http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_ssh.patch
Handle ssh-copy-id
ssh_home_t should not be per domain.
ssh needs to ask kernel to load modules
Handle tunnels
Allow sshd_t to transition to sftpd_t
On Tue, 2010-02-23 at 17:14 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_ssh.patch
>
> Handle ssh-copy-id
>
> ssh_home_t should not be per domain.
The template you're changing is not used for user home dirs.
ssh_role_template() does not call ssh_basic_client_template().
ssh_basic_client_template() is only called from nx and xen, where it
makes sense to have separate ssh keys.
> ssh needs to ask kernel to load modules
>
> Handle tunnels
>
> Allow sshd_t to transition to sftpd_t
>
>
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150