Show Table of Contents
8.3.3. Manual Pages for Services
Manual pages for services contain valuable information, such as what file type to use for a given situation, and Booleans to change the access a service has (such as
httpd accessing NFS volumes). This information may be in the standard manual page, or a manual page with selinux prepended or appended.
For example, the httpd_selinux(8) manual page has information about what file type to use for a given situation, as well as Booleans to allow scripts, sharing files, accessing directories inside user home directories, and so on. Other manual pages with SELinux information for services include:
- Samba: the samba_selinux(8) manual page describes that files and directories to be exported via Samba must be labeled with the
samba_share_ttype, as well as Booleans to allow files labeled with types other thansamba_share_tto be exported via Samba. - Berkeley Internet Name Domain (BIND): the named(8) manual page describes what file type to use for a given situation (see the
Red Hat SELinux BIND Security Profilesection). The named_selinux(8) manual page describes that, by default,namedcannot write to master zone files, and to allow such access, thenamed_write_master_zonesBoolean must be enabled.
The information in manual pages helps you configure the correct file types and Booleans, helping to prevent SELinux from denying access.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.