Re: newrole using SELinux user identity for password lookups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2004-04-21 at 15:48, Colin Walters wrote:
> Ok.  Well do you (or anyone else, Dan?) have any suggestions for the
> short term?  For FC2 we could just tell users to always use 'su'.  The
> unfortunate thing here is that Fedora users who are reading upstream
> docs will get exactly the opposite information :/

In the short term, if you want to have it fall back to the Linux uid for
authentication purposes if the SELinux user identity is
SELINUX_DEFAULTUSER (defined in include/selinux/get_context_list.h),
then that is fine.  Just don't use the Linux uid as the user identity
for the new context.

-- 
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux