On 09/15/2010 11:23 AM, Roberto Sassu wrote: > On Wednesday 15 September 2010 10:50:44 Roberto Sassu wrote: >> Hi all >> >> i want to use UBAC feature in order to isolate an user from each other. >> I created two users user1_u and user2_u mapped respectively to user1 and user2, and >> i assigned them the role user_r. >> Then i created two directories 'a' and 'b' labeled respectively user1_u:object_r:user_home_t:s0 >> and user2_u:object_r:user_home_t:s0. What i'm expecting is that user1 can access 'a' and not 'b', >> viceversa for user2, but user1 is allowed to access both directories. >> >> -- >> This message was distributed to subscribers of the selinux mailing list. >> If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with >> the words "unsubscribe selinux" without quotes as the message. >> > > Oh, sorry. I have not seen the UBAC variable is overwritten in the Fedora rpm spec file. Yes Fedora disabled it. It can be enabled by modifying the spec file and rebuilding the rpm. I have it enabled and it works pretty good with some exceptions. > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux
Attachment:
signature.asc
Description: OpenPGP digital signature
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux