Add sysadm_r to default SELinux user map order

It is a standard SELinux user role included in RHEL (like user_r, staff_r, guest_r) and used quite often. Fixes: https://pagure.io/freeipa/issue/7658 Signed-off-by: François Cami <fcami@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-11-09 17:30:32 +01:00
parent 60a31d3f0e
commit 044ffe0dd0
3 changed files with 8 additions and 4 deletions
--- a/ipatests/test_xmlrpc/test_config_plugin.py
+++ b/ipatests/test_xmlrpc/test_config_plugin.py
@@ -148,8 +148,12 @@ class test_config(Declarative):

        dict(
            desc='Try to set new selinux order and invalid default user',
-            command=('config_mod', [],
-                dict(ipaselinuxusermaporder=u'xguest_u:s0$guest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023',
+            command=(
+                'config_mod', [],
+                dict(
+                    ipaselinuxusermaporder=u'xguest_u:s0$guest_u:s0'
+                    u'$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023'
+                    u'$sysadm_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023',
                    ipaselinuxusermapdefault=u'unknown_u:s0')),
            expected=errors.ValidationError(name='ipaselinuxusermapdefault',
                error='SELinux user map default user not in order list'),