Hi Stephen, Below is the output of command :
* sestatus -v output* *SELinux status: enabled* *SELinuxfs mount: /sys/fs/selinux* *SELinux root directory: /etc/selinux* *Loaded policy name: targeted* *Current mode: enforcing* *Mode from config file: permissive* *Policy MLS status: enabled* *Policy deny_unknown status: allowed* *Max kernel policy version: 28* *Process contexts:* *Current context: system_u:system_r:unconfined_t:s0-s0:c0.c1023* *Init context: system_u:system_r:init_t:s0* */usr/sbin/sshd system_u:system_r:sshd_t:s0-s0:c0.c1023* *File contexts:* *Controlling terminal: system_u:object_r:sshd_devpts_t:s0* */etc/passwd system_u:object_r:passwd_file_t:s0* */etc/shadow system_u:object_r:shadow_t:s0* */bin/bash system_u:object_r:shell_exec_t:s0* */bin/login system_u:object_r:login_exec_t:s0* */bin/sh system_u:object_r:bin_t:s0 -> system_u:object_r:shell_exec_t:s0* */sbin/agetty system_u:object_r:getty_exec_t:s0* */sbin/init system_u:object_r:bin_t:s0 -> system_u:object_r:init_exec_t:s0* */usr/sbin/sshd system_u:object_r:sshd_exec_t:s0* */lib/libc.so.6 system_u:object_r:lib_t:s0 -> system_u:object_r:lib_t:s0* */lib/ld-linux.so.2 system_u:object_r:lib_t:s0 -> system_u:object_r:ld_so_t:s0* *Also I am using ssh session for login.* *Please let me know how to change id command context to unconfined_u or Sysadm_u.* Thanks in advance Aman On Mon, Nov 27, 2017 at 9:29 PM, Stephen Smalley <[email protected]> wrote: > On Fri, 2017-11-24 at 10:47 +0530, Aman Sharma wrote: > > > > > > Hi All, > > > > Currently Working on Cent OS 7.3 and login as a root User and my Id > > command output is : > > > > id > > uid=0(root) gid=0(root) groups=0(root) > > context=system_u:system_r:unconfined_t:s0-s0:c0.c1023 > > > > I want to change System_u:system_r:unconfined_t to sysadm_u:sysadm_r > > or unconfined_u:unconfined_r. > > > > Also showing the output of following command : > > > > semanage user -l > > > > Labeling MLS/ MLS/ > > SELinux User Prefix MCS Level MCS Range > > SELinux Roles > > > > admin_u user s0 s0-s0:c0.c1023 > > sysadm_r system_r > > guest_u user s0 s0 > > guest_r > > root user s0 s0-s0:c0.c1023 > > staff_r sysadm_r > > specialuser_u user s0 s0 > > sysadm_r system_r > > staff_u user s0 s0-s0:c0.c1023 > > staff_r sysadm_r system_r > > sysadm_u user s0 s0-s0:c0.c1023 > > sysadm_r > > system_u user s0 s0-s0:c0.c1023 > > system_r > > unconfined_u user s0 s0-s0:c0.c1023 > > system_r unconfined_r > > user_u user s0 s0 > > user_r > > xguest_u user s0 s0 > > xguest_r > > > > > > semanage login -l > > > > Login Name SELinux User MLS/MCS Range > > Service > > > > __default__ sysadm_u s0-s0:c0.c1023 * > > ccmservice specialuser_u s0 * > > cucm admin_u s0-s0:c0.c1023 * > > drfkeys specialuser_u s0 * > > drfuser specialuser_u s0 * > > informix specialuser_u s0 * > > pwrecovery specialuser_u s0 * > > root sysadm_u s0-s0:c0.c1023 * > > sftpuser specialuser_u s0 * > > system_u sysadm_u s0-s0:c0.c1023 * > > > > > > Can anybody Please help me. > > What is your sestatus -v output? How are you logging in (console, gdm, > ssh, ...)? > > You don't appear to be running the default policy, or if you are, > someone has heavily customized your user and login mappings. > > > -- Thanks Aman Cell: +91 9990296404 | Email ID : [email protected]
