User policy problem with strict policy
Stephen Smalley
sds at epoch.ncsc.mil
Thu Oct 14 15:15:00 UTC 2004
On Thu, 2004-10-14 at 11:13, James Morris wrote:
> On Thu, 14 Oct 2004, Colin Walters wrote:
>
> > It's been that way as long as I can remember; you also need to do:
> > full_user_role(jmorris)
>
> Thanks, that worked, but I can't recall doing it before.
That only makes sense if you are going to do:
user jmorris roles jmorris_r;
role jmorris_r types jmorris_t;
Otherwise, full_user_role(jmorris) is just going to define some types
and rules that aren't ever going to be useable.
But why do you want a per-user role/domain?
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list
mailing list