From Fedora Project Wiki
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 12: | Line 12: | ||
{| | {| | ||
! user role !! terminal login !! xwindows login !! network !! exec in homedir !! setuid !! notes | ! user role !! terminal login !! xwindows login !! network !! xwindows !! exec in homedir !! setuid !! notes | ||
|- | |- | ||
| '''guest_u''' || yes || no || no || no || no || | | '''guest_u''' || yes || no || no || no || no || no || | ||
|- | |- | ||
| '''xguest_u''' || yes || yes || no* || no || no || * only Firefox | | '''xguest_u''' || yes || yes || no* || yes || no || no || * only Firefox | ||
|- | |- | ||
| '''user_u''' || yes || yes || yes || no || no || | | '''user_u''' || yes || yes || yes || yes || no || no || | ||
|- | |- | ||
| '''staff_u''' || yes || yes || yes || yes || no* || * <code>sudo</code> allowed | | '''staff_u''' || yes || yes || yes || yes || yes || no* || * <code>sudo</code> allowed | ||
|- | |- | ||
| '''kiosk user''' || yes || yes || no || no || no || No password required. Home directory and <code>/tmp</code> get destroyed on logout. | | '''kiosk user''' || yes || yes || no || yes || no || no || No password required. Home directory and <code>/tmp</code> get destroyed on logout. | ||
|- | |- | ||
| '''confined admin''' || yes || yes || yes || yes || yes || Able to manage only a predefined set of services. | | '''confined admin''' || yes || yes || yes || yes || yes || yes || Able to manage only a predefined set of services. | ||
|} | |} | ||
Line 74: | Line 74: | ||
If you usually use another web browser than '''Firefox''', please continue to do so during the test day. Our intent is to test at least one program from each of the following groups: | If you usually use another web browser than '''Firefox''', please continue to do so during the test day. Our intent is to test at least one program from each of the following groups: | ||
* mail clients (<code>mutt</code>, <code>alpine</code> etc.) | |||
* editors (<code>vim</code>, <code>emacs</code>, <code>nano</code> etc.) | |||
* networking tools (<code>ping</code>, <code>traceroute</code> etc.) | |||
* FTP clients | |||
* web browsers | |||
* audio / video players | |||
* samba mounting / tools | |||
* NFS mounting / tools | |||
* Java apps | |||
* office apps | |||
* printing / scanning tools | |||
* photo / camera manipulation | |||
* CD/DVD reading / writing | |||
* IM clients | |||
* flash players | |||
Issues found during the test day will help us to improve SELinux policy in future Fedora releases and derived distributions (e.g. RHEL and CentOS). | Issues found during the test day will help us to improve SELinux policy in future Fedora releases and derived distributions (e.g. RHEL and CentOS). | ||
Line 166: | Line 166: | ||
! G4<ref>need chmod 711 /home/USER and execute setsebool -P httpd_enable_homedirs=1</ref> | ! G4<ref>need chmod 711 /home/USER and execute setsebool -P httpd_enable_homedirs=1</ref> | ||
! G2<ref>I don't understand what does this step means, scp from localhost to localhost?</ref> | ! G2<ref>I don't understand what does this step means, scp from localhost to localhost?</ref> | ||
! <references/> | ! <references/> | ||
|} | |} | ||
Line 244: | Line 202: | ||
! [[User:czhang]] | ! [[User:czhang]] | ||
! G1.G5.G6.G7<ref>Firefox core dumped, but desktop printing is normal</ref>.B1~B5 | ! G1.G5.G6.G7<ref>Firefox core dumped, but desktop printing is normal</ref>.B1~B5 | ||
! G2<ref>Firefox core dumped,can't test. Maybe {{bz|512845}} describes this bug.</ref>.G3<ref>ntfs disks | ! G2<ref>Firefox core dumped,can't test. Maybe {{bz|512845}} describes this bug.</ref>.G3<ref>ntfs disks could be readable/writable, fat32&ext2/3/4 couldn't</ref> | ||
! G4<ref>no device</ref> | ! G4<ref>no device</ref> | ||
! <references/> | ! <references/> | ||
Line 258: | Line 216: | ||
! G.6<ref>can't start the NetworkManager</ref> | ! G.6<ref>can't start the NetworkManager</ref> | ||
! G.4~G.5<ref>no device</ref> | ! G.4~G.5<ref>no device</ref> | ||
! <references/> | ! <references/> | ||
|} | |} | ||
Line 350: | Line 260: | ||
! G1.G2.G3.G4.G8 B1.B2.B4.B5 | ! G1.G2.G3.G4.G8 B1.B2.B4.B5 | ||
! G7<ref>can't start the NetworkManager,with the error"(nm-applet:5910): Gtk-WARNING **: cannot open display: | ! G7<ref>can't start the NetworkManager,with the error"(nm-applet:5910): Gtk-WARNING **: cannot open display: | ||
"</ref> B3 | "</ref> B3 | ||
! G5~G6<ref>no device</ref> | ! G5~G6<ref>no device</ref> | ||
! <references/> | ! <references/> | ||
|} | |} | ||
Line 418: | Line 298: | ||
! Skipped | ! Skipped | ||
! References | ! References | ||
|} | |} | ||
Line 489: | Line 333: | ||
! Skipped | ! Skipped | ||
! References | ! References | ||
|} | |} | ||
Line 530: | Line 356: | ||
! Skipped | ! Skipped | ||
! References | ! References | ||
|} | |} | ||
Line 576: | Line 394: | ||
! Skipped | ! Skipped | ||
! References | ! References | ||
|} | |} | ||
Line 590: | Line 402: | ||
# http://selinux-mac.blogspot.com/2009/06/selinux-lockdown-part-one-confined.html | # http://selinux-mac.blogspot.com/2009/06/selinux-lockdown-part-one-confined.html | ||
[[Category:Test Days]] | |||
[[Category: |