Re: default user context on fedorapeople.org | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
On Tue, 2012-03-27 at 17:43 -0400, Konstantin Ryabitsev wrote: > Let me verify this in my VM, though, before I'm forced to insert my > foot > into my mouth. :) Yes, it works just as I thought. If you want to test it out: testguest.te: -------------------------------- policy_module(testguest, 1.0.0) role testguest_r; irc_role(testguest_r, testguest_t) userdom_restricted_user_template(testguest) gen_user(testguest_u, user, testguest_r, s0, s0) -------------------------------- make -f make -f /usr/share/selinux/devel/Makefile testguest.pp semodule -i testguest.pp cd /etc/selinux/targeted/contexts/users cat guest_u | sed 's/guest_u/testguest_u/g' > testguest_u useradd bob passwd bob usermod -Z testguest_u bob As a result: [bob@moppet ~]$ whoami bob [bob@moppet ~]$ id -Z testguest_u:testguest_r:testguest_t:s0 [bob@moppet ~]$ telnet irc.freenode.org 6667 Trying 94.125.182.252... telnet: connect to address 94.125.182.252: Permission denied Best, -- Konstantin Ryabitsev Systems Administrator, Kernel.org Montréal, Québec
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
[Home] [Fedora Users] [Fedora Legacy List] [Fedora Maintainers] [Fedora Desktop] [Red Hat 9 Bible] [Fedora Bible] [Fedora SELinux] [Big List of Linux Books] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools]
