Commit 44881844 authored by Simon Ruderich's avatar Simon Ruderich
Browse files

slsm: Documentation: add example how to backup protected files

parent dda9b53f
......@@ -73,6 +73,13 @@ user name):
printf 'p=/home/user/.ssh/private\0m=0\0\0p=/home/user/.ssh/private\0m=4\0f=4\0\0p=/home/user/.ssh/private\0m=4\0a=/usr/bin/ssh-add\0\0p=/usr/bin/ssh-add\0m=7\0f=8\0\0' >/sys/kernel/security/slsm/profiles
The setup as given above is problematic when running automatic backups which
are no longer able to backup the protected keys. One possible solution is to
copy e.g. the rsync binary to a safe place (e.g. `/root`) and allow access
only from there:
p=/home/user/.ssh/private\0a=/root/bin/rsync\0m=4\0\0
## Restricting a media player ##
Our media player `/usr/bin/mpv` should be able to play files from `~/media`,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment