*** UNIX MANUAL PAGE BROWSER ***

A Nergahak database for man pages research.

Navigation

Location: Home > FreeBSD > Section 5 > mac.conf
Quick Actions: [Home] [Up]

Directory Browser

1Browse 4.4BSD4.4BSD
1Browse Digital UNIXDigital UNIX 4.0e
1Browse FreeBSDFreeBSD 14.3
1Browse MINIXMINIX 3.4.0rc6-d5e4fc0
1Browse NetBSDNetBSD 10.1
1Browse OpenBSDOpenBSD 7.7
1Browse UNIX v7Version 7 UNIX
1Browse UNIX v10Version 10 UNIX

Manual Page Search

Manual Page Result

0 Command: mac.conf | Section: 5 | Source: FreeBSD | File: mac.conf.5.gz
MAC.CONF(5) FreeBSD File Formats Manual MAC.CONF(5) NAME mac.conf - format of the MAC library configuration file DESCRIPTION The mac.conf file configures the default label elements to be used by policy-agnostic applications that operate on MAC labels. A file contains a series of default label sets specified by object class, in addition to blank lines and comments preceded by a `#' symbol. Currently, the implementation supports two syntax styles for label element declaration. The old (deprecated) syntax consists of a single line with two fields separated by white space: the object class name, and a list of label elements as used by the mac_prepare(3) library calls prior to an application invocation of a function from mac_get(3). The newer more preferred syntax consists of three fields separated by white space: the label group, object class name and a list of label elements. Label element names may optionally begin with a `?' symbol to indicate that a failure to retrieve the label element for an object should be silently ignored, and improves usability if the set of MAC policies may change over time. FILES /etc/mac.conf MAC library configuration file. EXAMPLES The following example configures user applications to operate with four MAC policies: mac_biba(4), mac_mls(4), SEBSD, and mac_partition(4). # # Default label set to be used by simple MAC applications default_labels file ?biba,?lomac,?mls,?sebsd default_labels ifnet ?biba,?lomac,?mls,?sebsd default_labels process ?biba,?lomac,?mls,?partition,?sebsd default_labels socket ?biba,?lomac,?mls # # Deprecated (old) syntax default_file_labels ?biba,?mls,?sebsd default_ifnet_labels ?biba,?mls,?sebsd default_process_labels ?biba,?mls,partition,?sebsd In this example, userland applications will attempt to retrieve Biba, MLS, and SEBSD labels for all object classes; for processes, they will additionally attempt to retrieve a Partition identifier. In all cases except the Partition identifier, failure to retrieve a label due to the respective policy not being present will be ignored. SEE ALSO mac(3), mac_get(3), mac_prepare(3), mac(4), mac(9) HISTORY Support for Mandatory Access Control was introduced in FreeBSD 5.0 as part of the TrustedBSD Project. FreeBSD 14.1-RELEASE-p8 July 25, 2015 FreeBSD 14.1-RELEASE-p8

Navigation Options

Actions: [Home] [Back] [New Search]
Browse: [Browse FreeBSD] [Section 5]
Print/Export: [Print] [Raw Text]
Date: 2025-08-18 Time: 21:46:32 SAST |
Page generated in 0.0203 seconds
Nergahak ManpageViewer v1.4
[Back to Top]