On Tue, Aug 5, 2008 at 8:55 AM, Dennis Wronka <linuxweb@xxxxxxx> wrote: > Hi folks, > > I'd like to ask about a problem I am experiencing with newrole. > When I use newrole in permissive-mode I have no problems changing the role. > Also I don't get any audit-messages. > But when I switch to enforcing-mode I cannot use newrole, it keeps telling > me "incorrect password for root", although it clearly is correct. > I suspect a problem in interaction between newrole and unix_chkpwd, but am not > entirely sure about it. > > Problem is that I don't get any audits from SELinux, only errors in auth.log > from unix_chkpwd: > check_pass; user unknown > password check failer for user (root) > > I am working with the latest reference-policy, adjusted here and there to fit > the needs of my distro. > > Thanks for any suggestions. > > Dennis > You can try using `semodule -DB` to turn off the dontaudits and see if you get any AVCs then. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
