Xen project Mailing List

[Xen-changelog] [xen-unstable] xl.pod.1: improve documentation of FLASK commands

From: Xen patchbot-unstable <patchbot@xxxxxxx>

Date: Mon, 19 Dec 2011 03:00:18 +0000

Delivery-date: Mon, 19 Dec 2011 03:00:32 +0000

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> # Date 1324218903 0 # Node ID 45e4b947873e88718d46c9c180686685896f0793 # Parent 053a44894279fffcd20372a714b62df152520a6d xl.pod.1: improve documentation of FLASK commands Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> --- diff -r 053a44894279 -r 45e4b947873e docs/man/xl.pod.1 --- a/docs/man/xl.pod.1 Sun Dec 18 14:34:42 2011 +0000 +++ b/docs/man/xl.pod.1 Sun Dec 18 14:35:03 2011 +0000 @@ -197,10 +197,6 @@ be written to a distribution specific directory for dump files. Such as: /var/lib/xen/dump or /var/xen/dump. -=item B<getenforce> - -Returns the current enforcing mode of the Flask Xen security module. - =item B<help> [I<--long>] Displays the short help message (i.e. common commands). @@ -303,10 +299,6 @@ =back -=item B<loadpolicy> I<policyfile> - -Loads a new policy int the Flask Xen security module. - =item B<mem-max> I<domain-id> I<mem> Specify the maximum amount of memory the domain is able to use, appending 't' @@ -397,10 +389,6 @@ =back -=item B<setenforce> I<1|0|Enforcing|Permissive> - -Sets the current enforcing mode of the Flask Xen security module - =item B<save> [I<OPTIONS>] I<domain-id> I<CheckpointFile> [I<ConfigFile>] Saves a running domain to a state file so that it can be restored @@ -997,6 +985,28 @@ =back +=head2 FLASK + +=over 4 + +=item B<getenforce> + +Determine if the FLASK security module is loaded and enforcing its policy. + +=item B<setenforce> I<1|0|Enforcing|Permissive> + +Enable or disable enforcing of the FLASK access controls. The default is +permissive and can be changed using the flask_enforcing option on the +hypervisor's command line. + +=item B<loadpolicy> I<policy-file> + +Load FLASK policy from the given policy file. The initial policy is provided to +the hypervisor as a multiboot module; this command allows runtime updates to the +policy. Loading new security policy will reset runtime changes to device labels. + +=back + =head1 TO BE DOCUMENTED We need better documentation for: @@ -1007,10 +1017,6 @@ Trascendent Memory. -=item B<Flask> - -Xen Flask security module. - =back =head1 SEE ALSO _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.