On 05/19/2014 01:13 AM, dE wrote: > RBAC is completely optional in SELinux; however there appears to be no way to specify the allowed types for a particular user without specifying roles. > > Without this, there'll be no enforcement. You still need to have user->role and role->type associations, but you can simply have one role and remove any constraints related to roles. You cannot completely disable the RBAC mechanism like you can disable MLS. -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
