Re: Roles in selinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 09/29/2014 08:32 AM, William wrote:

Hi,

On my Fedora 20 system, I list roles and I can see:

semanage user -l

                 Labeling   MLS/       MLS/
SELinux User    Prefix     MCS Level  MCS Range
SELinux Roles

guest_u         user       s0         s0
guest_r
root            user       s0         s0-s0:c0.c1023
staff_r sysadm_r system_r unconfined_r
staff_u         user       s0         s0-s0:c0.c1023
staff_r sysadm_r system_r unconfined_r
sysadm_u        user       s0         s0-s0:c0.c1023
sysadm_r
system_u        user       s0         s0-s0:c0.c1023
system_r unconfined_r
unconfined_u    user       s0         s0-s0:c0.c1023
system_r unconfined_r
user_u          user       s0         s0
user_r
xguest_u        user       s0         s0
xguest_r


However http://www.selinuxproject.org/page/RefpolicyBasicRoleCreation
lists roles such as logadm_r etc. Is there a reason these are not in
f20?
This is what we define for the default SELinux users. You can list all roles using 

$ seinfo -r

and you can assign them to a user using semanage-user.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux