MCS
Gene Czarcinski
gene at czarc.net
Mon Oct 31 16:34:00 UTC 2005
On Monday 31 October 2005 09:38, Daniel J Walsh wrote:
> Gene Czarcinski wrote:
> > OK, I am starting to work with MCS.
> >
> > First I added some categories to setrans.conf:
> > s0:c1=moonbeam
> > s0:c2=test2
> > s0:c3=test3
> >
> >
> > Then I added a user to seusers:
> > gc:user_r:s0:c0.c15
> >
> > Then I logged into that user.
> >
> > All new (written to?) files get created with s0:c0.c15 like:
> > -rw-r--r-- gc gc user_u:object_r:user_home_t:s0:c0.c15
> > bookmarks1.html
> >
>
> You want to specify
> gc:user_u:s0-s0:c0.c15
>
> This sets up user gc to be an SELinux user user_u with a range of
> Categories from s0-s0:c0.c15. By default he will login with level s0
> and all files will be created as s0. If you want to create a file under
> a different category you can use chcon or chcat to create it.
Thanks. Now I understand what is happening. I should have seen this from the
definition for root.
Gene
More information about the selinux
mailing list