First page Back Continue Last page Overview Graphics
Type Enforcement: Rules
Let sshd bind a TCP socket to the SSH port.
- allow sshd_t ssh_port_t:tcp_socket name_bind;
Let sshd read the host private key file.
- allow sshd_t sshd_key_t:file read;
Let sshd create its PID file.
- allow sshd_t var_run_t:dir { search add_name };
- allow sshd_t sshd_var_run_t:file { create write };
- type_transition sshd_t var_run_t:file sshd_var_run_t;
Notes: