Chapter 6. Setting Up Separate Roles

In this chapter, we will cover the following topics:

Managing SELinux users
Mapping Linux users to SELinux users
Running commands in a specified role with sudo
Running commands in a specified role with runcon
Switching roles
Creating a new role
Initial role based on entry
Defining role transitions
Looking into access privileges

Introduction

Roles provide a flexible, manageable approach to grant multiple users the proper rights. Instead of assigning privileges to individual users, roles are created to which privileges are granted. Users are then granted the role and inherit the privileges associated with this role.

In SELinux, roles are used to grant access to domains. An application domain that is used to manage certificates ...

Get SELinux Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SELinux Cookbook by Sven Vermeulen

Chapter 6. Setting Up Separate Roles

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly