Fixed
Created: Apr 15, 2015
Updated: Sep 8, 2018
Resolved Date: Jun 12, 2015
Found In Version: unknown
Fix Version: 7.0.0.7
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Documentation
http://internal.wrs.com/engineering/engops/techpubs/docDrafts/WRLinux_&_Profiles/Linux_7.0_&_Profiles/SCP_7.0/wind_river_linux_security_profile_users_guide_70/wind_river_linux_security_profile_users_guide_70.pdf
List 11 issues for this doc.
1 wrong folder list and path :
page11-> "Development Environment " -> installDir/wrlinux-addons/wr-secure .
2 typographical error : I think "NOTE" should be moved to outside of table1
page12 - > "NOTE: Use thesetemplate names "
3 Some folders are not existing :
page 20 -> The following layers are provided by the Wind River Linux Security Profile installation:
wr-common/wr-security
wr-secure/secure
wr-secure/wr-security-packages
meta-security *********not existing
wr-secure/secure-meta-downloads *********not existing
4 typographical error or lose some information after "for". For what ???
page37 -> Package Management : You can use rpm and package for managing binary and source packages. For
5 ".bash_logout" and ".bash_profile" are not existing in new user folder and "/etc/skel/",
page 40 ->
The environment configuration options for a new user account, contained
in .bash_logout, .bash_profile, .bashrc, and .profile, are copied or linked from the files in /etc/
skel/. Users are allowed to modify bash configuration files, including the .bash_history file.
6 "admin_r" should be changed to "admin_u".
page 41--> Map the specified user to the SE Linux admin_u username, while in the secadm_r role:
secadm_r...# semanage login -a -s admin_r -r s0-s15:c0.c255 USERNAME
7 redundant test steps for "mkdir -p unused", this step have done by "Unconfine a confined application"
page 62--> Confine a program :
1. Move the domain's policy file to the SEEdit policy folder. :
# mkdir -p unused
# mv unused/ftpd_t.sp .
8 typographical error for "password11", should change "to password1".
page 68->Step 1 Set Grsecurity user roles and passwords :
This example sets the password to password11 for the empty-named role, and password2 for the role named otherrole.
9 "grsec_pax_exception.inc" path is "addons/wr-secure/layers/wr-security-packages/conf/grsec_pax_exception.inc" .
page 73 -> About PaX :
The build-time file installDir/layers/wr-secure/wr-security-packages/conf/grsec_pax_exception.inc
controls several features of PaX.
10 what is the "package" meaning ?
page 81 --> These features include the following: "duplicity,package,rpm"
11 wrong file path: should be XXXX/windriver-ltp/files/README.
page 87--> LTP Test Failures --> INSTALL_DIR/wrlinux-x/layers/wr-base/recipesextended/windriver-ltp/ltp/README.
1 download http://internal.wrs.com/engineering/engops/techpubs/docDrafts/WRLinux_&_Profiles/Linux_7.0_&_Profiles/SCP_7.0/wind_river_linux_security_profile_users_guide_70/wind_river_linux_security_profile_users_guide_70.pdf
2 Doc review.
