Re: Invalid security context messages

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2013-01-18 at 17:31 +0000, Anamitra Dutta Majumdar (anmajumd)
wrote:
> It is 
> 
> sysadm_u        user       s0         s0-s0:c0.c1023
> sysadm_r
> 
> 

Add the system_r role to it, that might help

semanage user -m -L s0 -r s0-s0:c0.c1023 -R "sysadm_r system_r" -P user
sysadm_u
 
> 
> Thanks,
> Anamitra
> 
> On 1/18/13 9:11 AM, "Dominick Grift" <dominick.grift@xxxxxxxxx> wrote:
> 
> >On Fri, 2013-01-18 at 16:34 +0000, Anamitra Dutta Majumdar (anmajumd)
> >wrote:
> >> We have removed the unconfined domain from our system based on RHEL6.
> >> After that when we run audit2allow we see the following messages
> >> 
> >> [root@vos-cm148 ~]# audit2allow -a
> >> libsepol.context_from_record: invalid security context:
> >>"sysadm_u:system_r:useradd_t:s0-s0:c0.c1023"
> >> libsepol.context_from_record: could not create context structure
> >> libsepol.context_from_string: could not create context structure
> >> libsepol.sepol_context_to_sid: could not convert
> >>sysadm_u:system_r:useradd_t:s0-s0:c0.c1023 to sid
> >> 
> >> Are these harmful? What do they mean and how can we get rid of them.
> >> 
> >
> >What is the output of: semanage user -l | grep sysadm_u?
> >
> >
> >
> >
> 


--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux



[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux