Kategorie:SELinux

Aus immerda
Wechseln zu: Navigation, Suche

Tipps

  • Ports können in /etc/selinux/targeted/src/policy/net_contexts entsprechend gelabeld werden. [1]

Handbooks

User with its own role

How can I create a User with its own role?

useradd $user
password -l $user (passwort locken)

in file policy/domains/user.te

full_user_role($user)
allow system_r $user_r;
allow sysadm_r $user_r;

This defines the role and allows system_r and sysadm_r access to this user. (recommended)

in file policy/macros/user_macros.te add the line role $user_r types $1; to the block:

define(`in_user_role', `
    role user_r types $1;
    role staff_r types $1;
    role $user_r types $1;
')

and in file policy/users add the automatically mapping:

user $user roles { $user_r };

reload the policy... -> done!

Seiten in der Kategorie „SELinux“

Diese Kategorie enthält nur die folgende Seite.