selinux and /etc/passwd
Stephen Smalley
sds at epoch.ncsc.mil
Tue Nov 9 15:43:08 UTC 2004
On Tue, 2004-11-09 at 00:23, Sergiu Giurgiu wrote:
> hi,
> I've just installed FC3 tonight (clean install) and ... I've came across
> a small problem.
> Users cannot be created. I hev created a user at the first-boot wizard,
> I have tried to use the graphical tool, and ... at the console I tried
> to use useradd. The wizard didn't say anything (like everything was ok),
> the user/group manager graphical tool remain blocked when I pressed OK
> to add a new user, but useradd said that it cannot alter /etc/passwd (I
> don't recall the exact message). As a result, I couldn't add a new user.
> To start eventually working, I have disabled selinux and rebooted.
> everthing works fine now.
> Given that I'm not quite knowledgeable about selinux (why is it there
> and what is it doing), and this machine functions as a
> workstation/desktop machine, I can say that I'm ok with this solution.
> However I would like to know what was happening. Is it a bug (didn't
> found reports about this)? It's a feature? Can it be fixed? If so, how?
> The filesystem installed is reiserfs (does it matter?).
> Thank you.
What does 'audit2allow -v -i /var/log/messages' show? reiserfs doesn't
yet support individual file labeling for SELinux, so all files in it are
mapped to a single security type, but I would have expected you to be
able to access it under the targeted policy just fine.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the users
mailing list