change selinux user's roles

All of lore.kernel.org
 help / color / mirror / Atom feed

* change selinux user's roles
@ 2014-05-27 17:45 toản cù
  2014-05-27 17:57 ` Stephen Smalley
  0 siblings, 1 reply; 5+ messages in thread
From: toản cù @ 2014-05-27 17:45 UTC (permalink / raw)
  To: selinux

[-- Attachment #1: Type: text/plain, Size: 707 bytes --]

Hi all!

I want to change a selinux user's role
Examble:
   Linux account: ToanCu and relation with SELinux user staff_u (staff_u
can access a number of roles staff_r, system_r, unconfiled_r, sysadm_r)
when I checked context of user by command *# id,* i have context of selinux
user :
uid=502(ToanCu) gid=503(ToanCu) groups=503(ToanCu)
*context=staff_u:staff_r:staff_t:s0-s0:c0.c1023*

I want to change the context above to : *context:
staff_u:sysadm_r:staff_t:s0-s0:c0.c1023*

Look forward your help!

Thanks!

-- 
Mr.Toan-Cu Xuan

School of Electronics and Telecommunications

Hanoi University of Science and Technology

1 Dai Co Viet, Ha noi, Viet nam.

Phone: 01656228762

Email:xuantoanbkfet@gmail.com

[-- Attachment #2: Type: text/html, Size: 2107 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: change selinux user's roles
  2014-05-27 17:45 change selinux user's roles toản cù
@ 2014-05-27 17:57 ` Stephen Smalley
  2014-05-27 18:22   ` toản cù
  0 siblings, 1 reply; 5+ messages in thread
From: Stephen Smalley @ 2014-05-27 17:57 UTC (permalink / raw)
  To: toản cù, selinux

On 05/27/2014 01:45 PM, toản cù wrote:
> Hi all!
> 
> I want to change a selinux user's role 
> Examble: 
>    Linux account: ToanCu and relation with SELinux user staff_u (staff_u
> can access a number of roles staff_r, system_r, unconfiled_r, sysadm_r) 
> when I checked context of user by command *# id,* i have context of
> selinux user : 
> uid=502(ToanCu) gid=503(ToanCu) groups=503(ToanCu)
> *context=staff_u:staff_r:staff_t:s0-s0:c0.c1023*
> 
> I want to change the context above to : *context:
> staff_u:sysadm_r:staff_t:s0-s0:c0.c1023*
> 
> Look forward your help!
> 
> Thanks!

newrole -r sysadm_r

or

sudo -r sysadm_r <command>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: change selinux user's roles
  2014-05-27 17:57 ` Stephen Smalley
@ 2014-05-27 18:22   ` toản cù
  2014-05-27 18:32     ` Stephen Smalley
  0 siblings, 1 reply; 5+ messages in thread
From: toản cù @ 2014-05-27 18:22 UTC (permalink / raw)
  To: Stephen Smalley; +Cc: selinux

[-- Attachment #1: Type: text/plain, Size: 1068 bytes --]

Thank for your suggestion! could you tell me detail! or a link relate it!


2014-05-28 0:57 GMT+07:00 Stephen Smalley <sds@tycho.nsa.gov>:

> On 05/27/2014 01:45 PM, toản cù wrote:
> > Hi all!
> >
> > I want to change a selinux user's role
> > Examble:
> >    Linux account: ToanCu and relation with SELinux user staff_u (staff_u
> > can access a number of roles staff_r, system_r, unconfiled_r, sysadm_r)
> > when I checked context of user by command *# id,* i have context of
> > selinux user :
> > uid=502(ToanCu) gid=503(ToanCu) groups=503(ToanCu)
> > *context=staff_u:staff_r:staff_t:s0-s0:c0.c1023*
> >
> > I want to change the context above to : *context:
> > staff_u:sysadm_r:staff_t:s0-s0:c0.c1023*
> >
> > Look forward your help!
> >
> > Thanks!
>
> newrole -r sysadm_r
>
> or
>
> sudo -r sysadm_r <command>
>
>


-- 
Mr.Toan-Cu Xuan

School of Electronics and Telecommunications

Hanoi University of Science and Technology

1 Dai Co Viet, Ha noi, Viet nam.

Phone: 01656228762

Email:xuantoanbkfet@gmail.com

[-- Attachment #2: Type: text/html, Size: 2198 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: change selinux user's roles
  2014-05-27 18:22   ` toản cù
@ 2014-05-27 18:32     ` Stephen Smalley
  2014-05-27 18:40       ` toản cù
  0 siblings, 1 reply; 5+ messages in thread
From: Stephen Smalley @ 2014-05-27 18:32 UTC (permalink / raw)
  To: toản cù; +Cc: selinux

On 05/27/2014 02:22 PM, toản cù wrote:
> Thank for your suggestion! could you tell me detail! or a link relate it!

Run 'man newrole' to read the manual page for it, or see:
http://linux.die.net/man/1/newrole

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: change selinux user's roles
  2014-05-27 18:32     ` Stephen Smalley
@ 2014-05-27 18:40       ` toản cù
  0 siblings, 0 replies; 5+ messages in thread
From: toản cù @ 2014-05-27 18:40 UTC (permalink / raw)
  To: Stephen Smalley; +Cc: selinux

[-- Attachment #1: Type: text/plain, Size: 536 bytes --]

Thank you very much!


2014-05-28 1:32 GMT+07:00 Stephen Smalley <sds@tycho.nsa.gov>:

> On 05/27/2014 02:22 PM, toản cù wrote:
> > Thank for your suggestion! could you tell me detail! or a link relate it!
>
> Run 'man newrole' to read the manual page for it, or see:
> http://linux.die.net/man/1/newrole
>
>


-- 
Mr.Toan-Cu Xuan

School of Electronics and Telecommunications

Hanoi University of Science and Technology

1 Dai Co Viet, Ha noi, Viet nam.

Phone: 01656228762

Email:xuantoanbkfet@gmail.com

[-- Attachment #2: Type: text/html, Size: 1493 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2014-05-27 18:40 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-05-27 17:45 change selinux user's roles toản cù
2014-05-27 17:57 ` Stephen Smalley
2014-05-27 18:22   ` toản cù
2014-05-27 18:32     ` Stephen Smalley
2014-05-27 18:40       ` toản cù

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.