-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Todd Miller wrote: > Daniel J Walsh wrote: >> I don't recall, I wrote it several years ago. I guess the simplest >> thing is to try it out, without the fork. > > Seems to work fine without the fork. I've made quite a few changes and > you can now specify sudoers lines like: > > tmiller ALL=(ALL) ROLE=sysadm_r TYPE=sysadmin_t /bin/sh > > and have it do what (I think) you want. Note that "make install" does > not currently set the label on sesh, perhaps it should. I'm also not > sure that /usr/sbin is the best place for sesh. My inclination would be > to put it in /usr/libexec, though this is not a big deal. > > - todd You are the boss. Move it to /usr/libexec. And I will fix policy to label it correctly. I would not put SELinux awareness into the install, that is either "install", rpm. dpkg problem. I look forward to testing it out. And once it is in Rawhide, will blog about how to use it with SELinux. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkerPeQACgkQrlYvE4MpobM0dgCgsVNlzSmComL5m39JExgG0cjj Z3gAoJ1GydVEoFvHUf4CNvgjNhZNoygg =grpX -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
