[redhat-lspp] newrole error
Linda Knippers
linda.knippers at hp.com
Mon Jan 15 23:52:44 UTC 2007
Xavier Toth wrote:
> I'm running the lspp 62 kernel and have install
> policycoreutils-newrole-1.33.12-1.el5, selinux-policy-mls-2.4.6-27.el5
> and other several rpms they require all of which came from Dan Walsh'
> page. Now when I run newrole I get :
> Error: you are not allowed to change levels on a non secure terminal
>
> Can anyone help me understand what the problem is and how I can fix it?
I assume you've ssh'd into the system rather than logging on
at the console?
This is new behavior in newrole to address bugzilla 200110.
It prohibits level changes on ptys because there are no
controls on the flow of information between the pty master
and slave and using newrole to change levels leaves the
slave and master at different levels.
Its discussed in this thread:
https://www.redhat.com/archives/redhat-lspp/2007-January/msg00004.html
If you don't want this behavior I think you can modify
/etc/selinux/mls/contexts/securetty_contexts and
add the pty selinux type, at least that's how I understand
the mail thread. Haven't tried that myself though.
-- ljk
>
> Thanks
> Ted
>
> --
> redhat-lspp mailing list
> redhat-lspp at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-lspp
More information about the redhat-lspp
mailing list