Description of problem: $ gear zsh: permission denied: gear $ id -Z staff_u:staff_r:staff_t:s0-s0:c0.c1023 WIth setenforce 0, it work fine. # rpm -q selinux-policy selinux-policy-3.12.1-166.fc20.noarch I am not sure if gear can be run as a simple user, but i would at least expect to be able to see the command line options, since there is no manpage.
Hi Michael, Is this with the latest build? Works fine for me in Enforcing. $ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 $ rpm -q selinux-policy selinux-policy-3.13.1-63.fc21.noarch $ rpm -q geard geard-0-0.13.git6850c8d.fc21.x86_64
You are in enforcing, but without a confined user.
argh, I see...nvm me. Perhaps dwalsh has an answer.
Is there a reason for a normal (Non admin) user to run this?
Well, in my case, it was to read the options and help. I think it can also be used to manage a remote geard agent.
Currently we don't allow staff_t to execute all applications, I guess we could allow that.
Michael, geard has been retired on fedora. Perhaps this can be closed?
I guess someone could autoclose all tickets for it, yeah.
Package retired, bug closed.