[redhat-lspp] LSPP kickstart config v0.16 released
Tomas Mraz
tmraz at redhat.com
Sun Jan 14 13:30:14 UTC 2007
On Fri, 2007-01-12 at 14:44 -0500, Linda Knippers wrote:
> Klaus Weidner wrote:
> > Hello,
> >
> > an update to go with snapshot 5, which appears to work with no issues so
> > far (knock on wood) :-) :-) :-)
> >
> > Changes:
> >
> > Remove requirements for packages that are current in snapshot5
> > (pam, selinux-policy)
> >
> > activate MLS sshd on port 2222 via xinetd
>
> With the latest ssh packages from dwalsh's repo, is this still needed?
> If causes an avc when starting xinetd because the port hasn't been registered
> with selinux. If we still need to add a port, is this an ok number to choose?
> Its in /etc/services as being Rockwell CSP2, whatever that is. If we define a
> port, we need an semanage port command to go along with it.
>
> Also related to ssh, I saw in bugzilla 220487 that we should no longer
> have pam_selinux in /etc/pam.d/sshd. Is that right? I hope so because
> it no longer works with those lines in there.
Yes it is right, openssh now sets the context directly.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the redhat-lspp
mailing list