The uxauth_selinux.sh script deploys a SELinux policy that enables UNAB to work in SElinux environment. The script enables support for the following utilities: ssh, rlogin, ftp, sftp, and passwd.
You can install the SELinux UNAB policy using the extensive or the general installations. Extensive installation adds permissions for the SELinux security context type usr_t. General installation does not add permissions for the user_t type and hence general installation UNAB cannot support offline users login and user login reports.
The uxauth_selinux.sh script is located in the UNAB lbin directory, by default: /opt/CA/uxauthd/lbin. The uxauth installation package can be customized to run the script during UNAB installation where SELinux policy is installed in general mode. You can also run the script after installation from the default location.
Note: Installing an extensive policy automatically uninstalls previously installed general policy.
This command has the following format:
uxauth_selinux.sh {-i [-e]| -r | -h}
Installs the policy in the SElinux environment
Specifies to invoke the extensive installation option that adds permissions for the usr_t type
Removes the policy from the SElinux environment
Displays the help
Copyright © 2013 CA Technologies.
All rights reserved.
|
|