Hi there, I have fedora 11 installed and I'm running a program with root, but need to drop priviledges to another user (xguest_u) and change to the proper security context. When I tried to use simple tools like runcon or newrole, I wasn't able to modify the context. I tried: su -c 'runcon -c -t xguest_t -u xguest_u -r xguest_r -l s0 /usr/bin/id' unpriviledged-user-that-is-xguest_u I always get permission denied. After checking /var/log/audit and doing an audit2allow it pointed out: allow unconfined_t xguest_t : process transition. However, when I load the module, the problem continues... Any easy way to run a program with another UID and another security context from root/unconfined_t/unconfined_r? thanks! -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
