Re: error: ssh_selinux_getctxbyname: Failed to get default SELinux security context

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



another interesting thing is the following:
(seen with the debug option in pam_selinux)

assuming that the linux user is mat and the corresponding selinux user is
mat_u. during ssh login this happens:

Sep 30 16:09:49 testsrv sshd[4328]: pam_selinux(sshd:session): Open Session
Sep 30 16:09:49 testsrv sshd[4328]: pam_selinux(sshd:session): Open Session
Sep 30 16:09:49 testsrv sshd[4328]: pam_selinux(sshd:session): Username=
mat SELinux User = mat_u Level= (null)
Sep 30 16:09:49 testsrv  sshd[4328]: pam_selinux(sshd:session): set mat
security context to mat_u:staff_r:staff_t
Sep 30 16:09:49 testsrv sshd[4328]: pam_selinux(sshd:session): set mat key
creation context to mat_u:staff_r:staff_t

As we can see, the user mapping works as desired and the new choosen
context should be all right => mat_u:staff_r:staff_t.

But then, when I do an id -Z after successful login, the shell's context
is context=user_u:user_r:user_t.

Very strange....

--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux