Polyinstantiation that allows group access

Forrest Taylor ftaylor at redhat.com
Tue Feb 26 22:23:41 UTC 2008


Is there any way to allow polyinstantiation to give the same view to a
number of users?  For example, I want to give users in the adm group
access to the same shared /tmp (really /tmp-adm) directory, users in the
wheel group access to a different shared /tmp (really /tmp-wheel), and
all other users access to their own individual /tmp.  Is this possible?

Of course, the more I think about this, the more I see reasons not to do
it such as conflicts--what if a user were in the adm and wheel groups?
For a single group, I can see excluding them from the polyinstantiated
directory entirely, but with several groups I cannot think of a way to
safely do this.  Thoughts?

Thanks,

Forrest
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20080226/30bdcb85/attachment.sig>


More information about the fedora-selinux-list mailing list