|Main Archive Page > Month Archives > selinux archives|
On Tue, 2008-02-05 at 20:05 +0100, Stefan Schulze Frielinghaus wrote:
> Since my last upgrade to refpolicy-20071214 whenever I try to login with
> my username I'm in the default role (user).
> $ semanage login -l
> stefan staff_u
> $ id
> uid=1000(stefan) gid=1000(stefan) groups=1000(stefan)
> I tried to login locally and remote via ssh. No AVCs are generated or
> whatever. Did I miss something? That's really strange. Did something
> change in the past?
> Also other users are always logged in as user_u and not e.g. staff_u
> (enforcing or permissive mode does not change anything).
> I'm using Debian (testing).
I believe debian is using the openssh that has a broken configure script (4.7) which improperly detects getseuserbyname() (it doesnt do -lselinux on the compile test thus it always fails). Debian might possibly be using an old pam patch that doesn't use getseuserbyname(). But these behavior changes wouldn't be tied to a policy change, unless you previously had selinux users which corresponded to your linux user and they were removed with the new policy. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to email@example.com with the words "unsubscribe selinux" without quotes as the message.