Issue #3045: Change SELinux user map default - freeipa

freeipa

#3045 Change SELinux user map default

Closed: Fixed None Opened 11 years ago by rcritten.

The default SELinux user map user is currently guest_u. This is too restrictive, esp since the Fedora/RHEL default is unconfined_u.

We need to be consistent and change the default to unconfined_u.

rcritten commented 11 years ago

Simo, Jakub, Dmitri, Dan and I agreed that we should also allow no value to be set for default in which case SSSD will use whatever the local system default is.

rcritten commented 11 years ago

attachment
freeipa-rcrit-1054-2-selinux.patch

mkosek commented 11 years ago

master: 79b90d1[[BR]]
ipa-3-0: 29a5d16

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 3.0 RC1

7 years ago

Metadata

Assignee

rcritten

Tags

None

Blocking

None

Depending on

None

Priority

important

Milestone

FreeIPA 3.0 RC1

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#3045 Change SELinux user map default Closed: Fixed None Opened 11 years ago by rcritten.

Metadata

#3045 Change SELinux user map default

Closed: Fixed None Opened 11 years ago by rcritten.