On Tue, 18 Dec 2001 lonnie@outstep.com wrote:

> Now then, after making the new domain, should I presume that I can simply use
> the standard "adduser" to put a user in that domain, and also use the
> standard "chown" to change the ownership of files to belong to the new domain?

No. adduser hasn't been modified to be aware of SELinux, and chown only deals with the Linux user and group attributes. You need to define an entry for the new user and his authorized roles in policy/users and an entry for the new role and its authorized domain(s) in policy/rbac. To set the security context on the user's home directory, you can use the new 'chcon' program.

--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com




--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.