Fwd: SELinux user login problem
prakash hallalli
prakashkhallalli at gmail.com
Thu Feb 26 16:53:19 UTC 2009
Hi All,
I am using CentOS-5 x86_64, I have followed what u have sent the
steps.
But still i am getting same user login problem. I am not able to
login
user properly in system.
These are i have followed the steps.
1. Create a source policy module:-
#cd /home/prakash
#vi prakash.te
policy_module(prakash, 0.0.1)
role prakash_r;
userdom_unpriv_user_template(prakash);
2. Build the source policy module:
#make -f /usr/share/selinux/devel/Makefile
3. Install the binary policy module:
#semodule -i prakash.pp
4. Create default contexts for prakash:
#cd /etc/selinux/targeted/contexts/users
#vi prakash
system_r:system_local_login_t:s0 prakash_r:prakash_t:s0
system_r:remote_login_t:s0 prakash_r:prakash_t:s0
system_r:sshd_t:s0 prakash_r:prakash_t:s0
system_r:crond_t:s0 prakash_r:prakash_t:s0
system_r:xdm_t:s0 prakash_r:prakash_t:s0
prakash_r:prakash_su_t:s0 prakash_r:prakash_t:s0
prakash_r:prakash_sudo_t:s0 prakash_r:prakash_t:s0
system_r:initrc_su_t:s0 prakash_r:prakash_t:s0
prakash_r:prakash_t:s0 prakash_r:prakash_t:s0
5. Create a SELinux user mapping for prakash:
#semanage user -a -L s0 -r s0-s0 -R "prakash_r" -P user prakash
6. Add new prakash user for user1:
#useradd -Z prakash user1
7. when i will try to login in the system, will get permission denied
message.
gtt login: user1
password: XXXXXX
-bash: /home/user1/.bash_profile: Permission denied
-bash-3.1$id
uid=524(user1) gid=525(user1) groups=525(user1)
context=prakash:prakash_r:prakash_t
I tryed to one more user then all so i got same problem. I am not sure
what i did the mistakes, Please help me what i have to do.
Thanks,
Prakash, k, h.
On Wed, Feb 25, 2009 at 9:17 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> prakash hallalli wrote:
> > Hi All,
> >
> > I have created 'myuser' user and created custom module policy
> for
> > user.
> > I have installed successfully module, but when i logging myuser in
> > i will get bash prompt.
> >
> > I have followed as below steps for creating module.
> >
> > #vi myuser.te
> > policy_module(myuser, 0.0.1)
> > role myuser_r;
> > userdom_unpriv_user_templete(myuser)
> >
> > #make -f /usr/share/selinux/devel/Makefile
> > #sudo semodule i myuser.pp
> > #semanage user a L s0 r s0s0 L "myuser1_r" P user myuser1
> > #useradd Z myuser1 myuser1
> >
> > I did all the step when i try login in system following error will
> display.
> >
> > gtt login: myuser
> > password: XXXXXX
> >
> > -bash: /home/myuser/.bash_profile: Permission denied
> > -bash-3.1$
> >
> > Please give what should i have to do.
> >
> > Thanks,
> > Prakash.
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> Which OS and Version.
>
> Depending on the policy you might need to relabe the homedir to get the
> labels correct.
>
> restorecon -R -v /home
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkmlaCEACgkQrlYvE4MpobMMqACgyOEwLuvH0xgp2I97QXOtNLEa
> YP4AnRe8ozJhduWstWubPIO3qxptGO8E
> =UjzM
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090226/8be87100/attachment.htm>
More information about the fedora-selinux-list
mailing list