From 562640342c53980ec8cc4640f9e3a94885dd6f07 Mon Sep 17 00:00:00 2001 From: Packit Service Date: Feb 04 2021 06:16:45 +0000 Subject: Apply patch 0060-docs-firewall-cmd-clarify-lockdown-whitelist-command.patch patch_name: 0060-docs-firewall-cmd-clarify-lockdown-whitelist-command.patch present_in_specfile: true location_in_specfile: 60 --- diff --git a/doc/xml/firewall-cmd.xml.in b/doc/xml/firewall-cmd.xml.in index 8bc389a..702c549 100644 --- a/doc/xml/firewall-cmd.xml.in +++ b/doc/xml/firewall-cmd.xml.in @@ -2104,7 +2104,7 @@ For interfaces that are not under control of NetworkManager, firewalld tries to If a command entry on the whitelist ends with an asterisk '*', then all command lines starting with the command will match. If the '*' is not there the absolute command inclusive arguments must match. - Commands for user root and others is not always the same. Example: As root /bin/firewall-cmd is used, as a normal user /usr/bin/firewall-cmd is be used on Fedora. + Command paths for users are not always the same and depends on the users PATH. Some distributions symlink /bin to /usr/bin in which case it depends on the order they appear in the PATH environment variable. The context is the security (SELinux) context of a running application or service. To get the context of a running application use ps -e --context.