-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 prakash hallalli wrote: > Hi All, > > I am using CentOS-5 x86_64, I have followed what u have sent the > steps. > But still i am getting same user login problem. I am not able to > login > user properly in system. > > These are i have followed the steps. > > 1. Create a source policy module:- > > #cd /home/prakash > #vi prakash.te > policy_module(prakash, 0.0.1) > role prakash_r; > userdom_unpriv_user_template(prakash); > > 2. Build the source policy module: > > #make -f /usr/share/selinux/devel/Makefile > > 3. Install the binary policy module: > > #semodule -i prakash.pp > > 4. Create default contexts for prakash: > > #cd /etc/selinux/targeted/contexts/users > #vi prakash > system_r:system_local_login_t:s0 prakash_r:prakash_t:s0 > system_r:remote_login_t:s0 prakash_r:prakash_t:s0 > system_r:sshd_t:s0 prakash_r:prakash_t:s0 > system_r:crond_t:s0 prakash_r:prakash_t:s0 > system_r:xdm_t:s0 prakash_r:prakash_t:s0 > prakash_r:prakash_su_t:s0 prakash_r:prakash_t:s0 > prakash_r:prakash_sudo_t:s0 prakash_r:prakash_t:s0 > system_r:initrc_su_t:s0 prakash_r:prakash_t:s0 > prakash_r:prakash_t:s0 prakash_r:prakash_t:s0 > > 5. Create a SELinux user mapping for prakash: > > #semanage user -a -L s0 -r s0-s0 -R "prakash_r" -P user prakash > > 6. Add new prakash user for user1: > > #useradd -Z prakash user1 > > 7. when i will try to login in the system, will get permission denied > message. > > gtt login: user1 > password: XXXXXX > > -bash: /home/user1/.bash_profile: Permission denied > -bash-3.1$id > uid=524(user1) gid=525(user1) groups=525(user1) > context=prakash:prakash_r:prakash_t > > I tryed to one more user then all so i got same problem. I am not sure > what i did the mistakes, Please help me what i have to do. > > Thanks, > Prakash, k, h. > > On Wed, Feb 25, 2009 at 9:17 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > > prakash hallalli wrote: >>>> Hi All, >>>> >>>> I have created 'myuser' user and created custom module policy > for >>>> user. >>>> I have installed successfully module, but when i logging myuser in >>>> i will get bash prompt. >>>> >>>> I have followed as below steps for creating module. >>>> >>>> #vi myuser.te >>>> policy_module(myuser, 0.0.1) >>>> role myuser_r; >>>> userdom_unpriv_user_templete(myuser) >>>> >>>> #make -f /usr/share/selinux/devel/Makefile >>>> #sudo semodule i myuser.pp >>>> #semanage user a L s0 r s0s0 L "myuser1_r" P user myuser1 >>>> #useradd Z myuser1 myuser1 >>>> >>>> I did all the step when i try login in system following error will > display. >>>> gtt login: myuser >>>> password: XXXXXX >>>> >>>> -bash: /home/myuser/.bash_profile: Permission denied >>>> -bash-3.1$ >>>> >>>> Please give what should i have to do. >>>> >>>> Thanks, >>>> Prakash. >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> -- >>>> fedora-selinux-list mailing list >>>> fedora-selinux-list@xxxxxxxxxx >>>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list > Which OS and Version. > > Depending on the policy you might need to relabe the homedir to get the > labels correct. > > restorecon -R -v /home > >> > ------------------------------------------------------------------------ > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list Please attach the AVC messages from /var/log/audit/audit.log. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkmoOc0ACgkQrlYvE4MpobNI/QCeOM9/9g9s3qIEb/b+w5gdGF3e VxYAnROI42+yd2xSycJJPqEVjovwMuVA =zXsG -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
