rm invocation. Remove files.
* rmdir: (coreutils)rmdir invocation. Remove empty directories.
+* runcon: (coreutils)runcon invocation. Run file in specif. SELinux CTX.
* seq: (coreutils)seq invocation. Print numeric sequences
* sha1sum: (coreutils)sha1sum invocation. Print or check SHA-1 digests.
* sha2: (coreutils)sha2 utilities. Print or check SHA-2 digests.
@@ -194,6 +195,7 @@ Free Documentation License''.
* Working context:: pwd stty printenv tty
* User information:: id logname whoami groups users who
* System context:: date uname hostname hostid uptime
+* SELinux context:: chcon runcon
* Modified command invocation:: chroot env nice nohup su timeout
* Process control:: kill
* Delaying:: sleep
@@ -421,6 +423,10 @@ System context
* Date input formats:: Specifying date strings.
* Examples of date:: Examples.
+SELinux context
+* chcon invocation:: Change SELinux context of file
+* runcon invocation:: Run file in specified SELinux context
+
Modified command invocation
* chroot invocation:: Run a command with a different root directory
@@ -12882,6 +12888,175 @@ information.
* uptime invocation:: Print system uptime and load
@end menu
[EMAIL PROTECTED] SELinux context
[EMAIL PROTECTED] SELinux context
+
[EMAIL PROTECTED] SELinux context
[EMAIL PROTECTED] SELinux, context
[EMAIL PROTECTED] commands for SELinux context
+
+This section describes commands for operations with SELinux
+contexts.
+
[EMAIL PROTECTED]
+* chcon invocation:: Change SELinux context of file
+* runcon invocation:: Run file in specified SELinux context
[EMAIL PROTECTED] menu
+
[EMAIL PROTECTED] chcon invocation
[EMAIL PROTECTED] @command{chcon}: Change SELinux context of file.
+
[EMAIL PROTECTED] chcon
[EMAIL PROTECTED] changing security context
[EMAIL PROTECTED] change SELinux context
+
+
[EMAIL PROTECTED] changes SELinux security context of the file.
+Synopses:
+
[EMAIL PROTECTED]
+chcon [EMAIL PROTECTED]@dots{} CONTEXT @[EMAIL PROTECTED]
+chcon [EMAIL PROTECTED]@dots{} [-u USER] [-r ROLE] [-l RANGE] [-t TYPE] @[EMAIL PROTECTED]
+chcon [EMAIL PROTECTED]@dots{} --reference=RFILE @[EMAIL PROTECTED]
[EMAIL PROTECTED] smallexample
+
+Change the SELinux security context of each FILE to CONTEXT. With
+--reference, change the security context of each FILE to that of RFILE.
+
+The program accepts the following options. Also see @ref{Common options}.
+
[EMAIL PROTECTED] @samp
+
[EMAIL PROTECTED] -h
[EMAIL PROTECTED] --no-dereference
[EMAIL PROTECTED] -h
[EMAIL PROTECTED] --no-dereference
[EMAIL PROTECTED] no dereference
+Affect symbolic links instead of any referenced file
+
[EMAIL PROTECTED] --reference=RFILE
[EMAIL PROTECTED] --reference
[EMAIL PROTECTED] reference file
+Use RFILE’s security context rather than specifying a CONTEXT
+value
+
[EMAIL PROTECTED] -R
[EMAIL PROTECTED] --recursive
[EMAIL PROTECTED] -R
[EMAIL PROTECTED] --recursive
+Operate on files and directories recursively.
+
+Following options to modify how a hierarchy is traversed could also
+be specified. If more than one is specified, only the final one takes
+effect.
[EMAIL PROTECTED] @samp
[EMAIL PROTECTED] -H
+if a command line argument is a symbolic link to a directory,
+traverse it
[EMAIL PROTECTED] -L
+traverse every symbolic link to a directory encountered
[EMAIL PROTECTED] -P
+do not traverse any symbolic links (default)
[EMAIL PROTECTED] table
+
[EMAIL PROTECTED] -v
[EMAIL PROTECTED] --verbose
[EMAIL PROTECTED] -v
[EMAIL PROTECTED] --verbose
[EMAIL PROTECTED] diagnostic
+Output a diagnostic for every file processed
+
[EMAIL PROTECTED] -u USER
[EMAIL PROTECTED] --user=USER
[EMAIL PROTECTED] -u
[EMAIL PROTECTED] --user
+Set user USER in the target security context
+
[EMAIL PROTECTED] -r ROLE
[EMAIL PROTECTED] --role=ROLE
[EMAIL PROTECTED] -r
[EMAIL PROTECTED] --role
+Set role ROLE in the target security context
+
[EMAIL PROTECTED] -t TYPE
[EMAIL PROTECTED] --type=type
[EMAIL PROTECTED] -t
[EMAIL PROTECTED] --type
+Set type TYPE in the target security context
+
[EMAIL PROTECTED] -l RANGE
[EMAIL PROTECTED] --range=RANGE
[EMAIL PROTECTED] -l
[EMAIL PROTECTED] --range
+Set range RANGE in the target security context
+
[EMAIL PROTECTED] table
+
[EMAIL PROTECTED]
+
[EMAIL PROTECTED] runcon invocation
[EMAIL PROTECTED] @command{runcon}: Run file in specified SELinux context
+
[EMAIL PROTECTED] runcon
[EMAIL PROTECTED] run with security context
+
+
[EMAIL PROTECTED] runs file in specified SELinux security context.
+
+Synopses:
[EMAIL PROTECTED]
+runcon CONTEXT COMMAND [args]
+runcon [ -c ] [-u USER] [-r ROLE] [-t TYPE] [-l RANGE] COMMAND [args]
[EMAIL PROTECTED] smallexample
+
+Runs COMMAND with completely-specified CONTEXT, or with
+current or transitioned security context modified by one or more of LEVEL,
+ROLE, TYPE and USER.
+
+If none of -c, -t, -u, -r, or -l, is specified, the first argument is
+used as the complete context. Any additional arguments after COMMAND
+are interpreted as arguments to the command.
+
+With neither CONTEXT nor COMMAND, print the current security context.
+
+The program accepts the following options. Also see @ref{Common options}.
+
[EMAIL PROTECTED] @samp
+
[EMAIL PROTECTED] -c
[EMAIL PROTECTED] --compute
[EMAIL PROTECTED] -c
[EMAIL PROTECTED] --compute
+Compute process transition context before modifying
+
[EMAIL PROTECTED] -u USER
[EMAIL PROTECTED] --user=USER
[EMAIL PROTECTED] -u
[EMAIL PROTECTED] --user
+Set user USER in the target security context
+
[EMAIL PROTECTED] -r ROLE
[EMAIL PROTECTED] --role=ROLE
[EMAIL PROTECTED] -r
[EMAIL PROTECTED] --role
+Set role ROLE in the target security context
+
[EMAIL PROTECTED] -t TYPE
[EMAIL PROTECTED] --type=type
[EMAIL PROTECTED] -t
[EMAIL PROTECTED] --type
+Set type TYPE in the target security context
+
[EMAIL PROTECTED] -l RANGE
[EMAIL PROTECTED] --range=RANGE
[EMAIL PROTECTED] -l
[EMAIL PROTECTED] --range
+Set range RANGE in the target security context
+
[EMAIL PROTECTED] table
+
[EMAIL PROTECTED]
+
@node date invocation
@section @command{date}: Print or set system date and time
--
1.5.6.1.156.ge903b
signature.asc
Description: Toto je digitálně podepsaná část zprávy
_______________________________________________ Bug-coreutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-coreutils
