Matthew Miller (mattdm@xxxxxxxxxx) said: > This all may sound complicated, but it's not. Usermode already implements > 99% of what was needed -- the core patch is about a dozen lines! (There's > also is_group_member and is_grouplist_member helper functions, but those are > very simple too.) > > And, it's a very non-evasive change, because if the config files aren't > changed, it defaults to acting exactly like it does now. > > See the patch, and the request, at: > > <http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=86188> > > Any comments/suggestions are very welcome. SELinux roles! :) Bill
