Description of problem: Once a role is added to an selinux user with semanage, it can't be removed. Version-Release number of selected component (if applicable): I'm running the RHEL5 beta 2 and RHEL5 RCS3 kit on different systems, each with the latest mls policy and tools from dwalsh's people page. The behavior is the same on both systems. How reproducible: Steps to Reproduce: 1.Add user_r to staff_u: semanage user -m -R" sysadm_r staff_r user_r secadm_r auditadm_r" staff_u 2.verify that its there: semanage user -l |grep staff_u 3.Remove user_r from staff_u: semanage user -m -R" sysadm_r staff_r secadm_r auditadm_r" staff_u 4.verify that its gone: semanage user -l |grep staff_u Actual results: user_r still shows up. Expected results: shouldn't see user_r as a role for staff_u Additional info: I tested a patch to /usr/lib/python2.4/site-packages/seobject.py posted by Dan and it fixes the problem.
Fixed in policycoreutils-1_33_6-6
A package has been built which should help the problem described in this bug report. This report is therefore being closed with a resolution of CURRENTRELEASE. You may reopen this bug report if the solution does not work for you.