[redhat-lspp] netlabelctl gets permission denied - possible role mixup
Linda Knippers
linda.knippers at hp.com
Wed Mar 21 16:04:40 UTC 2007
>> I'm not sure this is a bug, unless of course we want sysadm_r to be able to
>> configure NetLabel. Please try running netlabelctl as secadm_r and report
>> the results.
>
> secadm is able to execute netlabelctl. sysadm_r used to be able to run it as
> well. Why was it changed in the first place, and should sysadm_r be able to
> execute it since it is supposed to be a powerful role?
I think sysadm_r should be able to run it, and it can on my system. I'm
running an older policy though (selinux-policy-mls-2.4.6-38.el5) and older
ssh bits. I'll try updating one and then the other.
-- ljk
More information about the redhat-lspp
mailing list