PERFORCE change 77928 for review
Andrew Reisse
areisse at FreeBSD.org
Fri Jun 3 15:08:56 GMT 2005
http://perforce.freebsd.org/chv.cgi?CH=77928
Change 77928 by areisse at areisse_tislabs on 2005/06/03 15:08:40
SEBSD documentation updates: Version numbers and path names.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/SEBSD-Installation.txt#3 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/SEBSD-Installation.txt#3 (text+ko) ====
@@ -72,10 +72,12 @@
4. Inspect the SEBSD policy. The system comes pre-installed with a
sample policy, but local changes might be required. The policy
source is located in /etc/security/sebsd/policy and the compiled
- (binary) version is installed in /etc/security/sebsd/policy.bin by
+ (binary) version is installed in /etc/security/sebsd/policy/policy.bin by
default. Only the binary version is loaded by the SEBSD module at
boot time. An alternate location for the binary policy file may be
- specified at the boot loader or in /boot/loader.conf.
+ specified at the boot loader or in /boot/loader.conf. The boot loader
+ uses a symbolic link "policy.bin" in the same directory as policy.17,
+ in case a different policy file version is necessary.
Since SEBSD uses the same policy language as SELinux, the SELinux
report titled, "Configuring the SELinux Policy", (available at the
@@ -89,7 +91,7 @@
loaded into the kernel. The /sbin/sebsd_loadpolicy program can be
used instead of a reboot:
- /sbin/sebsd_loadpolicy /etc/security/sebsd/policy.bin
+ /sbin/sebsd_loadpolicy /etc/security/sebsd/policy/policy.bin
Note that policy.bin is installed by default as a symlink to another
file. If you plan to generate your own policy file then you might
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list