diff options
| author |   Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-12-04 19:45:20 +0100 |
|---|---|---|
| committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-12-04 19:45:20 +0100 |
| commit | cb87afe7517de4f757b4123e4e865dd9aa07c66c (patch) | |
| tree | 470c3aa60ab0b8b940e34922866ae515e6bed03a /doc | |
| parent | Allow chromium to create xdg_* directories (diff) | |
| download | hardened-refpolicy-cb87afe7517de4f757b4123e4e865dd9aa07c66c.tar.gz hardened-refpolicy-cb87afe7517de4f757b4123e4e865dd9aa07c66c.tar.bz2 hardened-refpolicy-cb87afe7517de4f757b4123e4e865dd9aa07c66c.zip | |
Include documentation for generated tunables
When tunables are generated through a template, their documentation is not added
to the XML file that is parsed by "semanage boolean". As the current method for
obtaining the information is not M4-aware, we cannot get the information from
the policy sources themselves.
As a result, we now add in a gentoo_tunables.xml file that contains static
declarations of the booleans.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/gentoo_tunables.xml | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/doc/gentoo_tunables.xml b/doc/gentoo_tunables.xml new file mode 100644 index 000000000..ad262200e --- /dev/null +++ b/doc/gentoo_tunables.xml @@ -0,0 +1,56 @@ +<tunable name="mozilla_read_generic_user_content" dftval="true"> +<desc> +<p> +Allow mozilla to read generic user content (i.e. content that is not specific to an application). +</p> +</desc> +</tunable> +<tunable name="mozilla_read_all_user_content" dftval="false"> +<desc> +<p> +Allow mozilla to read all user content (including content that is specific to an application, such as the configuration files of other applications in the users home directory). +</p> +</desc> +</tunable> +<tunable name="mozilla_manage_generic_user_content" dftval="false"> +<desc> +<p> +Allow mozilla to manage generic user content (i.e. content that is not specific to an application). +</p> +</desc> +</tunable> +<tunable name="mozilla_manage_all_user_content" dftval="false"> +<desc> +<p> +Allow mozilla to manage all user content (including content that is specific to an application, such as the configuration files of other applications in the users home directory). +</p> +</desc> +</tunable> +<tunable name="chromium_read_generic_user_content" dftval="true"> +<desc> +<p> +Allow chromium to read generic user content (i.e. content that is not specific to an application). +</p> +</desc> +</tunable> +<tunable name="chromium_read_all_user_content" dftval="false"> +<desc> +<p> +Allow chromium to read all user content (including content that is specific to an application, such as the configuration files of other applications in the users home directory). +</p> +</desc> +</tunable> +<tunable name="chromium_manage_generic_user_content" dftval="false"> +<desc> +<p> +Allow chromium to manage generic user content (i.e. content that is not specific to an application). +</p> +</desc> +</tunable> +<tunable name="chromium_manage_all_user_content" dftval="false"> +<desc> +<p> +Allow chromium to manage all user content (including content that is specific to an application, such as the configuration files of other applications in the users home directory). +</p> +</desc> +</tunable> |