Hi Ravi,
Thanks for your reply but SSH and Sysadm_login is already enabled.
Actually I need to change the root context fromSystem_u:system_r:unconfined_t to sysadm_u:sysadm_r or unconfined_u:unconfined_r.
I found one command (runcon unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 /bin/bash) but that command will not work after reboot . Is there any parmanent solution for this.
On Fri, Nov 24, 2017 at 12:22 PM, Ravi Kumar <nxp.ravi@xxxxxxxxx> wrote:
Based on the config each type of login ( ssh ,shell ) will have it own role . if this is just for testing you can try setting the bool value if you are logging via ssh.setsebool -P ssh_sysadm_login 1Regards,
RaviOn Fri, Nov 24, 2017 at 10:47 AM, Aman Sharma <amansh.sharma5@xxxxxxxxx> wrote:Hi All,Currently Working on Cent OS 7.3 and login as a root User and my Id command output is :iduid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:unconfined_t:s0-s0:c0.c1023 I want to change System_u:system_r:unconfined_t to sysadm_u:sysadm_r or unconfined_u:unconfined_r.Also showing the output of following command :semanage user -lLabeling MLS/ MLS/SELinux User Prefix MCS Level MCS Range SELinux Rolesadmin_u user s0 s0-s0:c0.c1023 sysadm_r system_rguest_u user s0 s0 guest_rroot user s0 s0-s0:c0.c1023 staff_r sysadm_rspecialuser_u user s0 s0 sysadm_r system_rstaff_u user s0 s0-s0:c0.c1023 staff_r sysadm_r system_rsysadm_u user s0 s0-s0:c0.c1023 sysadm_rsystem_u user s0 s0-s0:c0.c1023 system_runconfined_u user s0 s0-s0:c0.c1023 system_r unconfined_ruser_u user s0 s0 user_rxguest_u user s0 s0 xguest_rsemanage login -lLogin Name SELinux User MLS/MCS Range Service__default__ sysadm_u s0-s0:c0.c1023 *ccmservice specialuser_u s0 *cucm admin_u s0-s0:c0.c1023 *drfkeys specialuser_u s0 *drfuser specialuser_u s0 *informix specialuser_u s0 *pwrecovery specialuser_u s0 *root sysadm_u s0-s0:c0.c1023 *sftpuser specialuser_u s0 *system_u sysadm_u s0-s0:c0.c1023 *Can anybody Please help me.--
