changing of sulogin for SELinux roles?
Stephen Smalley
sds at tycho.nsa.gov
Wed Sep 21 20:26:23 UTC 2005
On Wed, 2005-09-21 at 16:13 -0400, Bill Nottingham wrote:
> There's an open bug for changing sulogin to handle multiple
> accounts with uid 0. Wouldn't it also be useful to change
> it to check roles as well (for strict policy)?
Can you elaborate a little, or point to the bugzilla entry?
It presently just uses the default context for "root" from sulogin's
domain, where the default can be altered via the default_contexts
configuration. Were you thinking of having it allow the user to select
a context if multiple contexts are returned like pam_selinux does?
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list