Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sven Vermeulen <sven.vermeulen@××××××.be>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-docs:master commit in: xml/
Date: Sat, 30 Apr 2011 19:43:54
Message-Id: d4dd801cfdfc6fabff6498fe7eeaaab11a2fad29.SwifT@gentoo
1 commit: d4dd801cfdfc6fabff6498fe7eeaaab11a2fad29
2 Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
3 AuthorDate: Sat Apr 30 19:42:41 2011 +0000
4 Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
5 CommitDate: Sat Apr 30 19:42:41 2011 +0000
6 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=commit;h=d4dd801c
7
8 Add FAQ on emerge not working (no sysadm_r role)
9
10 ---
11 xml/selinux-faq.xml | 32 +++++++++++++++++++++++++++++++-
12 1 files changed, 31 insertions(+), 1 deletions(-)
13
14 diff --git a/xml/selinux-faq.xml b/xml/selinux-faq.xml
15 index b300301..d042d2c 100644
16 --- a/xml/selinux-faq.xml
17 +++ b/xml/selinux-faq.xml
18 @@ -17,7 +17,7 @@ The FAQ is a collection of solutions found on IRC, mailinglist, forums or
19 elsewhere
20 </abstract>
21
22 -<version>4</version>
23 +<version>5</version>
24 <date>2011-04-30</date>
25
26 <faqindex>
27 @@ -385,5 +385,35 @@ hidden).
28
29 </body>
30 </section>
31 +<section id="emergefails">
32 +<title>Emerge does not work, giving 'Permission denied: /etc/make.conf'</title>
33 +<body>
34 +
35 +<p>
36 +This is to be expected if you are not using the <c>sysadm_r</c> role. Any
37 +Portage related activity requires that you are in the <c>sysadm_r</c> role. To
38 +transition to the role, first validate if you are currently known as
39 +<c>staff_u</c> (or, if you added your own SELinux identities, a user that has
40 +the permission to transition to the <c>sysadm_r</c> role). Then run <c>newrole
41 +-r sysadm_r</c> to transition.
42 +</p>
43 +
44 +<pre caption="Transitioning to sysadm_r">
45 +~$ <i>emerge --info</i>
46 +Permission denied: '/etc/make.conf'
47 +~$ <i>id -Z</i>
48 +staff_u:staff_r:staff_t
49 +~$ <i>newrole -r sysadm_r</i>
50 +Password: <comment># Enter your users' password</comment>
51 +</pre>
52 +
53 +<p>
54 +This is also necessary if you logged on to your system as root but through SSH.
55 +The default behavior is that SSH sets the lowest role for the particular user
56 +when logged on. And you shouldn't allow remote root logins anyhow.
57 +</p>
58 +
59 +</body>
60 +</section>
61 </chapter>
62 </guide>
Report Message
Find on MARC Find on Google Groups