summaryrefslogtreecommitdiff
path: root/kernels/pax-flags-libre/pax-flags-libre.8
diff options
context:
space:
mode:
Diffstat (limited to 'kernels/pax-flags-libre/pax-flags-libre.8')
-rw-r--r--kernels/pax-flags-libre/pax-flags-libre.8112
1 files changed, 0 insertions, 112 deletions
diff --git a/kernels/pax-flags-libre/pax-flags-libre.8 b/kernels/pax-flags-libre/pax-flags-libre.8
deleted file mode 100644
index f27ae82f8..000000000
--- a/kernels/pax-flags-libre/pax-flags-libre.8
+++ /dev/null
@@ -1,112 +0,0 @@
-.TH pax-flags-libre 8 "" 2013-02-18
-.SH NAME
-\fBpax-flags-libre\fR \- Configure PaX flags for several binaries
-.SH SYNOPSIS
-\fBpax-flags-libre\fR [options] [filter]
-.SH DESCRIPTION
-\fBpax-flags-libre\fR is written to configure PaX flags for a set of binaries.
-It is intended to ease the usage of PaX (linux-libre-pax) or grsecurity (linux-libre-grsec,
-linux-libre-grsec-lts) enabled kernel on Parabola GNU/Linux-libre.
-.P
-PaX flags for a set of binaries are collected in YAML format configuration
-files. By default, every .conf file from /etc/pax-flags and
-/usr/share/pax-flags-libre is read. See the CONFIGURATION section for the file
-format.
-.P
-Root privileges are needed. If you set a value to $PAX_FLAGS_SUDO,
-\fBpax-flags-libre\fR will be called with sudo.
-.SH OPTIONS
-.TP
-\-c, \-\-config <path>
-Override default configuration paths. Requires one path argument. Can contain
-globs (escape them in some shells (zsh for example)).
-.TP
-\-h, \-\-help
-Displays a short usage message and option summary.
-.TP
-\-p, \-\-prepend
-Do not actually change anything.
-.TP
-\-x, \-\-xattr
-Sets the PaX flags through setfattr, underlying filesystems need xattr support.
-.TP
-\-y, \-\-yes
-Non-interactive mode. Assume yes on any question.
-.SH FILES
-.TP
-/etc/pax-flags/*.conf
-Files for overriding the standard flag set and path pattern configuration.
-.TP
-/usr/share/pax-flags-libre/*.conf
-The shipped configuration.
-.SH CONFIGURATION
-There are \fBsimple\fR configuration entries and \fBcomplex\fR ones. Complex
-configuration for a certain flag set and path pattern overrides simple. To
-override a simple entry with a complex one, the flag sets and path patterns have
-to match exactly.
-.SS "Simple entries"
-Simple configuration entries just set the PaX flags for a set of binaries. The
-format is as follows:
-.P
-PSmXER:
-.br
- \- /usr/bin/ruby
- \- /usr/bin/glx*
-.P
-\fBPSmXER\fR is the set of flags. Every letter represents a PaX flag. Uppercase
-enables the flag, lowercase disables it. See paxctl(1) for more details. This
-example disables MPROTECT on /usr/bin/ruby and /usr/bin/glx*.
-.SS "Complex entries"
-With complex entries it is possible to stop a daemon before setting the flags
-and starting it afterwards. The format is as follows:
-.P
-PSmXER:
-.br
- \- /usr/sbin/clamd:
- type: systemd
-.P
-This would stop clamd, disable MPROTECT for the binary and start the daemon
-again. The \fBtype\fR option values correspond to presets of status, start, stop
-actions. Currently there exists only "systemd". By default the systemd unit file
-would be "clamd" in this case or the basename of the path in general.
-.P
-PSmXEr:
-.br
- \- /usr/lib/polkit-1/polkitd:
- type: systemd
- systemd_name: polkit
-.P
-The \fBsystemd_name\fR option can be used to configure a differing systemd unit
-name.
-.P
-PSmXEr:
-.br
- \- /usr/lib/iceweasel/iceweasel:
- status: "pidof iceweasel"
- start: "iceweasel &"
- stop: "killall iceweasel"
-.P
-This would configure custom actions for \fBstatus\fR, \fBstart\fR and
-\fBstop\fR.
-.P
-PSmXER:
-.br
- \- /usr/bin/ruby:
- skip: true
-.P
-This would override a simple entry for the same flag set and path pattern and
-cause it to be skipped.
-.P
-PSmXER:
-.br
- \- /usr/lib32/somebinary:
- header: create
-.P
-This would cause paxctl to not convert the old binary header, but create a new
-one. See paxctl(1) for more details.
-.SH AUTHOR
-henning mueller <henning@orgizm.net>
-.SH SEE ALSO
-\- paxctl(1)
-.br
-\- http://www.yaml.org