[redhat-lspp] turning on quota under the MLS strict policy
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Oct 20 19:23:08 UTC 2006
On Fri, 20 Oct 2006 16:14:23 -0300, Thiago Jung Bauermann said:
> So, does anyone have a tip about this?
Admittedly mostly shooting in the dark here..
> > scontext=staff_u:sysadm_r:quota_t:s0-s15:c0.c255
> > tcontext=root:object_r:root_t:s0 tclass=filesystem
What happens if you're running as sysadm_t or similar instead of root_t?
This looks like SELinux "working as designed" - it stopped a root process
that was in the wrong context from doing something it wasn't allowed to do.
Does 'newrole -r sysadm_r' improve things?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061020/76c18922/attachment.sig>
More information about the redhat-lspp
mailing list