What do I need to add a new role such that I can change to it with newrole? I can’t seem to find any rules that allow it to work. This is for a monolithic policy we developed based from the reference policy on redhat 5.2 I have the following I want to change from root:sysadm_r:sysadm_t:s0 to this one root:mynewrole_r:mynewrole_t:s0 I have the following rules (amongst lots of others!) type mynewrole_t; role sysadm_r, mynewrole_r; allow sysadm_r mynewrole_r; role mynewrole_r types mynewtype_t; user root roles { sysadm_r secadm_r auditadm_r mynewrole_r } level s0 range s0 - s0:c0.c255; I also have an entry in default_type that picks the right combination. I get the error reported that it is not a valid context. This is true even with enforcing disabled. # newrole –r mynewrole_r root:mynewrole_r:mynewrole_t:s0 is not a valid context. Wondering what I’m missing to define a new role? Any ideas? Thanks Julian. |
