PERFORCE change 37035 for review

Chris Vance cvance at
Wed Aug 27 20:00:06 GMT 2003

Change 37035 by cvance at cvance_release on 2003/08/27 12:59:40

	Newrole program, based on the version from SELinux, but almost 
	completely re-written.  This should be considered "early access" 
	code, it still has quite a few known defects, but the base
	functionality is present.  
	Note: ttys are NOT relabeled appropriately yet (working on it).
	Note: if you don't specify a type on the command line, it will
	try to find an appropriate one by consulting
	/etc/security/sebsd/default_type (which isn't installed by default) 
	Note: I don't fully understand PAM.  I used PAM for authentication.
	This might not be done right (requires that the program is setuid?)
	Note: The SELinux counterpart did some weird fork & exec business,
	whereas I just mac_execve over the current program.

Affected files ...

.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/Makefile#1 add
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.1#1 add
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.c#1 add

Differences ...
To Unsubscribe: send mail to majordomo at
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list