On Fri, 2013-01-18 at 17:31 +0000, Anamitra Dutta Majumdar (anmajumd)
sysadm_u user s0 s0-s0:c0.c1023
Add the system_r role to it, that might help
semanage user -m -L s0 -r s0-s0:c0.c1023 -R "sysadm_r system_r" -P user
On 1/18/13 9:11 AM, "Dominick Grift" <dominick.grift(a)gmail.com> wrote:
>On Fri, 2013-01-18 at 16:34 +0000, Anamitra Dutta Majumdar (anmajumd)
>> We have removed the unconfined domain from our system based on RHEL6.
>> After that when we run audit2allow we see the following messages
>> [root@vos-cm148 ~]# audit2allow -a
>> libsepol.context_from_record: invalid security context:
>> libsepol.context_from_record: could not create context structure
>> libsepol.context_from_string: could not create context structure
>> libsepol.sepol_context_to_sid: could not convert
>>sysadm_u:system_r:useradd_t:s0-s0:c0.c1023 to sid
>> Are these harmful? What do they mean and how can we get rid of them.
>What is the output of: semanage user -l | grep sysadm_u?