Issue #2959: ipa help selinuxusermap - shows test2 in description but uses test1 in example - freeipa

freeipa

#2959 ipa help selinuxusermap - shows test2 in description but uses test1 in example

Closed: Fixed None Opened 12 years ago by aakkiang.

'ipa help selinuxusermap' shows test2 in the description but uses test1 in the example.

# ipa help selinuxusermap
SELinux User Mapping

Map IPA users to SELinux users by host.

Hosts, hostgroups, users and groups can be either defined within
the rule or it may point to an existing HBAC rule. When using
--hbacrule option to selinuxusermap-find an exact match is made on the
HBAC rule name, so only one or zero entries will be returned.

EXAMPLES:

Create a rule, "test1", that sets all users to xguest_u:s0 on the host "server":
ipa selinuxusermap-add --usercat=all --selinuxuser=xguest_u:s0 test1
ipa selinuxusermap-add-host --hosts=server.example.com test1

Create a rule, "test2", that sets all users to guest_u:s0 and uses an existing HBAC rule for users and hosts:
ipa selinuxusermap-add --usercat=all --hbacrule=webserver --selinuxuser=guest_u:s0 test1

Display the properties of a named HBAC rule:
ipa selinuxusermap-show test1

Create a rule for a specific user. This sets the SELinux context for
user john to unconfined_u:s0-s0:c0.c1023 on any machine:
ipa selinuxusermap-add --hostcat=all --selinuxuser=unconfined_u:s0-s0:c0.c1023 john_unconfined
ipa selinuxusermap-add-user --users=john john_unconfined

Disable a named rule:
ipa selinuxusermap-disable test1

Enable a named rule:
ipa selinuxusermap-enable test1

Find a rule referencing a specific HBAC rule:
ipa selinuxusermap-find --hbacrule=allow_some

Remove a named rule:
ipa selinuxusermap-del john_unconfined

SEEALSO:

The list controlling the order in which the SELinux user map is applied
and the default SELinux user are available in the config-show command.

Topic commands:
selinuxusermap-add Create a new SELinux User Map.
selinuxusermap-add-host Add target hosts and hostgroups to an SELinux User Map rule.
selinuxusermap-add-user Add users and groups to an SELinux User Map rule.
selinuxusermap-del Delete a SELinux User Map.
selinuxusermap-disable Disable an SELinux User Map rule.
selinuxusermap-enable Enable an SELinux User Map rule.
selinuxusermap-find Search for SELinux User Maps.
selinuxusermap-mod Modify a SELinux User Map.
selinuxusermap-remove-host Remove target hosts and hostgroups from an SELinux User Map rule.
selinuxusermap-remove-user Remove users and groups from an SELinux User Map rule.
selinuxusermap-show Display the properties of a SELinux User Map rule.

mkosek commented 12 years ago

master: da55aad

Metadata Update from @aakkiang:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 3.0 Beta 2

8 years ago

Metadata

Assignee

tbabej

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 3.0 Beta 2

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

tester

None

changelog

None

design

None

rhbz

freeipa

Source Code

#2959 ipa help selinuxusermap - shows test2 in description but uses test1 in example Closed: Fixed None Opened 12 years ago by aakkiang.

Metadata

#2959 ipa help selinuxusermap - shows test2 in description but uses test1 in example

Closed: Fixed None Opened 12 years ago by aakkiang.