Bug 440641 - selinux user_u runs in unconfined_t userdomain
selinux user_u runs in unconfined_t userdomain
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-04 07:32 EDT by Dominick Grift
Modified: 2008-04-04 18:05 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-04-04 18:05:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dominick Grift 2008-04-04 07:32:58 EDT
Description of problem:
user_u selinux user has system_r role assigned.
This means that user_u runs in domain unconfined_t (instead of domain user_t)

Version-Release number of selected component (if applicable):
fedora 8 and rawhide

How reproducible:
useradd -Z user_u testuser
id -Z testuser

Steps to Reproduce:
1.
2.
3.
  
Actual results:
unconfined_t

Expected results:
user_t

Additional info:
Comment 1 Daniel Walsh 2008-04-04 18:05:30 EDT
Fixed in selinux-policy-3.3.1-28.fc9

Will not fix in Fedora 8 since some people login with user_u:system_r:unconfined_t

User confinement is more useful in Fedora 9

Note You need to log in before you can comment on or make changes to this bug.