Daniel J Walsh wrote:
Ok this all sounds good, but how do we come to a consensus.
Do we need an "role attribute" to define "user" roles.
roleattribute staff_r user;
roleattribute user_r user;
roleattribute sysadm_r user;
Then do we need a mechanism in policy to associate roles with "user"
roles?
no language changes are necessary
How does all this work with MLS ranges?
Should we have a brainstorming session? It is important to us (Red
Hat) that we get this settled soon.
Do we have a new file which associates uids to user roles?
yes, from the policy language and kernel perspectives there need not
be any changes, basically instead of creating specific users:
user jbrindle { staff_r sysadm_r }
you create generic users:
user admin { staff_r sysadm_r }
user user_u { user_r }
and then associate linux logins (or groups!) with those generic users:
(libselinux will read this file instead of using the implicit login
name -> selinux name mapping)
group:wheel admin
default user_u
MLS would work the same way, the only difference being that you may
need more generic users to sufficiently cover all the role + level
combinations you need.
To make this backend independant the same mapping info could be
sitting in ldap or some other database.
The biggest challenge after this is labeling, how to label home
directories (Probably should only be done at useradd time, or when you
log into a computer the first time with LDAP, the utilities will have
to be a bit smarter about labeling)
Joshua Brindle