Date: Wed, 27 Aug 2003 13:00:06 -0700 (PDT) From: Chris Vance <cvance@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 37035 for review Message-ID: <200308272000.h7RK06pD019291@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=37035 Change 37035 by cvance@cvance_release on 2003/08/27 12:59:40 Newrole program, based on the version from SELinux, but almost completely re-written. This should be considered "early access" code, it still has quite a few known defects, but the base functionality is present. Note: ttys are NOT relabeled appropriately yet (working on it). Note: if you don't specify a type on the command line, it will try to find an appropriate one by consulting /etc/security/sebsd/default_type (which isn't installed by default) Note: I don't fully understand PAM. I used PAM for authentication. This might not be done right (requires that the program is setuid?) Note: The SELinux counterpart did some weird fork & exec business, whereas I just mac_execve over the current program. Affected files ... .. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/Makefile#1 add .. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.1#1 add .. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.c#1 add Differences ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308272000.h7RK06pD019291>