I think it is related to auditadm_r. If you just change the auditadm role, you cannot change to levels from SystemLow to SystemHigh either.
-Chad > -----Original Message----- > From: Michael C Thompson [mailto:[EMAIL PROTECTED] > Sent: Friday, May 12, 2006 12:42 PM > To: [email protected] > Subject: [redhat-lspp] newrole SystemHigh -> newrole SystemLow -- > permitted? > > > Hey all, > > Currently, I can't seem to be able to transition to > SystemHigh then from > the SystemHigh shell, transition to SystemLow again. > > I have done the following: > newrole -r auditadm_r -l SystemHigh > <password> > <new shell> > newrole -l SystemLow > <password> > Error: incorrect password for root > > > The password used is indeed the correct password. Regardless of this > being an error in the policy, this sounds like a bug for the > reporting > of the reason for denial. I imagine it should say something about an > invalid context change, if indeed that is what is happening. > > Is the policy supposed to permit an elevation of privilages > (in terms of > MLS), and then from that elevated shell, spawn a new lesser > privilaged > shell? > > Mike > > -- > redhat-lspp mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/redhat-lspp > -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
