problem trying to transition to sysadm_r
Stephen Smalley
sds at tycho.nsa.gov
Tue Jun 19 11:48:02 UTC 2007
On Mon, 2007-06-18 at 20:08 -0700, charles f. zeitler wrote:
> when i enter:
> newrole -r sysadm_r
> at the cli,
> i get:
> Couldn't get default type.
>
> can someone give me a hint/tip/clue?
Fedora by default uses "targeted" policy rather than "strict" policy,
and therefore has no notion of user roles and domains (only specific
programs are confined, not users under "targeted" policy). See the
Fedora SELinux FAQ.
If you want strict policy, you have to install selinux-policy-strict and
switch your /etc/selinux/config SELINUXTYPE definition to it, then
reboot and relabel (typically in permissive mode the first time to allow
that initial boot to succeed).
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list