selinux file attributes
Daniel J Walsh
dwalsh at redhat.com
Sat Mar 27 18:34:51 UTC 2004
Gene Czarcinski wrote:
>OK, I just did a fresh everything install with today's development snapshot
>and it is looking good. I let things default to enforcing and was able to
>login.
>
>However ... I then added a couple of other userids. Before doing that with
>system-config-users, I edited to /etc/security/selinux/src/users file to
>define one of these as an "admin" user.
>
>Oops, I cannot login because it cannot find the home directory (because it has
>incompatible attributes). OK, so I login as root (role=sysadm_r) and run
>"fixfiles relabel". Then I logout but now gdm cannot come up! OK, go to a
>VT and login as root ... run "make reload" and "make relabel" and then
>reboot.
>
>While s-c-u should handle the application of proper attributes (it needs to be
>selinux aware and supporting), I should not need to keep running relabel.
>
>
Yes, s-c-u needs to be more SELinux aware. Currently user management
needs to be worked on before final release.
>One of the other things I noticed is that after installation the partitions
>lost-found directory did not have any attributes ... after running relabel it
>did. Shouldn't this be handled by the installer? I wonder what happens if
>you format a new partition?
>
>
>Gene
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
More information about the selinux
mailing list