On Sun, 2009-05-03 at 18:19 -0700, fluffie wrote: > hi, > > i created a useruuser account which has SELinux User of "user_u". > and when i log in using that account, i cannot use 'su' or 'sudo'. > in particular, when i try to use 'sudo', there will be a permission denied > message. > > may i know where is the boolean or rule that specified this restriction? > > thank you That's one of the points of user_u, it can't get to root :) staff_u can get to sysadm_t (through sudo) which then has most admin privs. Although I beleive dwalsh would suggest staff_u -> unconfined_t via sudo if you want an admin user. (which would require adding unconfined_r to staff_u I believe) -Eric -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
