mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-24 23:12:05 +00:00
f39c0ac637
Using Vagrant with fedora/28-cloud-base image, SELinux logins are configured this way: # semanage login -l Login Name SELinux User MLS/MCS Range Service __default__ unconfined_u s0-s0:c0.c1023 * root unconfined_u s0-s0:c0.c1023 * vagrant unconfined_u s0-s0:c0.c1023 * Using "chcat -l +c42 vagrant" successfully adds the category to user vagrant, but "chcat -l -- -c42 vagrant" fails to remove it. semanage login -l returns: vagrant unconfined_u s0-s0:c0.c1023,c42 * This issue is caused by expandCats(), which refuses to return a list of more than 25 categories. This causes chcat_user_remove() to work with cats=['c0.c1023,c42'] instead of cats=['c0.c102','c42'], which leads to it not been able to remove 'c42' from the list. Fix this issue by splitting the list of categories before calling expandCats(). Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> |
||
---|---|---|
.. | ||
chcat | ||
chcat.8 | ||
Makefile |