... is not a valid context

Stephen Smalley sds at tycho.nsa.gov
Wed Aug 10 16:30:49 UTC 2005

On Wed, 2005-08-10 at 09:26 -0700, Todd Merritt wrote:
> It's getting in there from somewhere:
> [root at tubb policy]# grep allow policy.conf |grep ua_pw_user_r
> allow user_r ua_pw_user_r;
> allow sysadm_r ua_pw_user_r;
> But, after switching it to full_user role 
> allow system_r ua_pw_user_r;
> is added to the policy and everything works.

The issue isn't the allow rule - it is the missing role statement, i.e.
	role ua_pw_user_r types ua_pw_user_t;

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list