diff mbox series

[V2,5/7] policy_config_files.md: Update openssh_contexts contents

Message ID 20211208121654.7591-6-richard_c_haines@btinternet.com (mailing list archive)
State Accepted
Delegated to: Paul Moore
Headers show
Series Various SELinux Notebook updates | expand

Commit Message

Richard Haines Dec. 8, 2021, 12:16 p.m. UTC 
Used by openssh for privilege separated processes in the
preauthentication phase.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
---
 src/policy_config_files.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

Comments

Paul Moore Dec. 8, 2021, 8:12 p.m. UTC | #1 
On Wed, Dec 8, 2021 at 7:17 AM Richard Haines
<richard_c_haines@btinternet.com> wrote:
>
> Used by openssh for privilege separated processes in the
> preauthentication phase.
>
> Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
> ---
>  src/policy_config_files.md | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)

Merged, thank you.
diff mbox series

Patch

diff --git a/src/policy_config_files.md b/src/policy_config_files.md
index 4b2c091..0db80b4 100644
--- a/src/policy_config_files.md
+++ b/src/policy_config_files.md
@@ -715,10 +715,26 @@  run_init=run_init_t
 
 ## *contexts/openssh_contexts*
 
-**To be determined**
+Used by *openssh* (***ssh**(1)*) for privilege separated processes in the
+preauthentication phase. This is a Red Hat specific policy configuration file.
 
 **The file format is as follows:**
 
+```
+privsep_preauth=[domain]
+```
+
+**Where:**
+
+*privsep_preauth*
+
+- The keyword *privsep_preauth*
+
+*domain*
+
+- The domain type for the privilege separated processes in the
+  preauthentication phase.
+
 **Example file contents:**
 
 ```