SELinux/newrole

NEWROLE(1)                           NSA                           NEWROLE(1)

NAME newrole - run a shell with a new role

SYNOPSIS newrole [-r|--role]   ROLE  [-t|--type]   TYPE  [-l|--level]   LEVEL  [-- ][ARGS] ...

DESCRIPTION Run a new shell in a new context. The new context is derived from the old context  in  which  newrole  is originally executed. If the -r or --role option is specified, then the new context will  have  the  role specified by  ROLE. If the -t or --type option is specified, then the new context will have the type (domain) specified by TYPE. If a  role is specified,  but  no  type is specified, the default type is derived from the specified role. If the -l or --level  option  is  specified, then the  new  context  will  have  the sensitivity level specified by LEVEL. If LEVEL is a range, the new context will have the sensitivity level and clearance specified by that range.

Additional arguments  ARGS may be provided after a -- option, in which case they are supplied to the new shell. In particular, an argument of -- -c  will cause the next argument to be treated as a command by most command interpreters.

The new shell will be the shell specified in the user's entry  in  the /etc/passwd file.

FILES /etc/passwd - user account information /etc/shadow - encrypted passwords and age information

SEE ALSO su (1), runas (1)

AUTHORS Tim Fraser (tfraser@tislabs.com) Anthony Colatrella (amcolat@epoch.ncsc.mil)

Security Enhanced Linux         October 2000                       NEWROLE(1)