[redhat-lspp] newrole error
Daniel J Walsh
dwalsh at redhat.com
Tue Jan 16 20:33:35 UTC 2007
Daniel J Walsh wrote:
> Xavier Toth wrote:
>> policycoreutils-1.33.12-1.el5
>> libselinux-1.33.3-2.el5
>>
>> I copied /etc/selinux/mls/contexts/securetty_types to
>> /etc/selinux/mls/contexts/securetty_contexts and now am prompted to
>> authenticate after which I get the following errors:
>> pam_open_session failed with Cannot make/remove an entry for the
>> specified session
>> pam_close_session failed with Cannot make/remove an entry for the
>> specified session
> AVC messages?
>>
>> Ted
>>
>> On 1/16/07, Stephen Smalley <sds at tycho.nsa.gov> wrote:
>>> On Tue, 2007-01-16 at 13:43 -0600, Ted X Toth wrote:
>>> > I added staff_devpts_t and sysadm_devpts_t to
>>> > /etc/selinux/mls/contexts/securetty_types and even rebooted but
>>> still am
>>> > getting the same error.
>>>
>>> libselinux and policycoreutils version number?
>>>
>>> The upstream version of the libselinux and policycoreutils code
>>> diverged
>>> from the original patch by Dan Walsh (change in file name and
>>> interface). Dan's original patch called the file
>>> securetty_contexts, so
>>> you could try renaming or copying the file to that name. Upstream it
>>> was renamed to securetty_types for clarity since it only contains
>>> types.
>>>
>>> --
>>> Stephen Smalley
>>> National Security Agency
>>>
>>>
>
> --
> redhat-lspp mailing list
> redhat-lspp at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-lspp
I just tried to do this and it worked fine.
script
newrole -l SystemHigh
Error:
Add sysadm_devpts_t to /etc/selinux/mls/contexts/securetty_types
newrole -l SystemHigh
success
More information about the redhat-lspp
mailing list