On Thu, Nov 27, 2014 at 6:38 PM, Dominick Grift <dac.override@xxxxxxxxx> wrote: > On Thu, Nov 27, 2014 at 01:23:13PM +0100, Sven Vermeulen wrote: >> >> So in this case, object_r is assigned (during migration) to system_u, >> unconfined_u and user_u, but not to root, staff_u, sysadm_u and >> testrole_u. >> >> Those roles still work though. Is showing object_r in the "SELinux >> Roles" part cosmetic perhaps? >> > > Strange ... as far as i know object_r needs to be associated with everyone > > Is your output of seinfo -xu consistent with that of semanage user (as far as roles associated with identities is concerned)? It is not. seinfo -xu shows object_r to be associated with *all* roles (as you suggested) whereas the "semanage user -l" output shows it missing with a few of them. This is the only inconsistency though - the rest of the output does match. Wkr, Sven Vermeulen _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
