- make mac-seeotheruids section a separate section, i.e. make it sect1

section, to conform its style with the rest of the chapter. (No content changes of course)
author: Daniel Gerzo <danger@FreeBSD.org> 2008-08-21 21:29:21 +0000
committer: Daniel Gerzo <danger@FreeBSD.org> 2008-08-21 21:29:21 +0000
commit: 2aac44f761385b868458a9ac07713d1a4a22c5b9 (patch)
tree: 4ee85d2c21c15f56cf31b5196f731c5ab1062387 /en_US.ISO8859-1/books/handbook/mac
parent: 15ff27de96528d5f2718ac9de1702b8aee4dd532 (diff)
download: doc-2aac44f761385b868458a9ac07713d1a4a22c5b9.tar.gz
doc-2aac44f761385b868458a9ac07713d1a4a22c5b9.zip
1 files changed, 47 insertions, 47 deletions
diff --git a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
index ff6155e94d..f7d63a8a01 100644
--- a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
@@ -853,62 +853,62 @@ test: biba/high</screen>
     <para>A single label configuration would enforce only one label
       across the system, that is why the <command>tunefs</command>
       option is called <option>multilabel</option>.</para>
+  </sect1>
 
-    <sect2 id="mac-seeotheruids">
-      <title>The MAC seeotheruids Module</title>
+  <sect1 id="mac-seeotheruids">
+    <title>The MAC seeotheruids Module</title>
 
-      <indexterm>
-        <primary>MAC See Other UIDs Policy</primary>
-      </indexterm>
-      <para>Module name: <filename>mac_seeotheruids.ko</filename></para>
+    <indexterm>
+      <primary>MAC See Other UIDs Policy</primary>
+    </indexterm>
+    <para>Module name: <filename>mac_seeotheruids.ko</filename></para>
 
-      <para>Kernel configuration line:
-        <literal>options MAC_SEEOTHERUIDS</literal></para>
+    <para>Kernel configuration line:
+      <literal>options MAC_SEEOTHERUIDS</literal></para>
 
-      <para>Boot option:
-	<literal>mac_seeotheruids_load="YES"</literal></para>
+    <para>Boot option:
+      <literal>mac_seeotheruids_load="YES"</literal></para>
 
-      <para>The &man.mac.seeotheruids.4; module mimics and extends
-	the <literal>security.bsd.see_other_uids</literal> and
-	<literal>security.bsd.see_other_gids</literal>
-	<command>sysctl</command> tunables.  This option does
-	not require any labels to be set before configuration and
-	can operate transparently with the other modules.</para>
+    <para>The &man.mac.seeotheruids.4; module mimics and extends
+      the <literal>security.bsd.see_other_uids</literal> and
+      <literal>security.bsd.see_other_gids</literal>
+      <command>sysctl</command> tunables.  This option does
+      not require any labels to be set before configuration and
+      can operate transparently with the other modules.</para>
 
-      <para>After loading the module, the following
-	<command>sysctl</command> tunables may be used to control
-	the features:</para>
+    <para>After loading the module, the following
+      <command>sysctl</command> tunables may be used to control
+      the features:</para>
 
-      <itemizedlist>
-	<listitem>
-	  <para><literal>security.mac.seeotheruids.enabled</literal>
-	    will enable the module's features and use the default
-	    settings.  These default settings will deny users the
-	    ability to view processes and sockets owned by other
-	    users.</para>
-	</listitem>
+    <itemizedlist>
+      <listitem>
+	<para><literal>security.mac.seeotheruids.enabled</literal>
+	  will enable the module's features and use the default
+	  settings.  These default settings will deny users the
+	  ability to view processes and sockets owned by other
+	  users.</para>
+      </listitem>
 
-	<listitem>
-	  <para>
-	    <literal>security.mac.seeotheruids.specificgid_enabled</literal>
-	    will allow a certain group to be exempt from this policy.
-	    To exempt specific groups from this policy, use the
-	    <literal>security.mac.seeotheruids.specificgid=<replaceable>XXX</replaceable></literal>
-	    <command>sysctl</command> tunable.  In the above example,
-	    the <replaceable>XXX</replaceable> should be replaced with the
-	    numeric group ID to be exempted.</para>
-	</listitem>
+      <listitem>
+	<para>
+	  <literal>security.mac.seeotheruids.specificgid_enabled</literal>
+	  will allow a certain group to be exempt from this policy.
+	  To exempt specific groups from this policy, use the
+	  <literal>security.mac.seeotheruids.specificgid=<replaceable>XXX</replaceable></literal>
+	  <command>sysctl</command> tunable.  In the above example,
+	  the <replaceable>XXX</replaceable> should be replaced with the
+	  numeric group ID to be exempted.</para>
+      </listitem>
 
-	<listitem>
-	  <para>
-	    <literal>security.mac.seeotheruids.primarygroup_enabled</literal>
-	    is used to exempt specific primary groups from this policy.
-	    When using this tunable, the
-	    <literal>security.mac.seeotheruids.specificgid_enabled</literal>
-	    may not be set.</para>
-	</listitem>
-      </itemizedlist>
-    </sect2>
+      <listitem>
+	<para>
+	  <literal>security.mac.seeotheruids.primarygroup_enabled</literal>
+	  is used to exempt specific primary groups from this policy.
+	  When using this tunable, the
+	  <literal>security.mac.seeotheruids.specificgid_enabled</literal>
+	  may not be set.</para>
+      </listitem>
+    </itemizedlist>
   </sect1>
 
   <sect1 id="mac-bsdextended">
author	Daniel Gerzo <danger@FreeBSD.org>	2008-08-21 21:29:21 +0000
committer	Daniel Gerzo <danger@FreeBSD.org>	2008-08-21 21:29:21 +0000
commit	2aac44f761385b868458a9ac07713d1a4a22c5b9 (patch)
tree	4ee85d2c21c15f56cf31b5196f731c5ab1062387 /en_US.ISO8859-1/books/handbook/mac
parent	15ff27de96528d5f2718ac9de1702b8aee4dd532 (diff)
download	doc-2aac44f761385b868458a9ac07713d1a4a22c5b9.tar.gz doc-2aac44f761385b868458a9ac07713d1a4a22c5b9.zip