[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: problem trying to transition to sysadm_r

From: Stephen Smalley <sds tycho nsa gov>
To: "charles f. zeitler" <cfzeitler yahoo com>
Cc: fedora-selinux <fedora-selinux-list redhat com>
Subject: Re: problem trying to transition to sysadm_r
Date: Tue, 19 Jun 2007 07:48:02 -0400

On Mon, 2007-06-18 at 20:08 -0700, charles f. zeitler wrote:
> when i enter:
> newrole -r sysadm_r 
> at the cli,
> i get:
> Couldn't get default type.
> 
> can someone give me a hint/tip/clue?

Fedora by default uses "targeted" policy rather than "strict" policy,
and therefore has no notion of user roles and domains (only specific
programs are confined, not users under "targeted" policy).  See the
Fedora SELinux FAQ.

If you want strict policy, you have to install selinux-policy-strict and
switch your /etc/selinux/config SELINUXTYPE definition to it, then
reboot and relabel (typically in permissive mode the first time to allow
that initial boot to succeed).  

-- 
Stephen Smalley
National Security Agency

Follow-Ups:
- Re: problem trying to transition to sysadm_r
  - From: charles f. zeitler

References:
- problem trying to transition to sysadm_r
  - From: charles f. zeitler

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]