[redhat-lspp] newrole error
Ted X Toth
txtoth at gmail.com
Tue Jan 16 02:11:38 UTC 2007
Linda,
No I haven't ssh'd I'm running newrole from an xterm running locally.
Ted
Linda Knippers wrote:
> Xavier Toth wrote:
>> I'm running the lspp 62 kernel and have install
>> policycoreutils-newrole-1.33.12-1.el5, selinux-policy-mls-2.4.6-27.el5
>> and other several rpms they require all of which came from Dan Walsh'
>> page. Now when I run newrole I get :
>> Error: you are not allowed to change levels on a non secure terminal
>>
>> Can anyone help me understand what the problem is and how I can fix it?
>
> I assume you've ssh'd into the system rather than logging on
> at the console?
>
> This is new behavior in newrole to address bugzilla 200110.
> It prohibits level changes on ptys because there are no
> controls on the flow of information between the pty master
> and slave and using newrole to change levels leaves the
> slave and master at different levels.
>
> Its discussed in this thread:
> https://www.redhat.com/archives/redhat-lspp/2007-January/msg00004.html
>
> If you don't want this behavior I think you can modify
> /etc/selinux/mls/contexts/securetty_contexts and
> add the pty selinux type, at least that's how I understand
> the mail thread. Haven't tried that myself though.
>
> -- ljk
>
>>
>> Thanks
>> Ted
>>
>> --
>> redhat-lspp mailing list
>> redhat-lspp at redhat.com
>> https://www.redhat.com/mailman/listinfo/redhat-lspp
>
>
More information about the redhat-lspp
mailing list