SElinux concerning symlink?
Craig White
craigwhite at azapple.com
Thu Jul 24 21:41:20 UTC 2008
On Thu, 2008-07-24 at 17:35 -0400, Todd Denniston wrote:
> Craig White wrote, On 07/24/2008 04:49 PM:
> > I would doubt that.../opt is not a usual place for users $home
> > directories and thus the policy for files in that tree would not be
> > suitable for the method you are using.
> >
> > Craig
> >
>
> I can agree with that, but how do you convince SEL that you desire
> /rootlockeddown/<user>/authorized_keys to be a valid place for sshd to read?
> note /rootlockeddown/ is not where home directories are, it is where the
> admin approved keys are after the admin sets in sshd_config:
> AuthorizedKeysFile /rootlockeddown/%u/authorized_keys
>
> BTW I am not asking from just an academic perspective... I too will require a
> way to do this eventually.
----
I think it's incumbent upon any package or process to work through the
issues with selinux rather than leave it completely on the users to work
it out if it is to be considered a useful package.
Obviously the OP issue was trying to run user home directories not
in /home which seems to present more issues than it's worth. It's like
trying to row against the current.
Craig
More information about the users
mailing list