provide a command to display all roles available to a user
Frank Mayer
mayerf at tresys.com
Thu Apr 29 11:52:26 UTC 2004
> The problem:
>
> Currently, there is no way for a user to display what roles are
> available ... available for switching to via a newrole command.
>
> Solution:
>
> Provide a command to display the roles available to a user ... what
> roles could be specified for that user on a newroles command.
If you have setools installed, then run 'seuser show roles' or 'seinfo -r';
seinfo is a more general purpose command. 'seuser users username' or 'seinfo
-uusername -x' will show the authorized roles for username.
Currently (as of v 1.3) these tools require policy sources to be installed to
work (it uses the policy.conf file). Shortly (couple of weeks) we'll release v
1.4 which will allow our core library to work off binary policy files (which
must always be present) breaking the requirement for policy sources (unless of
course you plan to use seuser to add a user!).
Frank
More information about the fedora-selinux-list
mailing list