Home | History | Annotate | Download | only in ru 
 NEWROLE "1" " 2000" "Security Enhanced Linux" NSA
 
newrole -      SELinux

 
 newrole [-r|--role]
ROLE
[-t|--type]
TYPE
[-l|--level]
[-p|--preserve-environment]
LEVEL [-- [ARGS]...]

 

     .      ,    
 newrole.   
 -r 
 --role ,     ,  
ROLE.
   
 -t 
 --type ,      (), 
TYPE.
  ,    ,       .   
 -l 
 --level ,      ,  
LEVEL.

LEVEL
 ,        ,   .   
 -p 
 --preserve-environment ,     SELinux   ,        .


 
 ARGS     --,
       .
 ,    -- -c         .


  newrole         /etc/selinux/newrole_pam.conf,    pam,      ,     pam  newrole.     pam       newrole, ,      .


   ,      
 /etc/passwd. 

 -V  
 --version    newrole



 
 :
 # id -Z
 staff_u:staff_r:staff_t:SystemLow-SystemHigh
 # newrole -r sysadm_r
 # id -Z
 staff_u:sysadm_r:sysadm_t:SystemLow-SystemHigh

   :
 # id -Z
 staff_u:sysadm_r:sysadm_t:Unclassified-SystemHigh
 # newrole -l Secret
 # id -Z
 staff_u:sysadm_r:sysadm_t:Secret-SystemHigh



    :
 # id -Z
 staff_u:sysadm_r:sysadm_t:Unclassified-SystemHigh
 # newrole -l Secret-Secret
 # id -Z
 staff_u:sysadm_r:sysadm_t:Secret



      :
 # newrole -r sysadm_r -- -c "/path/to/app arg1 arg2..."
 # newrole -l Secret -- -c "/path/to/app arg1 arg2..."


 
/etc/passwd -     
/etc/shadow -       
/etc/selinux/<policy>/contexts/default_type -     
/etc/selinux/<policy>/contexts/securetty_types -  securetty   
/etc/selinux/newrole_pam.conf -       pam 

  
 runcon (1) 
 
Anthony Colatrella
Tim Fraser
Steve Grubb <sgrubb (at] redhat.com>
Darrel Goeddel <DGoeddel (at] trustedcs.com>
Michael Thompson <mcthomps (at] us.ibm.com>
Dan Walsh <dwalsh (at] redhat.com>
       <gammaray (at] basealt.ru>