21 May
2008
21 May
'08
12:50 p.m.
On Wed, 2008-05-21 at 12:01 +0200, Rob Visser wrote:
Hello,
Is it possible to administer SELINUX users and RBAC stuff in LDAP? With RH directory server? It would be nice, since all the other stuff can be administered in LDAP.
Not yet, but known as a need. Likely would take the form of moving seusers management out of libsemanage and adding a LDAP lookup back end to libselinux getseuserbyname(). Then you could manage at least the Linux user -> (SELinux user, MLS range) authorizations in LDAP.
--
Stephen Smalley
National Security Agency