> The problem: > > Currently, there is no way for a user to display what roles are > available ... available for switching to via a newrole command. > > Solution: > > Provide a command to display the roles available to a user ... what > roles could be specified for that user on a newroles command. If you have setools installed, then run 'seuser show roles' or 'seinfo -r'; seinfo is a more general purpose command. 'seuser users username' or 'seinfo -uusername -x' will show the authorized roles for username. Currently (as of v 1.3) these tools require policy sources to be installed to work (it uses the policy.conf file). Shortly (couple of weeks) we'll release v 1.4 which will allow our core library to work off binary policy files (which must always be present) breaking the requirement for policy sources (unless of course you plan to use seuser to add a user!). Frank
