Skip to content

Commit

Permalink
selinux.8: document how mount flag nosuid affects SELinux
Browse files Browse the repository at this point in the history 
Using mount flag `nosuid` also affects SELinux domain transitions but
this has not been documented well.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
  • Loading branch information
@topimiettinen @bachradsusi
topimiettinen authored and bachradsusi committed Jun 18, 2021
1 parent fa4de3c commit 70b31e7
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions libselinux/man/man8/selinux.8
View file
Expand Up @@ -94,6 +94,13 @@ and reboot.
also has this capability. The
.BR restorecon / fixfiles
commands are also available for relabeling files.

Please note that using mount flag
.I nosuid
also disables SELinux domain transitions, unless permission
.I nosuid_transition
is used in the policy to allow this, which in turn needs also policy capability
.IR nnp_nosuid_transition .
.
.SH AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
Expand Down

0 comments on commit 70b31e7

Please sign in to comment.