[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: RE: bash_profile: Permission denied
From: "James R. Marcus" <jmarcus () mvalent ! net>
Date: 2004-09-27 18:29:34
Message-ID: E6E16A6D4277CD459BBDE6713766033CB72208 () exchange ! mvalent ! local
[Download RAW message or body]
Sorry I haven't replied to this sooner. I'm fine with .bash_profile
getting a permission denied. The first issue was that when I was
switching back and forth from permissive to enforced mode, my new login
shell would hang on the permission denied error, and I would never get
to a prompt. Maybe this was an issue with my ssh client? This error
seems to be some extreme case, because without changing anything it
appears I can login as root while in enforced mode.
James
-----Original Message-----
From: owner-selinux@tycho.nsa.gov [mailto:owner-selinux@tycho.nsa.gov]
On Behalf Of Russell Coker
Sent: Friday, September 24, 2004 4:25 AM
To: Luke Kenneth Casson Leighton
Cc: Daniel J Walsh; James R. Marcus; selinux@tycho.nsa.gov
Subject: Re: bash_profile: Permission denied
On Fri, 24 Sep 2004 09:15, Luke Kenneth Casson Leighton <lkcl@lkcl.net>
wrote:
> ah, but running newrole is not enough: not having write access to
> /root/.bash_profile results in bash not _reading_ the file either.
I wrote the following in my previous message to James R. Marcus on the
same
topic:
If you enable the boolean staff_read_sysadm_file then staff_t can read
sysadm_home_t files and can search sysadm_home_dir_t directories. This
will
allow you to login as root:staff_r:staff_t without any warning messages
AND
with the aliases etc from .bashrc defined.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux
packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov
with
the words "unsubscribe selinux" without quotes as the message.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic