-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Oct 24, 2006, at 2:42 PM, Stephen Smalley wrote:
On Tue, 2006-10-24 at 14:17 -0400, David Nedrow wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Has anyone successfully switched from targeted to strict policies
under either FC5 or FC6?
Does anyone have an idea as to what I'm missing?
Prior to FC5, I had no problems with the strict policy.
A few observations:
- root is not necessarily all powerful under SELinux; it depends on
what
role/domain he has. What does id show? root often has to first
newrole
-r sysadm_r in order to assume administrative privileges under strict
policy.
Aha. That was it.
To enable other users to assume admin privileges, you will need
to map them to staff_u using semanage so that they can newrole to
sysadm_r and then run su or sudo as appropriate.
Thanks for the info.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iD8DBQFFPn7EF5XSfHP90EcRAq6nAJ9DjQJletGP4QTgFZ0TPfXVD+J9SQCePJs0
OxWPp/B+YI8R0+/NFZNlpzE=
=I2bz
-----END PGP SIGNATURE-----
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
