From owner-p4-projects@FreeBSD.ORG  Wed Aug 27 13:00:08 2003
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 520EB16A4C2; Wed, 27 Aug 2003 13:00:08 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2035616A4C0
	for <perforce@freebsd.org>; Wed, 27 Aug 2003 13:00:08 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3963B43FF9
	for <perforce@freebsd.org>; Wed, 27 Aug 2003 13:00:07 -0700 (PDT)
	(envelope-from cvance@nailabs.com)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h7RK070U019294
	for <perforce@freebsd.org>; Wed, 27 Aug 2003 13:00:07 -0700 (PDT)
	(envelope-from cvance@nailabs.com)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h7RK06pD019291
	for perforce@freebsd.org; Wed, 27 Aug 2003 13:00:06 -0700 (PDT)
Date: Wed, 27 Aug 2003 13:00:06 -0700 (PDT)
Message-Id: <200308272000.h7RK06pD019291@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	cvance@nailabs.com using -f
From: Chris Vance <cvance@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 37035 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Aug 2003 20:00:08 -0000

http://perforce.freebsd.org/chv.cgi?CH=37035

Change 37035 by cvance@cvance_release on 2003/08/27 12:59:40

	Newrole program, based on the version from SELinux, but almost 
	completely re-written.  This should be considered "early access" 
	code, it still has quite a few known defects, but the base
	functionality is present.  
	
	Note: ttys are NOT relabeled appropriately yet (working on it).
	
	Note: if you don't specify a type on the command line, it will
	try to find an appropriate one by consulting
	/etc/security/sebsd/default_type (which isn't installed by default) 
	
	Note: I don't fully understand PAM.  I used PAM for authentication.
	This might not be done right (requires that the program is setuid?)
	
	Note: The SELinux counterpart did some weird fork & exec business,
	whereas I just mac_execve over the current program.

Affected files ...

.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/Makefile#1 add
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.1#1 add
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.c#1 add

Differences ...