Invalid security context messages
Dominick Grift
dominick.grift at gmail.com
Fri Jan 18 18:48:09 UTC 2013
On Fri, 2013-01-18 at 17:31 +0000, Anamitra Dutta Majumdar (anmajumd)
wrote:
> It is
>
> sysadm_u user s0 s0-s0:c0.c1023
> sysadm_r
>
>
Add the system_r role to it, that might help
semanage user -m -L s0 -r s0-s0:c0.c1023 -R "sysadm_r system_r" -P user
sysadm_u
>
> Thanks,
> Anamitra
>
> On 1/18/13 9:11 AM, "Dominick Grift" <dominick.grift at gmail.com> wrote:
>
> >On Fri, 2013-01-18 at 16:34 +0000, Anamitra Dutta Majumdar (anmajumd)
> >wrote:
> >> We have removed the unconfined domain from our system based on RHEL6.
> >> After that when we run audit2allow we see the following messages
> >>
> >> [root at vos-cm148 ~]# audit2allow -a
> >> libsepol.context_from_record: invalid security context:
> >>"sysadm_u:system_r:useradd_t:s0-s0:c0.c1023"
> >> libsepol.context_from_record: could not create context structure
> >> libsepol.context_from_string: could not create context structure
> >> libsepol.sepol_context_to_sid: could not convert
> >>sysadm_u:system_r:useradd_t:s0-s0:c0.c1023 to sid
> >>
> >> Are these harmful? What do they mean and how can we get rid of them.
> >>
> >
> >What is the output of: semanage user -l | grep sysadm_u?
> >
> >
> >
> >
>
More information about the selinux
mailing list