Re: /bin/su wont work inside a chroot?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 08/01/2010 08:01 AM, Jason Pyeron wrote:
> So my hack will not work either...
> [root@devserver21 ~]# echo 0>/selinux/enforce
> [root@devserver21 ~]# chroot /var/mnt/192.168.1.52
> [root@devserver21 /]# passwd apache
> passwd: user_u:system_r:initrc_t is not authorized to change the password of
> apache

How'd you end up in that context?  Did you boot to single-user mode?

I only have CentOS 5 on which to test.  On the host, root normally logs 
in to an unconfined domain:

# id
uid=0(root) gid=0(root) 
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) 
context=user_u:system_r:unconfined_t

If I chroot, I'm still unconfined:

# chroot /var/lib/mock/centos-5-x86_64/root/
bash-3.2# id
uid=0(root) gid=0(root) 
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) 
context=user_u:system_r:unconfined_t:s0

... and why you'd be getting SELinux warnings after disabling enforcing 
mode is odd, too.  What to "getenforce" and "setenforce permissive" tell 
you?  Is /selinux actually a mounted filesystem?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux