-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 04/06/2010 02:47 PM, Stephen Gallagher wrote:
On 03/31/2010 07:12 AM, Jakub Hrozek wrote:
Adds a new option -Z to sss_useradd and sss_usermod. This option allows user to specify the SELinux login context for the user. On deleting the user with sss_userdel, the login mapping is deleted, so subsequent adding of the same user would result in the default login context unless -Z is specified again.
MLS security is not supported as of this patch.
Also adds explicit build dependency on libselinux-devel - it is dragged in by krb5-devel currently, but I think the dependency should be listed since we directly use functions from libselinux to set homedir contexts.
Addresses: #230
Patch 0001: Minor nitpick. While you're moving the code, could you please fix the whitespace errors in the selinux_file_context() description?
Patch 0002: --without-semanage should be implicit if --without-selinux is set, unless you can convince me that there would ever be a platform that supported one without the other.
Please correct whitespace error in sss_useradd.8.xml
Otherwise, this looks fine.
One more issue: the sssd.spec.in needs to have BuildRequires: semanage-devel
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
- -- Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/