| Home Profile Fun |
#172 Linux 10.03.2009
SELinux newrole Couldn't get default type# newrole -r sysadm_r Couldn't get default type. If you are using the targeted policy and wonder why you cannot make a transition to the sysadm_r role here is the answer: the targeted policy in contrast to the strict policy has only one role which is system_r. All users have this role. Also there are no user domain types like sysadm_t in the targeted policy. Almost all user-run programs run in the unconfined_t domain. This domain has access to all other SELinux domains. # id -Z user_u:system_r:unconfined_t:s0 SELinux Training |