RH Linux login u_user:system_r:unconfined_t?

thllgo · 08-23-2007, 04:46 PM

Hello

When I login to a new RH AS4 box I just built I get

Your default context is user_u:system_r:unconfined_t
Do you want to choose a different one.

I have installed the legacy rlogin/rsh daemons and am running NIS. I have set SElinux to permissive. I have setup 4 other boxes and don't get this query. What could I have done wrong this time to get this query. I get it every time I login.

Help

unSpawn · 08-23-2007, 05:37 PM

Nothing wrong, it's not an error. It's a question. With the SELinux "targeted" policy everything(?) that isn't defined by rules runs as unconfined_t. Maybe read up on SELinux?

thllgo · 08-23-2007, 05:39 PM

I checked the targeted policies against the other 4 boxes and it appears to be the same. What I don't understand is why this box asks the question and the other 4 do not.

thllgo · 08-23-2007, 05:55 PM

I found that by removing the word multiple from the line

session required pam_selinux.so multiple open

in /etc/pam.d/login and /etc/pam.d/remote stopped the question. I don't know why and the other 4 systems have the word multiple in the file. I also don't know if I just broke something else.

I somehow don't think this is the correct way to get rid of the question since the other 4 don't seem to ask this question.

unSpawn · 08-24-2007, 04:29 AM

I also don't know if I just broke something else. I somehow don't think this is the correct way to get rid of the question since the other 4 don't seem to ask this question.
I don't think you broke anything. And I don't know in what way the other boxen are different from this one.