On Fri, 2013-01-18 at 17:31 +0000, Anamitra Dutta Majumdar (anmajumd) wrote: > It is > > sysadm_u user s0 s0-s0:c0.c1023 > sysadm_r > > Add the system_r role to it, that might help semanage user -m -L s0 -r s0-s0:c0.c1023 -R "sysadm_r system_r" -P user sysadm_u > > Thanks, > Anamitra > > On 1/18/13 9:11 AM, "Dominick Grift" <dominick.grift@xxxxxxxxx> wrote: > > >On Fri, 2013-01-18 at 16:34 +0000, Anamitra Dutta Majumdar (anmajumd) > >wrote: > >> We have removed the unconfined domain from our system based on RHEL6. > >> After that when we run audit2allow we see the following messages > >> > >> [root@vos-cm148 ~]# audit2allow -a > >> libsepol.context_from_record: invalid security context: > >>"sysadm_u:system_r:useradd_t:s0-s0:c0.c1023" > >> libsepol.context_from_record: could not create context structure > >> libsepol.context_from_string: could not create context structure > >> libsepol.sepol_context_to_sid: could not convert > >>sysadm_u:system_r:useradd_t:s0-s0:c0.c1023 to sid > >> > >> Are these harmful? What do they mean and how can we get rid of them. > >> > > > >What is the output of: semanage user -l | grep sysadm_u? > > > > > > > > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
