Hi all.
I have problems on selinux configuration.
What shold I do to change MCS/MLS range of users and "login" from s0-s0:c0 to s0-s0:c0.c1023("SystemLow-SystemHigh")
with "semanage".
My SELinux is with "tergeted" policy.
The Condition is below.
[root@localhost ~]# semanage user -l
Labeling MLS/ MLS/
SELinux User Prefix MCS Level MCS Range SELinux Roles
root user s0 s0:c0,c3 system_r sysadm_r user_r
system_u user s0 SystemLow-SystemHigh system_r
user_u user s0 SystemLow-SystemHigh system_r sysadm_r user_r
[root@localhost ~]# semanage login -l
Login Name SELinux User MLS/MCS Range
__default__ user_u s0
root root s0:c0
[root@localhost ~]# semanage user -m -r s0-s0:c0.c1023 root
libsemanage.validate_handler: MLS range s0:c0 for Unix user root exceeds allowed range s0:c0,c3 for SELinux user root
libsemanage.validate_handler: seuser mapping [root -> (root, s0:c0)] is invalid
libsemanage.dbase_llist_iterate: could not iterate over records
/usr/sbin/semanage: Could not modify SELinux user root
[root@localhost ~]# semanage login -m -r s0-s0:c0.c1023 root
libsemanage.validate_handler: MLS range s0-s0:c0.c1023 for Unix user root exceeds allowed range s0:c0,c3 for SELinux user root
libsemanage.validate_handler: seuser mapping [root -> (root, s0-s0:c0.c1023)] is invalid
libsemanage.dbase_llist_iterate: could not iterate over records
/usr/sbin/semanage: Could not modify login mapping for root
[root@localhost ~]#
Configuration of MCS/MLS of SELinux
Support for security such as Firewalls and securing linux
Return to “CentOS 5 - Security Support”
Jump to
- CentOS General Purpose
- ↳ CentOS - FAQ & Readme First
- ↳ Announcements
- ↳ CentOS Social
- ↳ User Comments
- ↳ Website Problems
- CentOS 8 / 8-Stream / 9-Stream
- ↳ 8 /8-Stream / 9-Stream - General Support
- ↳ 8 /8-Stream / 9-Stream - Hardware Support
- ↳ 8 /8-Stream / 9-Stream - Networking Support
- ↳ 8 /8-Stream / 9-Stream - Security Support
- CentOS 7
- ↳ CentOS 7 - General Support
- ↳ CentOS 7 - Software Support
- ↳ CentOS 7 - Hardware Support
- ↳ CentOS 7 - Networking Support
- ↳ CentOS 7 - Security Support
- CentOS Legacy Versions
- ↳ CentOS 5
- ↳ CentOS 5 - General Support
- ↳ CentOS 5 - Software Support
- ↳ CentOS 5 - Hardware Support
- ↳ CentOS 5 - Networking Support
- ↳ CentOS 5 - Server Support
- ↳ CentOS 5 - Security Support
- ↳ CentOS 5 - Oracle Installation and Support
- ↳ CentOS 5 - Miscellaneous Questions
- ↳ CentOS 6
- ↳ CentOS 6 - General Support
- ↳ CentOS 6 - Software Support
- ↳ CentOS 6 - Hardware Support
- ↳ CentOS 6 - Networking Support
- ↳ CentOS 6 - Security Support