diff options
author | Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-04-10 20:12:13 +0200 |
---|---|---|
committer | Sven Vermeulen <sven.vermeulen@siphos.be> | 2012-04-10 20:12:13 +0200 |
commit | fc8853d8d0954a11c738c24ed686c4e0b71064cd (patch) | |
tree | f5a0153e1c40c97f4e13132c456ae86e32ae27f0 /xml/selinux/hb-using-install.xml | |
parent | update selinux roadmap (diff) | |
download | hardened-docs-fc8853d8d0954a11c738c24ed686c4e0b71064cd.tar.gz hardened-docs-fc8853d8d0954a11c738c24ed686c4e0b71064cd.tar.bz2 hardened-docs-fc8853d8d0954a11c738c24ed686c4e0b71064cd.zip |
Fix bug #411365 - Only refer to staff_u when policy is strict
Diffstat (limited to 'xml/selinux/hb-using-install.xml')
-rw-r--r-- | xml/selinux/hb-using-install.xml | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/xml/selinux/hb-using-install.xml b/xml/selinux/hb-using-install.xml index ae3ce92..539586f 100644 --- a/xml/selinux/hb-using-install.xml +++ b/xml/selinux/hb-using-install.xml @@ -7,8 +7,8 @@ <!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/selinux/hb-using-install.xml,v 1.4 2011/06/07 19:46:52 klondike Exp $ --> <sections> -<version>18</version> -<date>2012-04-05</date> +<version>19</version> +<date>2012-04-10</date> <section> <title>Installing Gentoo (Hardened)</title> @@ -707,7 +707,8 @@ access to the <path>/dev/urandom</path> device: <body> <p> -Finally, we need to map the account(s) you use to manage your system (those +If the <c>SELINUXTYPE</c> is set to <c>strict</c>, then we +need to map the account(s) you use to manage your system (those that need access to Portage) to the <c>staff_u</c> SELinux user. If not, none of your accounts will be able to succesfully manage the system (except for <c>root</c>, but then you will need to login as <c>root</c> directly and not @@ -742,6 +743,12 @@ staff_u:sysadm_r:sysadm_t </pre> <p> +If you however use a <c>targeted</c> policy, then the user you work with will be +of type <e>unconfined_t</e> and will already have the necessary privileges to +perform system administrative tasks. +</p> + +<p> With that done, enjoy - your first steps into the SELinux world are now made. </p> |