Yuan Yijun (bbbush) wrote,
Yuan Yijun
bbbush

  • Music:

polyinstantiation

http://www.ibm.com/developerworks/linux/library/l-polyinstantiation/
Edit namespace.conf

The first file you'll edit is /etc/security/namespace.conf, which controls the pam_namespace module. In this file, list the directories that you want PAM to polyinstantiate on login. Some example directories are listed in the file included with PAM and are commented out. Type man namespace.conf to view a comprehensive manual page. The syntax for each line in this file is polydir instance_prefix method list_of_uids.

Briefly, here is what these variables represent:

  • polydir is the absolute pathname of the directory to polyinstantiate.
  • instance_prefix is the base directory of the new polyinstantiated user directory.
  • method can be user, level, or context.
  • list_of_uids is a list of user names for which PAM will NOT polyinstantiate their directories.
(around 2006~2007)
http://www.coker.com.au/selinux/talks/sage-2006/PolyInstantiatedDirectories.html
https://fedoraproject.org/wiki/Infrastructure/FedoraPeopleConfig#polyinstantiated_tempdirs
https://skvidal.wordpress.com/2007/07/13/poly-instantiated-tmpdirs/
http://kurt.seifried.org/2012/03/14/creating-temporary-files-securely/
Tags: fedora, 转载
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments