Next: 5.2 Contents of directory
Up: 5 Sample Simplified Policy
Previous: 5 Sample Simplified Policy
Contents
5.1 Default configuration in simplified policy
- Supported services in version 1.3.3
Supported services in sample policy are acpid, auditd, automount,
cannaserver, crond, dbus, dhclient, dovecot, gdm, hald,
httpd, iiimd, klogd, mysql, named, newrole, pcmcia, postfix,
sendmail, smbd, sshd, syslogd, cron ,udev, xfs, xinetd and X
window system.
They run as servicename_t domain.
- RBAC configuration
Three roles sysadm_r, staff_r, user_r are prepared by
default.
- sysadm_r
Can do everything. only user root can use this.
- staff_r
Have limited access rights. Can use su command. can read
/root. only root can use by default.
- user_r
Have limited access rights. Can not use su
command. Default role for every user.
2006-02-27