-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/20/2014 03:46 PM, Andy Ruch wrote:
On Thursday, February 20, 2014 1:38 PM, Daniel J Walsh <dwalsh(a)redhat.com>
wrote:
-----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On 02/19/2014 11:56 AM, Andy Ruch wrote:
>> Hello,
>>
>> I have a policy that was originally written for RHEL 6.2. I’m now
>> trying to upgrade to RHEL 6.5 and I’m having problems with semanage. I
>> can install a fresh RHEL 6.5 system with the targeted policy and
>> everything works fine. I then uninstall the targeted policy and install
>> my policy and I can’t link the linux user and selinux user.
>>
>>>> semanage user –a -R sysadm_r -R staff_r -r s0-s0:c0.c1023
>>>> testuser_u useradd -G wheel testuser semanage login -a -r
>>>> s0-s0:c0.c1023 -s testuser_u testuser
>> libsemanage.dbase_llist_query: could not query record value
>> /usr/sbin/semanage: Could not query user for testuser
>>
>>
>> I have the RHEL 6.5 source code for libsemanage and the targeted policy
>> but so far I haven't been able to find differences that would affect
>> this problem. Could someone please point me in the right direction as
>> far as what semanage is expecting? What would prevent libsemanage from
>> querying for the user?
>>
>> Thanks, Andy
>>
>>
>> -- selinux mailing list selinux(a)lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/selinux
>>
> What does semanage login -l and semanage user -l show? -----BEGIN PGP
> SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird -
>
http://www.enigmail.net/
>
> iEYEARECAAYFAlMGZ6gACgkQrlYvE4MpobPPDACfZf1lDin/LicVoZbykbsMS2rX
> OuoAoIIa11SrGGVgJiFblx4aCFjPWF9o =iiCj -----END PGP
SIGNATURE-----
>
semanage user -l shows:
Labeling MLS/ MLS/ SELinux User Prefix MCS Level MCS Range
SELinux Roles
root user s0 s0-s0:c0.c1023
system_r system_u user s0 s0-s0:c0.c1023
system_r testuser_u user s0 s0-s0:c0.c1023
staff_r sysadm_r user_u user s0 s0
user_r
semanage login -l shows:
Login Name SELinux User MLS/MCS Range
root root s0-s0:c0.c1023
system_u system_u s0-s0:c0.c1023
-- selinux mailing list selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlMGdVYACgkQrlYvE4MpobPSyQCgkQxSuJh2rUYvkDcNjCo2aeai
DugAniPjTv6IbODBn+ADnsIPdpf1M55a
=TUJs
-----END PGP SIGNATURE-----