Description of problem: In default settings in setrans.conf is "s0=" and therefore shouldn't be translated/displayed. But chcat listing of users shows s0, even that other levels/categories are translated correctly: # chcat -L -l user17003 user17003: s0 # chcat -l -- +Marketing user17003 user17003: Marketing If I add "s0=SystemLow" into setrans, the listing of s0 cat by chcat works fine: #chcat -L -l user17003 user17003: SystemLow But other translation don't work as expected (with definition s0:c0=Marketing): # chcat -l -- +Marketing user17003 # chcat -L -l user8977 user8977: SystemLow:Marketing Expected (as it works in RHEL6,7 this way): # chcat -L -l user8977 user8977: Marketing And then also adding new category to file or user failes: # chcat -l -- +Finance user8977 libsepol.mls_from_string: invalid MLS context s0-s0:c0,Finance libsepol.mls_from_string: could not construct mls context structure libsemanage.validate_handler: seuser mapping [user8977 -> (user_u, s0-s0:c0,Finance)] is invalid libsemanage.dbase_llist_iterate: could not iterate over records /usr/sbin/semanage: Could not modify login mapping for user8977 .. or .. # chcat -- +Marketing chcon: failed to change context of /tmp/file.TKrX1585 to root:object_r:tmp_t:s0:Marketing: Invalid argument Version-Release number of selected component (if applicable): policycoreutils-1.33.12-14.8.el5_9 mcstrans-0.2.11-3.el5
Please run these checks on RHEL6, we are not likely to fix them in RHEL5.
Development Management has reviewed and declined this request. You may appeal this decision by reopening this request.