Turning selinux back on
Brian Bober
netdemonz at yahoo.com
Wed Apr 14 19:38:53 UTC 2004
Daniel J Walsh wrote:
>
> That is strange. The only messages you should see from fixfiles
> is relabeling tty files.
The following questions will probably display a level of confusion :-)
Do I have to do "newrole sysadm_r" every time I run fixfiles? I was under the
impression that you only have to do that once, and I did that when I first
installed Fedora Core 2. The FAQ says that the role switch or whatever is part
of su. It doesn't say in the FAQ (unless I'm missing it) whether you need to do
that just the first time or every time. Whenever I login to root (as init 3),
it says my default context is root:sysadm_r:sysadm_t. This means I have the
sysadm_r role, right?
Also, is there some command like "getrole" or something to tell you what role
you are as?
I also am wondering if it would be helpful for debugging purposes if the avc
errors could say "denied but ignored" when you have enforcing set to permissive.
More information about the fedora-test-list
mailing list