1 |
Hello, |
2 |
|
3 |
I followed the selinux 2006.1 upgrade guide. |
4 |
|
5 |
I would like to change my user 'panard' to staff_u. |
6 |
So I used the command |
7 |
semanage login -a -s staff_u panard |
8 |
|
9 |
and tried to login. |
10 |
But, my user is still in user_u context : |
11 |
panard@aragorn ~ $ id |
12 |
uid=1000(panard) gid=100(users) groupes=10(wheel),16(cron),35(games),81 |
13 |
(apache),100(users),441(scanner) context=user_u:user_r:user_t |
14 |
|
15 |
Any ideas to fix my problem? |
16 |
|
17 |
I've upgraded with gcc-4.1.1 and glibc-2.5 (without hardened as it doesn't |
18 |
work) |
19 |
|
20 |
Some output : |
21 |
aragorn ~ # sestatus -v |
22 |
SELinux status: enabled |
23 |
SELinuxfs mount: /selinux |
24 |
Current mode: permissive |
25 |
Mode from config file: permissive |
26 |
Policy version: 20 |
27 |
Policy from config file: strict |
28 |
|
29 |
Process contexts: |
30 |
Current context: root:staff_r:staff_t |
31 |
Init context: system_u:system_r:init_t |
32 |
/sbin/agetty system_u:system_r:getty_t |
33 |
/usr/sbin/sshd system_u:system_r:sshd_t |
34 |
|
35 |
File contexts: |
36 |
Controlling term: root:object_r:staff_devpts_t |
37 |
/sbin/init system_u:object_r:init_exec_t |
38 |
/sbin/agetty system_u:object_r:getty_exec_t |
39 |
/bin/login system_u:object_r:login_exec_t |
40 |
/sbin/rc system_u:object_r:initrc_exec_t |
41 |
/sbin/runscript.sh system_u:object_r:initrc_exec_t |
42 |
/usr/sbin/sshd system_u:object_r:sshd_exec_t |
43 |
/sbin/unix_chkpwd system_u:object_r:chkpwd_exec_t |
44 |
/etc/passwd system_u:object_r:etc_t |
45 |
/etc/shadow system_u:object_r:shadow_t |
46 |
/bin/sh system_u:object_r:bin_t -> |
47 |
system_u:object_r:shell_exec_t |
48 |
/bin/bash system_u:object_r:shell_exec_t |
49 |
/usr/bin/newrole system_u:object_r:newrole_exec_t |
50 |
/lib/libc.so.6 system_u:object_r:lib_t -> |
51 |
system_u:object_r:shlib_t |
52 |
/lib/ld-linux.so.2 system_u:object_r:lib_t -> |
53 |
system_u:object_r:ld_so_t |
54 |
|
55 |
aragorn ~ # semanage user -l |
56 |
SELinux User SELinux Roles |
57 |
|
58 |
root sysadm_r staff_r |
59 |
staff_u sysadm_r staff_r |
60 |
sysadm_u sysadm_r |
61 |
system_u system_r |
62 |
user_u user_r |
63 |
aragorn ~ # semanage login -l |
64 |
|
65 |
Login Name SELinux User |
66 |
|
67 |
__default__ user_u |
68 |
panard staff_u |
69 |
root root |
70 |
|
71 |
|
72 |
Thanks, |
73 |
|
74 |
Panard |
75 |
-- |
76 |
HomePage: http://dev.inzenet.org/~panard/ |
77 |
Yzis : http://www.yzis.org |
78 |
Qomics : http://dev.inzenet.org/~panard/qomics |
79 |
Smileys : http://smileys.inzenet.org |
80 |
-- |
81 |
gentoo-hardened@g.o mailing list |