SELINUX admin with LDAP

Stephen Smalley sds at
Wed May 21 11:50:44 UTC 2008

On Wed, 2008-05-21 at 12:01 +0200, Rob Visser wrote:
> Hello,
> Is it possible to administer SELINUX users and RBAC stuff in LDAP?
> With RH directory server?
> It would be nice, since all the other stuff can be administered in

Not yet, but known as a need.  Likely would take the form of moving
seusers management out of libsemanage and adding a LDAP lookup back end
to libselinux getseuserbyname().  Then you could manage at least the
Linux user -> (SELinux user, MLS range) authorizations in LDAP.

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list