From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id ABF35138010 for ; Sat, 18 Aug 2012 11:47:29 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E8C1BE0724; Sat, 18 Aug 2012 11:47:20 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id BB527E0724 for ; Sat, 18 Aug 2012 11:47:20 +0000 (UTC) Received: from flycatcher.gentoo.org (flycatcher.gentoo.org [81.93.255.6]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 2D4A81B4026 for ; Sat, 18 Aug 2012 11:47:20 +0000 (UTC) Received: by flycatcher.gentoo.org (Postfix, from userid 2270) id AA26E2004B; Sat, 18 Aug 2012 11:47:18 +0000 (UTC) From: "JosA MarAa Alonso (nimiux)" To: gentoo-commits@lists.gentoo.org Reply-To: gentoo-dev@lists.gentoo.org, nimiux@gentoo.org Subject: [gentoo-commits] gentoo commit in xml/htdocs/proj/es/hardened/selinux: hb-using-install.xml X-VCS-Repository: gentoo X-VCS-Files: hb-using-install.xml X-VCS-Directories: xml/htdocs/proj/es/hardened/selinux X-VCS-Committer: nimiux X-VCS-Committer-Name: JosA MarAa Alonso Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Message-Id: <20120818114718.AA26E2004B@flycatcher.gentoo.org> Date: Sat, 18 Aug 2012 11:47:18 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 3713ace4-ea9d-45f3-a6a6-89d46eb3b490 X-Archives-Hash: 97059d1c401c69d9abe01123c3302a5a nimiux 12/08/18 11:47:18 Modified: hb-using-install.xml Log: Add system_r right to root/staff_u Revision Changes Path 1.17 xml/htdocs/proj/es/hardened/selinux/hb-using-install.xml file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/es/hardened/selinux/hb-using-install.xml?rev=1.17&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/es/hardened/selinux/hb-using-install.xml?rev=1.17&content-type=text/plain diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/es/hardened/selinux/hb-using-install.xml?r1=1.16&r2=1.17 Index: hb-using-install.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/proj/es/hardened/selinux/hb-using-install.xml,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- hb-using-install.xml 17 Jul 2012 18:19:29 -0000 1.16 +++ hb-using-install.xml 18 Aug 2012 11:47:18 -0000 1.17 @@ -4,11 +4,11 @@ - + -28 -2012-06-24 +29 +2012-08-16
Instalar Gentoo (Hardened) @@ -785,5 +785,32 @@ + +Soporte del servicio de administración + + +

+Por defecto, las directrices de SELinux en Gentoo Hardened permiten +al dominio sysadm_t el acceso a todos los sevicios. Sin embargo, +algunos de estos servicios tienen directrices que les permiten +se asignados a usuarios individuales diferentes de root. Esto +requiere que se conceda al usuario el rol system_r (lo +que implica que el usuario puede, en ciertos casos, obtener este +cambio de rol hacia el rol de sistema). +

+ +

+Por tanto, se recomienda conceder el rol system_r al usuario +SELinux administrador que va a utilizar en mayor medida. Estos son, +en la mayoría de los casos, los usuarios root y staff_u. +

+ +
+# semanage user -a -R "staff_r sysadm_r system_r" root
+# semanage user -a -R "staff_r sysadm_r system_r" staff_u
+
+ + +