On Wed, 14 Apr 2010 08:35:56 -0400, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > sudo in RHEL6 and F11 and beyond added newrole type functionality to > sudo. This package will not be back ported to RHEL5. (Sorry). > One option would be to add newrole to a shell script executed by sudo. > > sudo audit.sh > > cat audit.sh > newrole -r auditadm_r -t auditadm_t COMMAND > > Then add pam_rootok to /etc/pam.d/newrole That's a bit of a bummer. I had seen your discussions with the sudo devs that was about a year or more old, so I was hoping this had found its way into RHEL already. I'll test this workaround today and see if it does what I want. Thanks! James C. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
