Joy Latten wrote:
Can you try the same thing from an account that is associated with
staff_u?
Actually, the first time she tried it, it was staff_u and not ealuser_u.
I suggested perhaps the error occured because ealuser was not properly
mapped to an selinux user. So we ran:
semanage user -a -L SystemLow-SystemHigh -r SystemLow-SystemHigh -R
"staff_r sysadm_r secadm_r auditadm_r" -P staff ealuser_u
semanage login -m -s ealuser_u -r SystemLow-SystemHigh ealuser
But before, her config was like Kylie's and she got the same error.
She said she never ran the above semanage commands before and it used
to work fine.
It works on a machine with:
selinux-policy-2.4.6-38.el5
selinux-policy-devel-2.4.6-38.el5
selinux-policy-targeted-2.4.6-38.el5
selinux-policy-mls-2.4.6-38.el5
openssh-clients-4.3p2-17.el5
openssh-4.3p2-17.el5
openssh-server-4.3p2-17.el5
kernel-2.6.18-8.1.1.el5.lspp.68
kernel-devel-2.6.18-8.1.1.el5.lspp.68
Just to clarify, what joy mentioned above is correct. At first I was
staff_u:sysadm_r:sysadm_t and I still saw the same behavior. Joy suggested I set
up ealuser mappings (which is a step I never did before).
- loulwa
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
