runcon vs newrole
Daniel J Walsh
dwalsh at redhat.com
Tue May 15 18:24:13 UTC 2007
Clarkson, Mike R (US SSA) wrote:
> What are the differences between and advantages/disadvantages of the
> following two commands:
>
> runcon -l s1 <cmd>
> newrole -l s1 --c <cmd>
>
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
Of the top of my head
newrole will change the terminal to the level you want to output. So if
the app read/writes to the terminal it will work.
runcon will not so terminal apps will fail. Writing SystemHigh to a
SystemLow terminal should not work.
More information about the selinux
mailing list