Fedora UBAC feature
Roberto Sassu
roberto.sassu at polito.it
Wed Sep 15 09:23:21 UTC 2010
On Wednesday 15 September 2010 10:50:44 Roberto Sassu wrote:
> Hi all
>
> i want to use UBAC feature in order to isolate an user from each other.
> I created two users user1_u and user2_u mapped respectively to user1 and user2, and
> i assigned them the role user_r.
> Then i created two directories 'a' and 'b' labeled respectively user1_u:object_r:user_home_t:s0
> and user2_u:object_r:user_home_t:s0. What i'm expecting is that user1 can access 'a' and not 'b',
> viceversa for user2, but user1 is allowed to access both directories.
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo at tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>
Oh, sorry. I have not seen the UBAC variable is overwritten in the Fedora rpm spec file.
More information about the selinux
mailing list