From: Todd C. Miller Date: Sun, 17 Feb 2008 13:04:45 +0000 (+0000) Subject: document role and type defaults for SELinux X-Git-Tag: SUDO_1_7_0~190 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=229b231461b3727452503ae2e2f908c68986320a;p=sudo document role and type defaults for SELinux --- diff --git a/sudoers.pod b/sudoers.pod index dd5babc1c..def8c4f5b 100644 --- a/sudoers.pod +++ b/sudoers.pod @@ -869,6 +869,13 @@ two consecutive C<%> characters are collapsed into a single C<%> character The default value is C<@passprompt@>. +=item role + +The default SELinux role to use when constructing a new security +context to run the command. The default role may be overridden on +a per-command basis in I or via command line options. +This option is only available whe B is built with SELinux support. + =item runas_default The default user to run commands as if the B<-u> flag is not specified @@ -896,6 +903,13 @@ The default is F<@timedir@>. The owner of the timestamp directory and the timestamps stored therein. The default is C. +=item type + +The default SELinux type to use when constructing a new security +context to run the command. The default type may be overridden on +a per-command basis in I or via command line options. +This option is only available whe B is built with SELinux support. + =back B: