Addition of selinux users causes "Multiple same specifications" warnings during startup
Radha Venkatesh (radvenka)
radvenka at cisco.com
Fri Oct 15 19:11:48 UTC 2010
Yes, for security reasons, /dev/null is being used as the homedir for
users in our product.
Thanks,
Radha.
-----Original Message-----
From: Daniel J Walsh [mailto:dwalsh at redhat.com]
Sent: Friday, October 15, 2010 12:02 PM
To: Radha Venkatesh (radvenka)
Cc: fedora-selinux-list at redhat.com
Subject: Re: Addition of selinux users causes "Multiple same
specifications" warnings during startup
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/15/2010 02:33 PM, Radha Venkatesh (radvenka) wrote:
> I have created SeLinux users using "semanage user" and tied the
> SeLinux users to Linux users using "semanage login". I find that on
> startup, there are several warnings thrown for "Multiple same
specifications".
> Below is an example
>
> /etc/selinux/strict/contexts/files/file_contexts: Multiple same
> specifications for /dev/null/\.screenrc
>
> I then checked and found that file_contexts has
>
> file_contexts.homedirs:/dev/null/\.screenrc --
> ccmusergrp_u:object_r:user_screen_ro_home_t:s0
> file_contexts.homedirs:/dev/null/\.screenrc --
> ccmusergrp_u:object_r:user_screen_ro_home_t:s0
> file_contexts.homedirs:/dev/null/\.screenrc --
> specialuser_u:object_r:user_screen_ro_home_t:s0
> file_contexts.homedirs:/dev/null/\.screenrc --
> ccmusergrp_u:object_r:user_screen_ro_home_t:s0
> file_contexts.homedirs:/dev/null/\.screenrc --
> ccmusergrp_u:object_r:user_screen_ro_home_t:s0
> file_contexts.homedirs:/dev/null/\.screenrc --
> specialuser_u:object_r:user_screen_ro_home_t:s0
>
> Looks like there is an entry for every Linux user I tied to the
> SeLinux user.
>
> I am using
>
> libselinux-1.33.4-5.5.el5
> libsemanage-1.9.1-4.4.el5
> policycoreutils-1.33.12-14.8.el5
> libsepol-1.15.2-3.el5
>
> and do not have an option to move to later releases.
>
> Is there a way for me to get rid of these warnings or suppress them,
> without changing the source code provided by RedHat?
>
> Thanks,
> Radha.
>
>
>
>
>
>
>
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
This looks like /dev/null is defined as a homedir?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAky4pQ8ACgkQrlYvE4MpobNAaQCgj1YodMZ/YN6yd8Kk8Ff5rc/T
WPEAoOZLk3LQS47HQLtyEeQ/mXsli6v1
=Yr37
-----END PGP SIGNATURE-----
More information about the selinux
mailing list