O'Reilly logo

SELinux System Administration by Sven Vermeulen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Jumping from one role to another

Although we can be assigned with multiple roles, we still need to switch roles based on our needs. SELinux supports multiple methods for switching roles and sensitivities or launching applications in specific categories.

Full role switching with newrole

The SELinux newrole application can be used to transition from one role to another. Consider an SELinux system without unconfined domains, and where we are by default logged in as the staff_r role. In order to perform administrative tasks, we need to switch to the sysadm_r administrative role, which we can do with newrole.

If the SELinux user we are mapped to (for example, sysadm_u) is allowed to access the specified role (in the example, sysadm_r), then our context ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required