From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-commits+bounces-383367-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1R5Hkf-0008Mt-VZ
	for garchives@archives.gentoo.org; Sun, 18 Sep 2011 13:49:46 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 062F221C0C5;
	Sun, 18 Sep 2011 13:49:36 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id BD63721C0C5
	for <gentoo-commits@lists.gentoo.org>; Sun, 18 Sep 2011 13:49:36 +0000 (UTC)
Received: from pelican.gentoo.org (unknown [66.219.59.40])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 323A61B4010
	for <gentoo-commits@lists.gentoo.org>; Sun, 18 Sep 2011 13:49:36 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by pelican.gentoo.org (Postfix) with ESMTP id 8F4FA80042
	for <gentoo-commits@lists.gentoo.org>; Sun, 18 Sep 2011 13:49:35 +0000 (UTC)
From: "Sven Vermeulen" <sven.vermeulen@siphos.be>
To: gentoo-commits@lists.gentoo.org
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <sven.vermeulen@siphos.be>
Message-ID: <e192a4decc6aaf25d42789816fa2d716f1d328c0.SwifT@gentoo>
Subject: [gentoo-commits] proj/hardened-docs:master commit in: xml/selinux/
X-VCS-Repository: proj/hardened-docs
X-VCS-Files: xml/selinux/selinux-handbook.xml
X-VCS-Directories: xml/selinux/
X-VCS-Committer: SwifT
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: e192a4decc6aaf25d42789816fa2d716f1d328c0
Date: Sun, 18 Sep 2011 13:49:35 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: c95d2c1757a5efe448eee7d691e46926

commit:     e192a4decc6aaf25d42789816fa2d716f1d328c0
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Sep 18 13:48:08 2011 +0000
Commit:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sun Sep 18 13:48:08 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=3Dproj/hardened-docs=
.git;a=3Dcommit;h=3De192a4de

Start larger update effort on SELinux documentation

---
 xml/selinux/selinux-handbook.xml |  104 ++++++++++++++++++++++----------=
------
 1 files changed, 60 insertions(+), 44 deletions(-)

diff --git a/xml/selinux/selinux-handbook.xml b/xml/selinux/selinux-handb=
ook.xml
index 53e4cf1..893e120 100644
--- a/xml/selinux/selinux-handbook.xml
+++ b/xml/selinux/selinux-handbook.xml
@@ -24,8 +24,8 @@ This is the Gentoo SELinux Handbook.
 <!-- See http://creativecommons.org/licenses/by-sa/1.0 -->
 <license/>
=20
-<version>3.00</version>
-<date>2010-12-01</date>
+<version>4</version>
+<date>2011-09-18</date>
=20
 <part>
 <title>Introduction to Gentoo/Hardened SELinux</title>
@@ -57,6 +57,17 @@ how SELinux policies work and how to troubleshoot if t=
hings go wrong.
 </chapter>
=20
 <chapter>
+<title>SELinux Resources</title>
+<abstract>
+To get more acquainted with SELinux, many resources exist on the Interne=
t.
+In this chapter we give a quick overview of the various resources as wel=
l
+as places where you can get more help when you are fighting with SELinux=
.
+</abstract>
+  <include href=3D"hb-intro-resources.xml"/>
+</chapter>
+
+<!--=20
+<chapter>
 <title>The SELinux (Reference) Policy</title>
 <abstract>
 To streamline SELinux policy development, a reference policy is being de=
veloped
@@ -68,10 +79,6 @@ cover the basics on SELinux policies in general.
   <include href=3D"hb-intro-referencepolicy.xml"/>
 </chapter>
=20
-<!--
-  Removed for the time being, not critical.
-  Moved to next major version of handbook.
-
 <chapter>
 <title>SELinux Virtual Machine Support</title>
 <abstract>
@@ -105,79 +112,88 @@ you through this process.
 </chapter>
=20
 <chapter>
+<title>Configuring SELinux For Your Needs</title>
+<abstract>
+With SELinux now "installed" and enabled (although in permissive mode), =
we now
+configure it to suit your particular needs. After all, SELinux is a Mand=
atory
+Access Control system where you, as security administrator, define what =
is
+allowed and what not.
+</abstract>
+  <include href=3D"hb-using-configuring.xml"/>
+</chapter>
+
+<chapter>
 <title>SELinux Commands</title>
 <abstract>
-Before we start with SELinux, we first take a step back and get to know =
a few
-commands. As we are currently running a SELinux enabled system (but in
-permissive mode) we can now get acquainted with the various SELinux-spec=
ific
-commands.
+Let's take a step back and get to know a few more commands. We covered m=
ost of
+them in the previous section, but we will now dive a bit deeper in its
+syntax, features and potential pitfalls.
 </abstract>
   <include href=3D"hb-using-commands.xml"/>
 </chapter>
=20
 <chapter>
-<title>Running in Permissive Mode</title>
+<title>Permissive, Unconfined, Disabled or What Not...</title>
 <abstract>
-Once SELinux is active, we first start by running the system in permissi=
ve mode.
-In this chapter, we tell you how to get acquainted with SELinux more in-=
depth
-with live command information, but without interfering with the standard=
 access
-controls (i.e. in permissive mode).
+Your system can be in many SELinux states. In this chapter, we help you =
switch
+between the various states / policies.
 </abstract>
-  <include href=3D"hb-using-permissive.xml"/>
+  <include href=3D"hb-using-states.xml"/>
 </chapter>
=20
 <chapter>
-<title>Switching to Enforcing Mode</title>
+<title>Modifying the Gentoo Hardened SELinux Policy</title>
 <abstract>
-Once you believe that the system can be ran in enforcing mode, we switch=
 the
-system to verify if this is true. Once verified, the next step is to (re=
)boot in
-enforcing mode. Finally, if we are confident that the enforcing is worki=
ng
-properly and that the system is still doing its job correctly, we fix th=
e
-enforcing mode so that it cannot be disabled anymore.
+Gentoo Hardened offers a default policy, but this might not allow what y=
ou want
+(or allows too much). In this chapter we tell you how you can tweak Gent=
oo's
+policy, or even run your own.
 </abstract>
-  <include href=3D"hb-using-enforcing.xml"/>
+  <include href=3D"hb-using-policies.xml"/>
 </chapter>
=20
 <chapter>
-<title>Adding SELinux Policy Modules</title>
+<title>Troubleshooting SELinux</title>
 <abstract>
-Far from all packages where SELinux policy modules are available for hav=
e a
-corresponding package in Gentoo/Hardened. In this chapter, we help you t=
o add
-more modules yourself or create your own modules for those packages that=
 have no
-SELinux policies yet.
+Everything made by a human can and will fail. In this chapter we will tr=
y to
+keep track of all potential issues you might come across and how to reso=
lve
+them.=20
 </abstract>
-  <include href=3D"hb-using-policymodules.xml"/>
+  <include href=3D"hb-using-troubleshoot.xml"/>
 </chapter>
 </part>
=20
+<!--
 <part>
-<title>Appendices</title>
+<title>Advanced SELinux</title>
 <abstract>
-Additional resources and referenced materials within this book are menti=
oned in
-this appendix.
+SELinux can be much more integrated in the system. In this part, we desc=
ribe how
+to enhance SELinux configurations, tuning and securing your system even =
more.
 </abstract>
=20
 <chapter>
-<title>Troubleshooting SELinux</title>
+<title>Working with MLS</title>
 <abstract>
-Everything made by a human can and will fail. In this chapter we will tr=
y to
-keep track of all potential issues you might come across and how to reso=
lve
-them.=20
+...
 </abstract>
-  <include href=3D"hb-appendix-troubleshoot.xml"/>
+  <include href=3D"hb-advanced-mls.xml"/>
 </chapter>
=20
 <chapter>
-<title>SELinux Reference Material</title>
+<title>Using s(ecure) Virt(ualization)</title>
 <abstract>
-This Gentoo Hardened SELinux handbook gives a first introduction to SELi=
nux and
-how it is integrated in Gentoo Hardened. But more seasoned administrator=
s will
-most definitely want to read up on the more advanced uses (and manageria=
l
-challenges) of SELinux - which we definitely recommend. A non-exhaustive=
 list is
-compiled in this chapter.
+...
 </abstract>
-  <include href=3D"hb-appendix-reference.xml" />
+  <include href=3D"hb-advanced-svirt.xml"/>
+</chapter>
+
+<chapter>
+<title>Using Netlabel</title>
+<abstract>
+...
+</abstract>
+  <include href=3D"hb-advanced-netlabel.xml"/>
 </chapter>
 </part>
+-->
=20
 </book>