diff options
author | Michal Sekletar <msekleta@redhat.com> | 2014-07-24 10:40:28 +0200 |
---|---|---|
committer | Michal Sekletar <msekleta@redhat.com> | 2014-08-19 18:57:12 +0200 |
commit | cf8bd44339b00330fdbc91041d6731ba8aba9fec (patch) | |
tree | 50131a58cdb8e65adc849c0971ff832ec208d6ec /man | |
parent | 6c3e68e7c1adc6176526e69769bf2eba86cdd257 (diff) |
socket: introduce SELinuxLabelViaNet option
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_label derived from xinetd.
Reviewed-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'man')
-rw-r--r-- | man/systemd.socket.xml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml index 4483905832..f376f725c9 100644 --- a/man/systemd.socket.xml +++ b/man/systemd.socket.xml @@ -676,6 +676,17 @@ </varlistentry> <varlistentry> + <term><varname>SELinuxLabelViaNet=</varname></term> + <listitem><para>Takes a boolean + value. Controls whether systemd attempts to figure out + SELinux label used for instantiated service from + information handed by peer over the + network. Configuration option has effect only + on sockets with <literal>Accept=</literal> + mode set to <literal>yes</literal>.</para></listitem> + </varlistentry> + + <varlistentry> <term><varname>PipeSize=</varname></term> <listitem><para>Takes a size in bytes. Controls the pipe buffer size |