nspawn,man: use a common vocabulary when referring to selinux security contexts

Let's always call the security labels the same way: SMACK: "Smack Label" SELINUX: "SELinux Security Context" And the low-level encapsulation is called "seclabel". Now let's hope we stick to this vocabulary in future, too, and don't mix "label"s and "security contexts" and so on wildly.
author: Lennart Poettering <lennart@poettering.net> 2014-02-10 12:32:03 +0100
committer: Lennart Poettering <lennart@poettering.net> 2014-02-10 13:18:16 +0100
commit: 82adf6af7c72b852449346835f33184a841b4796 (patch)
tree: 0dd1c4c6dcdd9760df65300e15bd3b53b5aad553 /man/systemd-nspawn.xml
parent: 0d3f7bb3a5bc6d5c0712f88a080fed388981bca3 (diff)
1 files changed, 12 insertions, 12 deletions
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index c95a7c0e9a..96ccc5cef7 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -249,23 +249,23 @@
                         </varlistentry>
 
                         <varlistentry>
-                                <term><option>-L</option></term>
-                                <term><option>--apifs-label=</option></term>
+                                <term><option>-Z</option></term>
+                                <term><option>--selinux-context=</option></term>
 
-                                <listitem><para>Sets the mandatory
-                                access control (MAC/SELinux) file
-                                label to be used by virtual API file
-                                systems in the container.</para>
+                                <listitem><para>Sets the SELinux
+                                security context to be used to label
+                                processes in the container.</para>
                                 </listitem>
                         </varlistentry>
 
                         <varlistentry>
-                                <term><option>-Z</option></term>
-                                <term><option>--process-label=</option></term>
+                                <term><option>-L</option></term>
+                                <term><option>--selinux-apifs-context=</option></term>
 
-                                <listitem><para>Sets the mandatory
-                                access control (MAC/SELinux) label to be used by
-                                processes in the container.</para>
+                                <listitem><para>Sets the SELinux security
+                                context to be used to label files in
+                                the virtual API file systems in the
+                                container.</para>
                                 </listitem>
                         </varlistentry>
 
@@ -495,7 +495,7 @@
                 <programlisting># chcon system_u:object_r:svirt_sandbox_file_t:s0:c0,c1 -R /srv/container
 # systemd-nspawn -L system_u:object_r:svirt_sandbox_file_t:s0:c0,c1 -Z system_u:system_r:svirt_lxc_net_t:s0:c0,c1 -D /srv/container /bin/sh</programlisting>
 
-                <para>This runs a container with SELinux sandbox labels.</para>
+                <para>This runs a container with SELinux sandbox security contexts.</para>
         </refsect1>
 
         <refsect1>
author	Lennart Poettering <lennart@poettering.net>	2014-02-10 12:32:03 +0100
committer	Lennart Poettering <lennart@poettering.net>	2014-02-10 13:18:16 +0100
commit	82adf6af7c72b852449346835f33184a841b4796 (patch)
tree	0dd1c4c6dcdd9760df65300e15bd3b53b5aad553 /man/systemd-nspawn.xml
parent	0d3f7bb3a5bc6d5c0712f88a080fed388981bca3 (diff)