User role and transitioning
Konstantin Ryabitsev
icon at fedoraproject.org
Fri Feb 10 22:00:40 UTC 2012
On Fri, 2012-02-10 at 20:18 +0100, Dominick Grift wrote:
> This might work:
>
> mkdir ~/mygito; cd ~/mygito;
>
> echo "policy_module(mygito, 1.0.0)" > mygito.te;
> echo "role mygito_r;" >> mygito.te;
> echo "userdom_restricted_user_template(mygito)" >> mygito.te;
> echo "gitosis_run(mygito_t, mygito_r)" >> mygito.te;
> echo "gen_user(mygito_u, user, mygito_r, s0, s0)" >> mygito.te;
>
> make -f /usr/share/selinux/devel/Makefile mygito.pp
> sudo semodule -i mygito.pp
>
> useradd -Z mygito_u mygito
> passwd mygito
Ok, one small addition:
cd /etc/selinux/targeted/contexts/users
sed 's/guest_/mygito_/g' guest_u > mygito_u
Best,
--
Konstantin Ryabitsev
Systems Administrator, Kernel.org
Montréal, Québec
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: This is a digitally signed message part
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20120210/4fd396b6/attachment.sig>
More information about the selinux
mailing list