Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Talking Switch SeLinux contex on su


    I have configured some selinux contexts for users in a VM:

    # semanage login -l

    Login Name SELinux User MLS/MCS Range

    __default__ unconfined_u s0-s0:c0.c1023
    noadm user_u s0
    noadmin staff_u s0-s0:c0.c1023
    root unconfined_u s0-s0:c0.c1023
    system_u system_u s0-s0:c0.c1023

    When I login with one of this users, the context is updated in accordance with the policy. However, if I switch user (su) to noadm for example from root account, the context remains unconfined_u. I believe that I should edit something in the pam configs and I tried adding "session required open" to the end of su related pam file, but it is not working well. Any ideas?


  2. #2
    Linux Engineer
    Join Date
    Apr 2012
    Virginia, USA
    This FAQ implies that the new contexts should be applied:
    SELinux FAQ

    Have you tried su from an account other than root?

    Perhaps check or file a bug report.

  3. #3
    Thanks. I'll try it again tomorrow. Good FAQ anyway.

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts