This is the command newrole that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
newrole - run a shell with a new SELinux role
SYNOPSIS
newrole [-r|--role] ROLE [-t|--type] TYPE [-l|--level] LEVEL [-- [ARGS]...]
DESCRIPTION
Run a new shell in a new context. The new context is derived from the old context in
which newrole is originally executed. If the -r or --role option is specified, then the
new context will have the role specified by ROLE. If the -t or --type option is
specified, then the new context will have the type (domain) specified by TYPE. If a role
is specified, but no type is specified, the default type is derived from the specified
role. If the -l or --level option is specified, then the new context will have the
sensitivity level specified by LEVEL. If LEVEL is a range, the new context will have the
sensitivity level and clearance specified by that range.
Additional arguments ARGS may be provided after a -- option, in which case they are
supplied to the new shell. In particular, an argument of -- -c will cause the next
argument to be treated as a command by most command interpreters.
If a command argument is specified to newrole and the command name is found in
/etc/selinux/newrole_pam.conf, then the pam service name listed in that file for the
command will be used rather than the normal newrole pam configuration. This allows for
per-command pam configuration when invoked via newrole, e.g. to skip the interactive re-
authentication phase.
The new shell will be the shell specified in the user's entry in the /etc/passwd file.
The -V or --version shows the current version of newrole
EXAMPLE
Changing role:
# id -Z
staff_u:staff_r:staff_t:SystemLow-SystemHigh
# newrole -r sysadm_r
# id -Z
staff_u:sysadm_r:sysadm_t:SystemLow-SystemHigh
Changing sensitivity only:
# id -Z
staff_u:sysadm_r:sysadm_t:Unclassified-SystemHigh
# newrole -l Secret
# id -Z
staff_u:sysadm_r:sysadm_t:Secret-SystemHigh
Changing sensitivity and clearance:
# id -Z
staff_u:sysadm_r:sysadm_t:Unclassified-SystemHigh
# newrole -l Secret-Secret
# id -Z
staff_u:sysadm_r:sysadm_t:Secret
Running a program in a given role or level:
# newrole -r sysadm_r -- -c "/path/to/app arg1 arg2..."
# newrole -l Secret -- -c "/path/to/app arg1 arg2..."
Use newrole online using onworks.net services