[DSE-Dev] Bug#848232: semanage login: no awareness of exising entries
cgzones
cgzones at googlemail.com
Thu Dec 15 13:13:23 UTC 2016
Package: policycoreutils-python-utils
Version: 2.6-2
When working on SELinux login settings, it seems that semanage is not
aware of already existing entries.
Example usage:
root at desktopdebian:/home/christian# semanage login -a -s unconfined_u christian
libsemanage.add_user: user system_u not in password file
root at desktopdebian:/home/christian# semanage login -l
Login Name SELinux User MLS/MCS Range Service
__default__ user_u s0-s0 *
christian unconfined_u s0 *
root root s0-s0:c0.c1023 *
system_u system_u s0-s0:c0.c1023 *
root at desktopdebian:/home/christian# semanage login -m -s user_u
christian
ValueError: Login mapping for christian is not defined
# error
root at desktopdebian:/home/christian# semanage login -l
Login Name SELinux User MLS/MCS Range Service
__default__ user_u s0-s0 *
christian unconfined_u s0 *
# not updated
root root s0-s0:c0.c1023 *
system_u system_u s0-s0:c0.c1023 *
root at desktopdebian:/home/christian# semanage login -a -s user_u christian
libsemanage.add_user: user system_u not in password file
# no error! although user existed
root at desktopdebian:/home/christian# semanage login -l
Login Name SELinux User MLS/MCS Range Service
__default__ user_u s0-s0 *
christian user_u s0 *
#
updated!
root root s0-s0:c0.c1023 *
system_u system_u s0-s0:c0.c1023 *
root at desktopdebian:/home/christian# semanage login -d -s user_u christian
ValueError: Login mapping for christian is not defined
# error
root at desktopdebian:/home/christian# semanage login -l
Login Name SELinux User MLS/MCS Range Service
__default__ user_u s0-s0 *
christian user_u s0 *
# not
deleted
root root s0-s0:c0.c1023 *
system_u system_u s0-s0:c0.c1023 *
Kindly regards,
Christian Göttsche
More information about the SELinux-devel
mailing list