GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SETFSMAC(8) FreeBSD System Manager's Manual SETFSMAC(8)

setfsmacset MAC label for a file hierarchy

setfsmac [-ehqvx] [-f specfile] ... [-s specfile] ... file ...

The setfsmac utility accepts a list of specification files as input and sets the MAC labels on the specified file system hierarchies. Path names specified will be visited in order as given on the command line, and each tree will be traversed in pre-order. (Generally, it will not be very useful to use relative paths instead of absolute paths.) Multiple entries matching a single file will be combined and applied in a single transaction.

The following options are available:

Treat any file systems encountered which do not support MAC labelling as errors, instead of warning and skipping them.
specfile
Apply the specifications in specfile to the specified paths.
NOTE: Only the first entry for each file is applied; all others are disregarded and silently dropped.
Multiple -f arguments may be specified to include multiple specification files.
When a symbolic link is encountered, change the label of the link rather than the file the link points to.
Do not print non-fatal warnings during execution.
specfile
Apply the specifications in specfile, but assume the specification format is compatible with the SELinux specfile format.
NOTE: Only the first entry for each file is applied; all others are disregarded and silently dropped.
The prefix “sebsd/” will be automatically prepended to the labels in specfile. Labels matching “<<none>>” will be explicitly not relabeled. This permits SEBSD to reuse existing SELinux policy specification files.
Increase the degree of verbosity.
Do not recurse into new file systems when traversing them.

/usr/share/security/lomac-policy.contexts
Sample specfile containing LOMAC policy entries.

See FILES.

mac(3), mac_set_file(3), mac_set_link(3), mac(4), re_format(7), getfmac(8), setfmac(8), mac(9)

This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.

February 17, 2004 FreeBSD 14.3-RELEASE
Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.