I'm trying to add a new role and test it by adding a user with access to that role. I can su to the new user, but then when I try to newrole I get "... is not a valid context". Here are my steps so far; I'm using Fedora Core 3 and starting from the default strict policy:

#useradd engineer

Added the following to .../strict/src/policy/users user engineer roles { user_r developer_r };

Added the following to .../strict/src/policy/domains/user.te full_user_role(developer)
allow system_r developer_r
allow sysadm_r developer_r
allow user_r developer_r
allow staff_r developer_r

Added the following into in_user_role macro in .../strict/src/policy/macros/user_macros.te role developer_r types $1;

Added the following to .../strict/src/policy/appconfig/default_type developer_r:user_t

#make load

steve$ id -Z
user_u:user_r:user_t
steve$ su engineer
engineer$ id -Z
engineer:user_r:user_t
engineer$ newrole -r developer_r
engineer:developer_r:user_t is not a valid context

Any ideas what I've neglected in setting this up? Thanks!

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.