Re: User role and transitioning

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



To be honest though i never understood what value gitolite adds to
git-shell, git-daemon and a few good git hooks.

https://www.youtube.com/watch?v=vgm89P5nbBQ
https://www.youtube.com/watch?v=XHEPj80217o


On Fri, 2012-02-10 at 20:18 +0100, Dominick Grift wrote:
> On Fri, 2012-02-10 at 14:06 -0500, Konstantin Ryabitsev wrote:
> > Hi, all:
> > 
> > I'm trying to lock down the gitolite user by creating a user role that
> > would be pretty much "guest_u" plus pemission to transition to
> > gitosis_t.
> > 
> 
> This might work:
> 
> mkdir ~/mygito; cd ~/mygito;
> 
> echo "policy_module(mygito, 1.0.0)" > mygito.te;
> echo "role mygito_r;" >> mygito.te; 
> echo "userdom_restricted_user_template(mygito)" >> mygito.te;
> echo "gitosis_run(mygito_t, mygito_r)" >> mygito.te; 
> echo "gen_user(mygito_u, user, mygito_r, s0, s0)" >> mygito.te;
> 
> make -f /usr/share/selinux/devel/Makefile mygito.pp
> sudo semodule -i mygito.pp
> 
> useradd -Z mygito_u mygito
> passwd mygito
> 
> 
> > I've not yet written a user role policy, so I'm not sure where I should
> > start.
> > 
> > Best,
> > --
> > selinux mailing list
> > selinux@xxxxxxxxxxxxxxxxxxxxxxx
> > https://admin.fedoraproject.org/mailman/listinfo/selinux
> 
> 


--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux



[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux