Another dumb question...
Konstantin Ryabitsev
icon at linux.duke.edu
Fri Apr 2 15:08:15 UTC 2004
murphy pope wrote:
> Everything that I've read says that the 'su' command will change my
> Linux user ID but not my identity. Here's what I see:
>
> # id -Z
> root:staff_r:staff_t
> # su fred
> Your default context is fred:sysadm_r:sysadm_t.
>
> Do you want to choose a different one? [n]n
> $ id -Z
> fred:sysadm_r:sysadm_t
>
> My identity changed from 'root' to 'fred'. Bug? That seems a pretty
> fundamental flaw considering that every document that I've read uses
> 'su' to explain the difference between a user ID and an identity.
>
> By the way, I see the same result whether I use 'su' or 'su -'. I see
> the same result (a change in identity) whether I su from root to fred or
> from fred to root.
>
> So which one is right? The documentation or the code?
I can't confirm this:
icon at hagrid:[~]$ id -Z
user_u:user_r:user_t
icon at hagrid:[~]$ su
Password:
root at hagrid:[/home/einstein/staff/icon]# id -Z
root:sysadm_r:sysadm_t
root at hagrid:[/home/einstein/staff/icon]# su -
Your default context is root:sysadm_r:sysadm_t.
Do you want to choose a different one? [n]
[root at hagrid root]# id -Z
root:sysadm_r:sysadm_t
[root at hagrid root]# su icon
icon at hagrid:[/root]$ id -Z
user_u:user_r:user_t
icon at hagrid:[/root]$ exit
[root at hagrid root]# su - icon
icon at hagrid:[~]$ id -Z
user_u:user_r:user_t
icon at hagrid:[~]$
-icon
More information about the fedora-selinux-list
mailing list