1 |
On Wed, 2004-01-14 at 06:54, fisch wrote: |
2 |
> and added the user bob to the staff role, to allow login vi ssh |
3 |
> user bob roles { staff_r }; -> in /etc/security/selinux/src/policy/users |
4 |
> ok, that works. |
5 |
|
6 |
Normal users should be user_r. If they're going to be able to use |
7 |
sysadm_r, they should be staff_r instead of user_r. |
8 |
|
9 |
> I have two problems: |
10 |
> a) after reboot, user bob can't login via ssh until I do a "rlpkg |
11 |
> openssh" |
12 |
|
13 |
Theres two things that need to happend for sshd to work right. The |
14 |
binary has to be labeled correctly, which should have been taken care of |
15 |
by rlpkg. Then either you have it automatically start up at boot, or |
16 |
manually start it using run_init. If sshd isn't in the right context, |
17 |
then people will not be able to log in. |
18 |
|
19 |
> b) user bob can't create a crontab for themself |
20 |
> what I have to do? |
21 |
|
22 |
Not sure about this one. I can reproduce this, so I'll investigate |
23 |
further. |
24 |
|
25 |
-- |
26 |
Chris PeBenito |
27 |
<pebenito@g.o> |
28 |
Developer, |
29 |
Hardened Gentoo Linux |
30 |
Embedded Gentoo Linux |
31 |
|
32 |
Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243 |
33 |
Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243 |