diff options
author | chris <chris@FreeBSD.org> | 2002-12-10 00:39:17 +0000 |
---|---|---|
committer | chris <chris@FreeBSD.org> | 2002-12-10 00:39:17 +0000 |
commit | 6b856f7a964b281332e53c7e021c2039c7f5985e (patch) | |
tree | bfe47aeea1dceadceba004421fa870848e5dc025 /share/man/man4/mac_bsdextended.4 | |
parent | 7be4041b2223c79f1324905eed85323da019ba06 (diff) | |
download | FreeBSD-src-6b856f7a964b281332e53c7e021c2039c7f5985e.zip FreeBSD-src-6b856f7a964b281332e53c7e021c2039c7f5985e.tar.gz |
Document the following MAC policies:
o None: Stub policy
o Seeotheruids: The "see processes and sockets owned by other users" policy
o Test: Debugging policy
Standardize the SYNOPSIS and HISTORY sections.
Update SEE ALSO sections.
Diffstat (limited to 'share/man/man4/mac_bsdextended.4')
-rw-r--r-- | share/man/man4/mac_bsdextended.4 | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/share/man/man4/mac_bsdextended.4 b/share/man/man4/mac_bsdextended.4 index 03bc34a..79be140 100644 --- a/share/man/man4/mac_bsdextended.4 +++ b/share/man/man4/mac_bsdextended.4 @@ -37,10 +37,21 @@ .Dt MAC_BSDEXTENDED 4 .Sh NAME .Nm mac_bsdextended -.Nd subject-object interaction rules policy +.Nd file system firewall policy .Sh SYNOPSIS -.\" .Cd options MAC_BSDEXTENDED -.Li kldload mac_bsdextended +.\" To compile the file system firewall policy into your kernel, +.\" place the following lines in your kernel configuration file: +.\" .Cd "options MAC" +.\" .Cd "options MAC_BSDEXTENDED" +.\" .Pp +.\" Alternately, to load the MLS module at boot time, place the following line +To load the file system firewall policy module at boot time, +place the following line in your kernel configuration file: +.Cd "options MAC" +.Pp +and in +.Xr loader.conf 5 : +.Cd mac_bsdextended_load= Ns \&"YES" .Sh DESCRIPTION The .Nm @@ -48,6 +59,8 @@ interface provides an interface for the system administrator to impose mandatory rules regarding users and some system objects. Rules are uploaded to the module (typically using +.Xr ugidfw 8 , +or some other tool utilizing .Xr libugidfw 3 ) where they are stored internally and used to determine whether to allow or deny specific accesses @@ -65,13 +78,19 @@ is found, or the end of the list is reached. .Sh SEE ALSO .Xr libugidfw 3 , +.Xr mac_biba 4 , +.Xr mac_mls 4 , +.Xr mac_none 4 , +.Xr mac_seeotheruids 4 , +.Xr mac_test 4 , .Xr ugidfw 8 , .Xr mac 9 .Sh HISTORY The .Nm -interface was first introduced in -.Fx 5.0 . +policy module first appeared in +.Fx 5.0 +and was developed by the TrustedBSD Project. .Sh AUTHORS This software was contributed to the .Fx |