On Thursday, February 20, 2014 1:38 PM, Daniel J Walsh <dwalsh(a)redhat.com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/19/2014 11:56 AM, Andy Ruch wrote:
> Hello,
>
> I have a policy that was originally written for RHEL 6.2. I’m now trying
> to upgrade to RHEL 6.5 and I’m having problems with semanage. I can install
> a fresh RHEL 6.5 system with the targeted policy and everything works fine.
> I then uninstall the targeted policy and install my policy and I can’t link
> the linux user and selinux user.
>
>>> semanage user –a -R sysadm_r -R staff_r -r s0-s0:c0.c1023 testuser_u
>>> useradd -G wheel testuser semanage login -a -r s0-s0:c0.c1023 -s
>>> testuser_u testuser
> libsemanage.dbase_llist_query: could not query record value
> /usr/sbin/semanage: Could not query user for testuser
>
>
> I have the RHEL 6.5 source code for libsemanage and the targeted policy but
> so far I haven't been able to find differences that would affect this
> problem. Could someone please point me in the right direction as far as
> what semanage is expecting? What would prevent libsemanage from querying
> for the user?
>
> Thanks, Andy
>
>
> -- selinux mailing list selinux(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
>
What does semanage login -l and semanage user -l show?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlMGZ6gACgkQrlYvE4MpobPPDACfZf1lDin/LicVoZbykbsMS2rX
OuoAoIIa11SrGGVgJiFblx4aCFjPWF9o
=iiCj
-----END PGP SIGNATURE-----
semanage user -l shows:
Labeling MLS/ MLS/
SELinux User Prefix MCS Level MCS Range SELinux Roles
root user s0 s0-s0:c0.c1023 system_r
system_u user s0 s0-s0:c0.c1023 system_r
testuser_u user s0 s0-s0:c0.c1023 staff_r sysadm_r
user_u user s0 s0 user_r
semanage login -l shows:
Login Name SELinux User MLS/MCS Range
root root s0-s0:c0.c1023
system_u system_u s0-s0:c0.c1023