Section 8.7: Lab: Mitigating Risk with SELinux
Question 4 asks the following:
"Map the operator2 user to a confined SELinux user to restrict su access, but make sure that they can use the sudo command."
The solution provided uses SELinux sysadm_u user. This does not sound right to me. Chapter 8.3 of the course has the following bit:
"SELinux allows Linux users mapped to sysadm_u to use su and sudo. "
The correct solution would be to use the SELinux staff_u user. Linux users mapped to staff_u can use sudo but not su.
Red Hat team, can you get this resolved please?
Thanks very much!
Is there any update from the curriculum team on this one?
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.