I'm having trouble adding a new role to selinux on FC4. I added the following lines to domains/user.te: limited_user_role(ua_pw_user) role_tty_type_change(user, ua_pw_user) role_tty_type_change(sysadm, ua_pw_user) and to macros/user_macros.te added role ua_pw_user_r types $1; to in_user_role. and to appconfig/default_type: ua_pw_user_r:ua_pw_user_t and to users: user tmerritt roles { user_r ua_pw_user_r }; Now when I try to switch to that role I get: [tmerritt@host ~]$ id -Z tmerritt:user_r:user_t [tmerritt@host ~]$ newrole -r ua_pw_user_r Authenticating tmerritt. Password: tmerritt:ua_pw_user_r:ua_pw_user_t is not a valid context Am I missing something obvious ? Thanks, Todd -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list