policycoreutils version

Clarkson, Mike R (US SSA) mike.clarkson at baesystems.com
Tue Oct 16 17:10:27 UTC 2007

Is "policycoreutils 2.0.19 or later" available as a Red Hat rpm or do I
need to download this from another source? It's much easier for me to
get approval to download directly from Red Hat then from other sources
but it looks like 1.33.12 is the current version from Red Hat.

> -----Original Message-----
> From: Stephen Smalley [mailto:sds at tycho.nsa.gov]
> Sent: Tuesday, October 16, 2007 4:56 AM
> To: Clarkson, Mike R (US SSA)
> Cc: selinux at tycho.nsa.gov; Joshua Brindle
> Subject: Re: newrole authentication
> On Mon, 2007-10-15 at 16:12 -0700, Clarkson, Mike R (US SSA) wrote:
> > Will someone point me to information or send me an example on how to
> > up newrole so that is does not ask for a password, so that it can by
> > used like this within software "newrole -l s1 -- -c <cmd>"?
> You need policycoreutils 2.0.19 or later, or you need to back port
> change to whatever newrole you have.
> See:
> http://marc.info/?t=117769973100008&r=1&w=2
> http://marc.info/?l=selinux&m=117865153827263&w=2
> Then you can set up a /etc/selinux/newrole_pam.conf file with e.g.:
> /path/to/cmd newrole-noauth
> and you can set up a /etc/pam.d/newrole-noauth file with pam_permit.so
> as the auth module.
> --
> Stephen Smalley
> National Security Agency

More information about the fedora-selinux-list mailing list