Selinux and Compiz: A SELinux rant
Jerry Amundson
jamundso at gmail.com
Tue Oct 28 13:26:41 UTC 2008
On Tue, Oct 28, 2008 at 7:56 AM, Daniel J Walsh <dwalsh at redhat.com> wrote:
> SELinux has a bug in the selinux-policy-targeted package that fails to
> setup the user database correct if the package is initially installed on
> a disabled system. If you later turn SELinux on, your database is
> screwed up so you were not able to login. The post install executes
> these commands
> semanage -S targeted -i - << __eof
> user -a -P user -R "unconfined_r system_r" -r s0-s0:c0.c1023 unconfined_u
> user -a -P user -R guest_r guest_u
> user -a -P user -R xguest_r xguest_u
> __eof
> semanage -S targeted -i - << __eof
> login -m -s unconfined_u -r s0-s0:c0.c1023 __default__
> login -m -s unconfined_u -r s0-s0:c0.c1023 root
> __eof
>
> Which basically setup the default user and root account to login as
> unconfined_t. Since SELinux was disabled these commands failed.
OK, thanks.
I'll try it when I have a chance to get back on that system.
jerry
--
There's plenty of youth in America - it's time we find the "fountain of smart".
More information about the test
mailing list