SELinux guest_r with sudo access
Posted: 2021/01/16 19:28:33
Hello everyone, my requirement is to create a custom SELinux role. While looking at using an already existing confined role [here] (https://access.redhat.com/documentation ... ined_users) , specifically at “Table 3.1. SELinux User Capabilities” section... I found a guest_r role which would be ideal if it was not for the fact it is not allowed to run su/sudo (which I would need). On the other end, the staff_r could also be ideal if it was not for the fact that they can access the networking layer (which I would not want).
Essentially I just need to customise a little either of the two staff_r / guest_r but I am having some troubles as to how to do this. Following the red hat guide I was able to create a role but based on an already existing one.
Suggestions?
I see there is a similar question here on Stackoverflow but it was not that useful.
Essentially I just need to customise a little either of the two staff_r / guest_r but I am having some troubles as to how to do this. Following the red hat guide I was able to create a role but based on an already existing one.
Suggestions?
I see there is a similar question here on Stackoverflow but it was not that useful.