14 Oct
2004
14 Oct
'04
11:02 a.m.
On Thu, 14 Oct 2004, Stephen Smalley wrote:
On Thu, 2004-10-14 at 11:13, James Morris wrote:
On Thu, 14 Oct 2004, Colin Walters wrote:
It's been that way as long as I can remember; you also need to do: full_user_role(jmorris)
Thanks, that worked, but I can't recall doing it before.
That only makes sense if you are going to do: user jmorris roles jmorris_r; role jmorris_r types jmorris_t;
Otherwise, full_user_role(jmorris) is just going to define some types and rules that aren't ever going to be useable.
But why do you want a per-user role/domain?
I don't know, I just wanted to restore what I thought was normal behavior.
So even in strict policy now, all normal users are user_u:user_r:user_t ?
- James
--
James Morris
jmorris@redhat.com