[DSE-Dev] Bug#848232: semanage login: no awareness of exising entries

cgzones Thu, 15 Dec 2016 05:16:04 -0800

Package: policycoreutils-python-utils
Version: 2.6-2

When working on SELinux login settings, it seems that semanage is not
aware of already existing entries.
Example usage:


root@desktopdebian:/home/christian# semanage login -a -s unconfined_u christian
libsemanage.add_user: user system_u not in password file
root@desktopdebian:/home/christian# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
christian            unconfined_u         s0                   *
root                 root                 s0-s0:c0.c1023       *
system_u             system_u             s0-s0:c0.c1023       *
root@desktopdebian:/home/christian# semanage login -m -s user_u
christian
ValueError: Login mapping for christian is not defined
                                           # error
root@desktopdebian:/home/christian# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
christian            unconfined_u         s0                   *
                                                         # not updated
root                 root                 s0-s0:c0.c1023       *
system_u             system_u             s0-s0:c0.c1023       *
root@desktopdebian:/home/christian# semanage login -a -s user_u christian
libsemanage.add_user: user system_u not in password file
                                   # no error! although user existed
root@desktopdebian:/home/christian# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
christian            user_u               s0                   *
                                                              #
updated!
root                 root                 s0-s0:c0.c1023       *
system_u             system_u             s0-s0:c0.c1023       *
root@desktopdebian:/home/christian# semanage login -d -s user_u christian
ValueError: Login mapping for christian is not defined
                                           # error
root@desktopdebian:/home/christian# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          user_u               s0-s0                *
christian            user_u               s0                   *
                                                             # not
deleted
root                 root                 s0-s0:c0.c1023       *
system_u             system_u             s0-s0:c0.c1023       *


Kindly regards,
    Christian Göttsche

_______________________________________________
SELinux-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel

[DSE-Dev] Bug#848232: semanage login: no awareness of exising entries

Reply via email to