Hi Ravi, Thanks for your reply but SSH and Sysadm_login is already enabled.
Actually I need to change the root context from*System_u:system_r:unconfined_t to sysadm_u:sysadm_r or **unconfined_u:**unconfined_r**.* *I found one command (**runcon unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 /bin/bash**) but that command will not work after reboot . Is there any parmanent solution for this.* On Fri, Nov 24, 2017 at 12:22 PM, Ravi Kumar <[email protected]> wrote: > Based on the config each type of login ( ssh ,shell ) will have it own > role . if this is just for testing you can try setting the bool value if > you are logging via ssh. > > setsebool -P ssh_sysadm_login 1 > > > > Regards, > Ravi > > On Fri, Nov 24, 2017 at 10:47 AM, Aman Sharma <[email protected]> > wrote: > >> >> >> Hi All, >> >> Currently Working on Cent OS 7.3 and login as a root User and my Id >> command output is : >> >> *id* >> *uid=0(root) gid=0(root) groups=0(root) >> context=system_u:system_r:unconfined_t:s0-s0:c0.c1023* >> >> I want to change *System_u:system_r:unconfined_t to sysadm_u:sysadm_r >> or **unconfined_u:**unconfined_r**. * >> >> *Also showing the output of following command :* >> >> *semanage user -l* >> >> * Labeling MLS/ MLS/ * >> *SELinux User Prefix MCS Level MCS Range >> SELinux Roles* >> >> *admin_u user s0 s0-s0:c0.c1023 >> sysadm_r system_r* >> *guest_u user s0 s0 >> guest_r* >> *root user s0 s0-s0:c0.c1023 >> staff_r sysadm_r* >> *specialuser_u user s0 s0 >> sysadm_r system_r* >> *staff_u user s0 s0-s0:c0.c1023 >> staff_r sysadm_r system_r* >> *sysadm_u user s0 s0-s0:c0.c1023 >> sysadm_r* >> *system_u user s0 s0-s0:c0.c1023 >> system_r* >> *unconfined_u user s0 s0-s0:c0.c1023 >> system_r unconfined_r* >> *user_u user s0 s0 >> user_r* >> *xguest_u user s0 s0 >> xguest_r* >> >> >> * semanage login -l* >> >> *Login Name SELinux User MLS/MCS Range Service* >> >> *__default__ sysadm_u s0-s0:c0.c1023 ** >> *ccmservice specialuser_u s0 ** >> *cucm admin_u s0-s0:c0.c1023 ** >> *drfkeys specialuser_u s0 ** >> *drfuser specialuser_u s0 ** >> *informix specialuser_u s0 ** >> *pwrecovery specialuser_u s0 ** >> *root sysadm_u s0-s0:c0.c1023 ** >> *sftpuser specialuser_u s0 ** >> *system_u sysadm_u s0-s0:c0.c1023 ** >> >> >> *Can anybody Please help me.* >> >> -- >> >> Thanks >> Aman >> Cell: +91 9990296404 | Email ID : [email protected] >> >> > -- Thanks Aman Cell: +91 9990296404 | Email ID : [email protected]
