|
Hello everyone, Recently, I want to make other user use some selinux commands( i.e. setenforce)without using sudo.But , I find the file that /selinux/enforce ‘s dac-list is –rw-r- -r- - root root which means
only root(or set-user-id-root) can use “setenforce 0”.So I started to think about apply acl on /selinux/**. I used acl like this: Mount –t selinuxfs –o remount,acl,rw none /selinux; Cat /etc/mtab | grep selinux;//result:seccuss So,then: Setfacl –m u:newuser:rw /selinux/enforce;//result:failed I want to figure out where failed, thanks!:) |
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
