Added some documentation explaining how to configure ShellInABox on Fedora.

git-svn-id: https://shellinabox.googlecode.com/svn/trunk@188 0da03de8-d603-11dd-86c2-0f8696b7b6f9
This commit is contained in:
zodiac@gmail.com 2009-11-23 04:53:38 +00:00
parent e17458375d
commit c64e8aeb97
10 changed files with 54 additions and 8 deletions

View file

@ -20,7 +20,9 @@ dist_doc_DATA = AUTHORS \
shellinabox/black-on-white.css \
shellinabox/monochrome.css \
shellinabox/color.css
EXTRA_DIST = demo/beep.wav \
EXTRA_DIST = INSTALL.Debian \
README.Fedora \
demo/beep.wav \
demo/favicon.ico \
demo/demo.html \
demo/demo.js \
@ -34,6 +36,7 @@ EXTRA_DIST = demo/beep.wav \
demo/usercss-1.css \
demo/usercss-2.css \
demo/usercss-3.css \
etc-pam.d-shellinabox-example \
shellinabox/shellinaboxd.man.in \
shellinabox/shell_in_a_box.js \
shellinabox/vt100.js \

View file

@ -279,7 +279,9 @@ dist_doc_DATA = AUTHORS \
shellinabox/monochrome.css \
shellinabox/color.css
EXTRA_DIST = demo/beep.wav \
EXTRA_DIST = INSTALL.Debian \
README.Fedora \
demo/beep.wav \
demo/favicon.ico \
demo/demo.html \
demo/demo.js \
@ -293,6 +295,7 @@ EXTRA_DIST = demo/beep.wav \
demo/usercss-1.css \
demo/usercss-2.css \
demo/usercss-3.css \
etc-pam.d-shellinabox-example \
shellinabox/shellinaboxd.man.in \
shellinabox/shell_in_a_box.js \
shellinabox/vt100.js \

27
README.Fedora Normal file
View file

@ -0,0 +1,27 @@
When running in SELinux mode on Fedora, some operations don't work out of the
box.
Until somebody contributes a complete SELinux policy for ShellInABox, here are
some tips on getting things working:
- avoid using the default "LOGIN" service. Calling /bin/login does not do
the right thing.
The "LOGIN" service is the default service when running "shellinaboxd" as
"root". This means, you will most likely see all logins failing, whenever
you start the daemon as "root".
To fix this problem, consider explicitly specifying a service definition.
One of these two should work:
--service /:AUTH:HOME:/bin/bash
or
--service /:SSH
The latter requires that you have a locally running "sshd" daemon.
- On Fedora, PAM authentication does not work for shellinabox until you
explicitly configure it. This means, using "AUTH" in the service definition
will not allow you to log in.
You can fix this by defining a proper "/etc/pam.d/shellinabox" file. Take a
look at "etc-pam.d-shellinabox-example" for a working example.
Make sure you assign the correct SELinux labels to this file when copying
it into "/etc/pam.d":
cp -Z system_u:object_r:etc_t:s0 etc-pam.d-shellinabox-example /etc/pam.d/

View file

@ -138,7 +138,7 @@
#define STDC_HEADERS 1
/* Most recent revision number in the version control system */
#define VCS_REVISION "187"
#define VCS_REVISION "188"
/* Version number of package */
#define VERSION "2.10"

2
configure vendored
View file

@ -2319,7 +2319,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
ac_compiler_gnu=$ac_cv_c_compiler_gnu
VCS_REVISION=187
VCS_REVISION=188
cat >>confdefs.h <<_ACEOF

View file

@ -2,7 +2,7 @@ AC_PREREQ(2.57)
dnl This is the one location where the authoritative version number is stored
AC_INIT(shellinabox, 2.10, markus@shellinabox.com)
VCS_REVISION=187
VCS_REVISION=188
AC_SUBST(VCS_REVISION)
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
[Most recent revision number in the version control system])

View file

@ -1901,7 +1901,7 @@ VT100.prototype.toggleBell = function() {
};
VT100.prototype.about = function() {
alert("VT100 Terminal Emulator " + "2.10 (revision 187)" +
alert("VT100 Terminal Emulator " + "2.10 (revision 188)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com");
};

View file

@ -0,0 +1,13 @@
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth

View file

@ -358,7 +358,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
};
ShellInABox.prototype.about = function() {
alert("Shell In A Box version " + "2.10 (revision 187)" +
alert("Shell In A Box version " + "2.10 (revision 188)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com" +
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?

View file

@ -1901,7 +1901,7 @@ VT100.prototype.toggleBell = function() {
};
VT100.prototype.about = function() {
alert("VT100 Terminal Emulator " + "2.10 (revision 187)" +
alert("VT100 Terminal Emulator " + "2.10 (revision 188)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com");
};