Linux command
newrole 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Example
newrole -r [role_name]
Example
newrole -t [type_name]
Example
newrole -l [s0-s0:c0.c1023]
Example
newrole -r [role_name] -t [type_name]
说明
newrole starts a new shell with a different SELinux security context. It allows users to transition between roles they're authorized to use, enabling role-based access control (RBAC) within SELinux. SELinux contexts have the format user:role:type:level. The newrole command changes the role and/or type components, which affects what actions the user can perform. Common transitions include switching from a restricted user role to an administrative role. The user must be mapped to the target role in SELinux policy (see semanage user). Authentication may be required depending on policy configuration.
参数
- -r, --role _role_
- Specify the new SELinux role
- -t, --type _type_
- Specify the new SELinux type (domain)
- -l, --level _level_
- Specify the new SELinux sensitivity level
- -p, --preserve-environment
- Preserve environment variables when transitioning
- -V, --version
- Display version information
FAQ
What is the newrole command used for?
newrole starts a new shell with a different SELinux security context. It allows users to transition between roles they're authorized to use, enabling role-based access control (RBAC) within SELinux. SELinux contexts have the format user:role:type:level. The newrole command changes the role and/or type components, which affects what actions the user can perform. Common transitions include switching from a restricted user role to an administrative role. The user must be mapped to the target role in SELinux policy (see semanage user). Authentication may be required depending on policy configuration.
How do I run a basic newrole example?
Run `newrole -r [role_name]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -r, --role _role_ do in newrole?
Specify the new SELinux role