[redhat-lspp] RBAC Roles
Steve Grubb
sgrubb at redhat.com
Tue Sep 20 13:03:22 UTC 2005
On Tuesday 20 September 2005 08:29, Karl MacMillan wrote:
> [kmacmillan at localhost ~]$ seinfo --users=root -x
> root
> system_r
> user_r
> sysadm_r
cool...we are on the right track.
> You must provide a username that policy understands,
That's not what RBAC says.
> as Steve mentions. It wouldn't be hard to make it understand Linux usernames
> as well. Note that you must be able to read the policy in order to run this
> utility (I'm running this under targeted above).
This leads to a question about whether or not the file should be broken up on
a per user basis so that a user can query just his own capabilities?
-Steve
More information about the redhat-lspp
mailing list