I have just upgraded to a ubac policy now /root is labelled as default_t.
It used to be unconfined_home_dir_t. I don't know whether this is a policy
issue or because I have too old libsemanage (2.0.25) or because I have silly
user mappings.
Here are my user mappings (I think these are just the defaults):
martin at caligula:~/selinux/refpolicy/quilt$ sudo semanage user -l
Labeling MLS/ MLS/
SELinux User Prefix MCS Level MCS Range SELinux Roles
root sysadm s0 s0-s0:c0.c1023 staff_r sysadm_r system_r
staff_u staff s0 s0-s0:c0.c1023 staff_r sysadm_r
sysadm_u sysadm s0 s0-s0:c0.c1023 sysadm_r
system_u user s0 s0-s0:c0.c1023 system_r
unconfined_u unconfined s0 s0-s0:c0.c1023 system_r unconfined_r
user_u user s0 s0 user_r
martin at caligula:~/selinux/refpolicy/quilt$ sudo semanage login -l
Login Name SELinux User MLS/MCS Range
__default__ unconfined_u s0-s0:c0.c1023
root unconfined_u s0-s0:c0.c1023
system_u system_u s0-s0:c0.c1023
--
Martin Orr
On Tue, 2008-11-11 at 18:18 +0000, Martin Orr wrote:
> I have just upgraded to a ubac policy now /root is labelled as default_t.
> It used to be unconfined_home_dir_t. I don't know whether this is a policy
> issue or because I have too old libsemanage (2.0.25) or because I have silly
> user mappings.
Please retry with libsemanage 2.0.29. You'll have to run semodule -B
after you get that installed.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 12/11/08 13:10, Christopher J. PeBenito wrote:
> On Tue, 2008-11-11 at 18:18 +0000, Martin Orr wrote:
>> I have just upgraded to a ubac policy now /root is labelled as default_t.
>> It used to be unconfined_home_dir_t. I don't know whether this is a policy
>> issue or because I have too old libsemanage (2.0.25) or because I have silly
>> user mappings.
>
> Please retry with libsemanage 2.0.29. You'll have to run semodule -B
> after you get that installed.
Thanks. That fixed it.
--
Martin Orr