diff -Naur policycoreutils-1.30.30.dev/newrole/newrole.c policycoreutils-1.30.30.dev.rh/newrole/newrole.c
--- policycoreutils-1.30.30.dev/newrole/newrole.c	2006-10-04 17:01:17.000000000 -0500
+++ policycoreutils-1.30.30.dev.rh/newrole/newrole.c	2006-10-05 09:39:14.000000000 -0500
@@ -548,6 +548,7 @@
 	uid_t uid;
 	int fd;
 	int enforcing;
+	int ignore_privilage_actions = 0;
 	sigset_t empty;
 #ifdef USE_PAM
 	int rc;			/* pam return code */
@@ -562,8 +563,11 @@
 	};
 #endif
 
-	if (drop_capabilities())
-		return -1;
+	if (geteuid())
+		ignore_privilage_actions = 1;
+	else
+		if (drop_capabilities())
+			return -1;
 
 	/* Empty the signal mask in case someone is blocking a signal */
 	sigemptyset(&empty);
@@ -662,7 +666,9 @@
 	if (role_s && !type_s) {
 		if (get_default_type(role_s, &type_s)) {
 			fprintf(stderr, _("Couldn't get default type.\n"));
-			send_audit_message(0, old_context, new_context, ttyn);
+			if (!ignore_privilage_actions)
+				send_audit_message(0, old_context, new_context,
+						   ttyn);
 			exit(-1);
 		}
 #ifdef CANTSPELLGDB
@@ -851,7 +857,8 @@
 
 	if (security_check_context(new_context) < 0) {
 		fprintf(stderr, _("%s is not a valid context\n"), new_context);
-		send_audit_message(0, old_context, new_context, ttyn);
+		if (!ignore_privilage_actions)
+			send_audit_message(0, old_context, new_context, ttyn);
 		exit(-1);
 	}
 
@@ -960,12 +967,15 @@
 
 #ifdef USE_PAM
 #ifdef NAMESPACE_PRIV
-		rc = pam_close_session(pam_handle,0);
-		if(rc != PAM_SUCCESS) {
-			fprintf(stderr, "pam_close_session failed with %s\n",
-				pam_strerror(pam_handle, rc));
-			pam_end(pam_handle, rc);
-			exit(-1);
+		if (!ignore_privilage_actions) {
+			rc = pam_close_session(pam_handle,0);
+			if(rc != PAM_SUCCESS) {
+				fprintf(stderr,
+					"pam_close_session failed with %s\n",
+					pam_strerror(pam_handle, rc));
+				pam_end(pam_handle, rc);
+				exit(-1);
+			}
 		}
 #endif
 
@@ -1026,21 +1036,24 @@
 		exit(-1);
 	}
 #ifdef NAMESPACE_PRIV
-	/* Ask PAM to setup session for user running this program */
-	rc = pam_open_session(pam_handle,0);
-	if(rc != PAM_SUCCESS) {
-		fprintf(stderr, "pam_open_session failed with %s\n",
-			pam_strerror(pam_handle, rc));
-		exit(-1);
+	if (!ignore_privilage_actions) {
+		/* Ask PAM to setup session for user running this program */
+		rc = pam_open_session(pam_handle,0);
+		if(rc != PAM_SUCCESS) {
+			fprintf(stderr, "pam_open_session failed with %s\n",
+				pam_strerror(pam_handle, rc));
+			exit(-1);
+		}
 	}
 #endif
-
-	if (send_audit_message(1, old_context, new_context, ttyn))
-		exit(-1);
+	if (!ignore_privilage_actions)
+		if (send_audit_message(1, old_context, new_context, ttyn))
+			exit(-1);
 	freecon(old_context);
 #ifdef NAMESPACE_PRIV
-	if (transition_to_caller_uid())
-		exit(-1);
+	if (!ignore_privilage_actions)
+		if (transition_to_caller_uid())
+			exit(-1);
 #endif
 	execv(pw->pw_shell, argv + optind - 1);