When I login with a user mapped to System_u SELinux user there is no such error messages, But when I login with a user mapped to sysadm_u SELinux user there is a such error message ( some desktop icons are not loaded correctly) As you know you could mapped any linux user with a SELinux user in the following text file /etc/selinux/mls/seusers.
As you know the system_u SELinux user has less than sysadm_u SELinux user in viewpoint of privileges. So could you tell me that How I could overcome to this problem?
On 03/17/2009 01:00 PM, zoroufi wrote:
When I login with a user mapped to System_u SELinux user there is no such error messages, But when I login with a user mapped to sysadm_u SELinux user there is a such error message ( some desktop icons are not loaded correctly) As you know you could mapped any linux user with a SELinux user in the following text file /etc/selinux/mls/seusers.
As you know the system_u SELinux user has less than sysadm_u SELinux user in viewpoint of privileges. So could you tell me that How I could overcome to this problem?
First What OS? Version?
system_u is not supposed to be a login user, you are supposed to use something like staff_u or user_u, guest_u, xguest_u or unconfined_u.
sysadm_u is not necessarily more or less powerfull then the other user types. I don't like to talk about greater or less privs when using SELinux because the reality is the domains are just different. In some circumstances it might be able to do more and other less. For example, I can setup the login programs to be not allowed to login as sysadm_u.
selinux@lists.fedoraproject.org