Users in wheel group and confined to staff_u or sysadm_u cannot execute administration commands

Solution Unverified - Updated -

Issue

  • When a user in the wheel group is confined to staff_u, executing various administration commands under sudo fails

    $ id -Z
    staff_u:staff_r:staff_t:s0-s0:c0.c1023
    
    $ sudo less /var/log/messages
    /var/log/messages: Permission denied
    
    $ sudo systemctl restart rsyslog
    Failed to get D-Bus connection: Operation not permitted
    
    $ sudo yum info bash
    error: cannot open Packages database in /var/lib/rpm
    CRITICAL:yum.main:
    Error: rpmdb open failed
    
  • When a user in the wheel group is confined to sysadm_u, executing various administration commands under sudo fails

    $ id -Z
    sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023
    
    $ sudo systemctl restart rsyslog
    Failed to get D-Bus connection: Operation not permitted
    
    $ sudo yum info bash
    sudo: unable to execute /bin/yum: Permission denied
    

Environment

  • Red Hat Enterprise Linux 7
    • selinux-policy
    • sudo

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In