public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
From: "Sven Vermeulen" <sven.vermeulen@siphos.be>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/hardened-docs:master commit in: xml/
Date: Sat, 30 Apr 2011 19:43:45 +0000 (UTC)	[thread overview]
Message-ID: <d4dd801cfdfc6fabff6498fe7eeaaab11a2fad29.SwifT@gentoo> (raw)

commit:     d4dd801cfdfc6fabff6498fe7eeaaab11a2fad29
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Apr 30 19:42:41 2011 +0000
Commit:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sat Apr 30 19:42:41 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-docs.git;a=commit;h=d4dd801c

Add FAQ on emerge not working (no sysadm_r role)

---
 xml/selinux-faq.xml |   32 +++++++++++++++++++++++++++++++-
 1 files changed, 31 insertions(+), 1 deletions(-)

diff --git a/xml/selinux-faq.xml b/xml/selinux-faq.xml
index b300301..d042d2c 100644
--- a/xml/selinux-faq.xml
+++ b/xml/selinux-faq.xml
@@ -17,7 +17,7 @@ The FAQ is a collection of solutions found on IRC, mailinglist, forums or
 elsewhere
 </abstract>
 
-<version>4</version>
+<version>5</version>
 <date>2011-04-30</date>
 
 <faqindex>
@@ -385,5 +385,35 @@ hidden).
 
 </body>
 </section>
+<section id="emergefails">
+<title>Emerge does not work, giving 'Permission denied: /etc/make.conf'</title>
+<body>
+
+<p>
+This is to be expected if you are not using the <c>sysadm_r</c> role. Any
+Portage related activity requires that you are in the <c>sysadm_r</c> role. To
+transition to the role, first validate if you are currently known as
+<c>staff_u</c> (or, if you added your own SELinux identities, a user that has
+the permission to transition to the <c>sysadm_r</c> role). Then run <c>newrole
+-r sysadm_r</c> to transition.
+</p>
+
+<pre caption="Transitioning to sysadm_r">
+~$ <i>emerge --info</i>
+Permission denied: '/etc/make.conf'
+~$ <i>id -Z</i>
+staff_u:staff_r:staff_t
+~$ <i>newrole -r sysadm_r</i>
+Password: <comment># Enter your users' password</comment>
+</pre>
+
+<p>
+This is also necessary if you logged on to your system as root but through SSH.
+The default behavior is that SSH sets the lowest role for the particular user
+when logged on. And you shouldn't allow remote root logins anyhow.
+</p>
+
+</body>
+</section>
 </chapter>
 </guide>



             reply	other threads:[~2011-04-30 19:43 UTC|newest]

Thread overview: 91+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-04-30 19:43 Sven Vermeulen [this message]
  -- strict thread matches above, loose matches on Subject: below --
2013-01-12 13:18 [gentoo-commits] proj/hardened-docs:master commit in: xml/ Magnus Granberg
2012-08-20 17:17 Sven Vermeulen
2012-07-10 19:45 Michael Palimaka
2012-05-26 19:25 Sven Vermeulen
2012-05-26 18:07 Sven Vermeulen
2012-05-21 19:08 Sven Vermeulen
2012-05-04 20:19 Sven Vermeulen
2012-04-28 19:23 Francisco Blas Izquierdo Riera
2012-04-05 20:45 Sven Vermeulen
2012-04-05 18:51 Sven Vermeulen
2012-04-02 15:50 Francisco Blas Izquierdo Riera
2012-03-28 19:00 Sven Vermeulen
2011-12-27 12:51 Sven Vermeulen
2011-12-26 12:17 Sven Vermeulen
2011-12-10 17:32 Sven Vermeulen
2011-12-10 15:44 Sven Vermeulen
2011-12-10 14:47 Sven Vermeulen
2011-11-22 20:08 Sven Vermeulen
2011-11-22 20:08 Sven Vermeulen
2011-11-22 20:08 Sven Vermeulen
2011-11-17 21:36 Sven Vermeulen
2011-11-17 20:51 Sven Vermeulen
2011-11-17 20:32 Sven Vermeulen
2011-11-17 20:30 Sven Vermeulen
2011-11-12 21:27 Sven Vermeulen
2011-10-28 17:36 José María Alonso
2011-10-25 18:35 Sven Vermeulen
2011-10-13 14:49 Sven Vermeulen
2011-10-08 16:54 Sven Vermeulen
2011-09-04 19:54 Sven Vermeulen
2011-09-04 19:54 Sven Vermeulen
2011-09-04 19:13 Sven Vermeulen
2011-09-03 12:10 Sven Vermeulen
2011-08-24 21:09 Sven Vermeulen
2011-08-22 19:20 Sven Vermeulen
2011-08-12 21:00 Sven Vermeulen
2011-08-10 18:38 Sven Vermeulen
2011-07-21 19:47 Sven Vermeulen
2011-07-16 20:33 Sven Vermeulen
2011-07-15 16:08 Sven Vermeulen
2011-07-13 22:04 Sven Vermeulen
2011-07-13 21:39 Sven Vermeulen
2011-07-11 15:03 José María Alonso
2011-07-10 20:09 Sven Vermeulen
2011-06-13 14:14 Sven Vermeulen
2011-06-13 14:14 Sven Vermeulen
2011-06-11 13:16 Francisco Blas Izquierdo Riera
2011-06-10 18:07 Francisco Blas Izquierdo Riera
2011-06-10 18:03 Francisco Blas Izquierdo Riera
2011-06-10 14:56 José María Alonso
2011-06-09 17:36 Francisco Blas Izquierdo Riera
2011-06-01 21:26 Sven Vermeulen
2011-06-01 19:57 Sven Vermeulen
2011-05-24 20:37 Sven Vermeulen
2011-05-22 21:35 Sven Vermeulen
2011-05-22 21:35 Sven Vermeulen
2011-05-14 12:51 Sven Vermeulen
2011-05-14 12:51 Sven Vermeulen
2011-05-10  2:34 Francisco Blas Izquierdo Riera
2011-05-09 21:45 Francisco Blas Izquierdo Riera
2011-05-04 22:03 Francisco Blas Izquierdo Riera
2011-05-04 22:03 Francisco Blas Izquierdo Riera
2011-05-03 21:06 Sven Vermeulen
2011-05-03 20:23 Sven Vermeulen
2011-05-01 20:21 Sven Vermeulen
2011-04-30  8:59 Sven Vermeulen
2011-04-23 11:32 Sven Vermeulen
2011-04-23  8:18 Sven Vermeulen
2011-04-22 22:35 Sven Vermeulen
2011-04-22 19:17 Sven Vermeulen
2011-04-22 11:14 Sven Vermeulen
2011-04-22 10:49 Sven Vermeulen
2011-04-05 18:46 Matthew Thode
2011-04-05 18:38 Matthew Thode
2011-03-27  1:09 Francisco Blas Izquierdo Riera
2011-03-27  1:00 Francisco Blas Izquierdo Riera
2011-03-27  0:55 Francisco Blas Izquierdo Riera
2011-03-26 23:49 Francisco Blas Izquierdo Riera
2011-03-09 18:14 Sven Vermeulen
2011-02-26  9:33 Sven Vermeulen
2011-02-24 21:25 Sven Vermeulen
2011-02-24 21:24 Sven Vermeulen
2011-02-21 21:54 Sven Vermeulen
2011-02-19  3:29 Francisco Blas Izquierdo Riera
2011-02-19  3:23 Francisco Blas Izquierdo Riera
2011-02-19  0:14 Francisco Blas Izquierdo Riera
2011-02-18 23:17 Francisco Blas Izquierdo Riera
2011-02-18 16:11 Francisco Blas Izquierdo Riera
2011-02-18  7:07 Francisco Blas Izquierdo Riera
2011-02-15  4:40 Francisco Blas Izquierdo Riera

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d4dd801cfdfc6fabff6498fe7eeaaab11a2fad29.SwifT@gentoo \
    --to=sven.vermeulen@siphos.be \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox