SELinux guest_r with sudo access

Support for security such as Firewalls and securing linux
Post Reply
gettons
Posts: 3
Joined: 2011/05/23 08:24:05

SELinux guest_r with sudo access

Post by gettons » 2021/01/16 19:28:33

Hello everyone, my requirement is to create a custom SELinux role. While looking at using an already existing confined role [here] (https://access.redhat.com/documentation ... ined_users) , specifically at “Table 3.1. SELinux User Capabilities” section... I found a guest_r role which would be ideal if it was not for the fact it is not allowed to run su/sudo (which I would need). On the other end, the staff_r could also be ideal if it was not for the fact that they can access the networking layer (which I would not want).

Essentially I just need to customise a little either of the two staff_r / guest_r but I am having some troubles as to how to do this. Following the red hat guide I was able to create a role but based on an already existing one.

Suggestions?

I see there is a similar question here on Stackoverflow but it was not that useful.

sml
Posts: 246
Joined: 2020/01/17 09:01:44

Re: SELinux guest_r with sudo access

Post by sml » 2021/01/16 19:39:08

When cross-posting please provide the link.

gettons
Posts: 3
Joined: 2011/05/23 08:24:05

Re: SELinux guest_r with sudo access

Post by gettons » 2021/01/17 07:12:21

Fair enough, apologies

Post Reply

Return to “CentOS 7 - Security Support”