[ubuntu-hardened] selinux - mapping question
yossi ozani
yossiozani at gmail.com
Wed Mar 11 22:52:41 GMT 2009
Hi all...
I started to learn selinux and I have a question about mapping in selinux.
I logged in as *staff_u. *The command *id -Z* gives me the following
context: user_u:*user_r*:user_t
The command: *semanage user -l |grep staff_u*
print the output: *staff_u sysadm_r staff_r*
*My questions:*
1) How the login process know to choose the *staff_r* role and not the*sysadm_r
* role ?
2) If only one is the appropriate role why I can see a list of roles to some
seusers like *staff_u* and *root* ?
Many thanks for the help
Yossi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20090312/416bf535/attachment.htm
More information about the ubuntu-hardened
mailing list