Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

8.3.3. Manual Pages for Services

Manual pages for services contain valuable information, such as what file type to use for a given situation, and Booleans to change the access a service has (such as httpd accessing NFS volumes). This information may be in the standard manual page, or a manual page with selinux prepended or appended.
For example, the httpd_selinux(8) manual page has information about what file type to use for a given situation, as well as Booleans to allow scripts, sharing files, accessing directories inside user home directories, and so on. Other manual pages with SELinux information for services include:
  • Samba: the samba_selinux(8) manual page describes that files and directories to be exported via Samba must be labeled with the samba_share_t type, as well as Booleans to allow files labeled with types other than samba_share_t to be exported via Samba.
  • Berkeley Internet Name Domain (BIND): the named(8) manual page describes what file type to use for a given situation (see the Red Hat SELinux BIND Security Profile section). The named_selinux(8) manual page describes that, by default, named cannot write to master zone files, and to allow such access, the named_write_master_zones Boolean must be enabled.
The information in manual pages helps you configure the correct file types and Booleans, helping to prevent SELinux from denying access.