projects / firefly-linux-kernel-4.4.55.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Smack: allow multiple labels in onlycap
[firefly-linux-kernel-4.4.55.git] / Documentation / security / Smack.txt
diff --git a/Documentation/security/Smack.txt b/Documentation/security/Smack.txt
index abc82f85215b976a09d8356b1481c6a4fd988116..de5e1aeca7fb95f8a34dff42519a339958aad4ff 100644 (file)
--- a/Documentation/security/Smack.txt
+++ b/Documentation/security/Smack.txt
@@ -206,11 +206,11 @@ netlabel
        label. The format accepted on write is:
                "%d.%d.%d.%d label" or "%d.%d.%d.%d/%d label".
 onlycap
-       This contains the label processes must have for CAP_MAC_ADMIN
+       This contains labels processes must have for CAP_MAC_ADMIN
        and CAP_MAC_OVERRIDE to be effective. If this file is empty
        these capabilities are effective at for processes with any
-       label. The value is set by writing the desired label to the
-       file or cleared by writing "-" to the file.
+       label. The values are set by writing the desired labels, separated
+       by spaces, to the file or cleared by writing "-" to the file.
 ptrace
        This is used to define the current ptrace policy
        0 - default: this is the policy that relies on Smack access rules.
Unnamed repository; edit this file 'description' to name the repository.