Default permissions and security context of new user?

R. Jensen linuxuser at
Thu Feb 10 03:06:31 UTC 2005

Moderator: I didn't realize I had sent this message from
a different address than the one I used to subscribe to the list.


Hi. I'm wondering about the permissions new users get
when they are created. Before SELinux I had to add users
to 'wheel' to enable them to su to root.

I did an adduser and it seems to be unrestricted:

[testse at lankhmar ~]$ id -Z

and the user is able to su to root. Is this normal?
How would I keep the user from being able to su?

I added:
   user testse roles { user_r };

to /etc/selinux/targeted/src/policy/users
and did: make load

This didn't seem to make any difference.

This is on FC3 (2.6.10-1.760_FC3)

[root at lankhmar ~]# sestatus
SELinux status:         enabled
SELinuxfs mount:        /selinux
Current mode:           enforcing
Mode from config file:  enforcing
Policy version:         18
Policy from config file:targeted

I'm not sure if this is clear, or enough information.
I tried searching the archives but didn't find anything.
[I may be searching incorrectly].


More information about the fedora-selinux-list mailing list