On 09/10/2014 11:21 PM, Chengfei (Fixed Network R&D Mgmt Dept) wrote: > Hello everyone, > Recently, I want to make other user use some selinux commands( i.e. setenforce)without using sudo.But , I find the file that /selinux/enforce 's dac-list is -rw-r- -r- - root root which means only root(or set-user-id-root) can use "setenforce 0".So I started to think about apply acl on /selinux/**. > I used acl like this: > Mount -t selinuxfs -o remount,acl,rw none /selinux; > Cat /etc/mtab | grep selinux;//result:seccuss > So,then: > Setfacl -m u:newuser:rw /selinux/enforce;//result:failed > I want to figure out where failed, thanks!:) No, it does not support ACLs. You can however chown and chmod it to permit access by a specific user or group other than root. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
