Bug 1641

Summary: Add SELinux roles
Product: Portable OpenSSH Reporter: jchadima
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WONTFIX    
Severity: normal CC: djm, jfch, pcerny, t8m
Priority: P2    
Version: 5.2p1   
Hardware: Other   
OS: Linux   
Attachments:
Description Flags
Patch solving the problem none

Description jchadima 2009-08-31 18:56:15 AEST 
Add support for choosing SELinux role from the client (ssh user/role@server)
Comment 1 jchadima 2009-08-31 20:51:43 AEST 
Created attachment 1688 [details]
Patch solving the problem
Comment 2 Damien Miller 2009-09-01 16:27:41 AEST 
I don't like this approach of sending magic usernames. It has already caused us problems with its (ab)use for selecting BSD auth styles, cf bug #937.
Comment 3 Tomas Mraz 2009-09-01 17:07:47 AEST 
Damien, do you have some proposal how could be this feature handled differently without using the magic usernames?
Comment 4 Damien Miller 2010-02-10 09:40:53 AEDT 
Well, it would take a protocol change. I'm not really keen to do this in stock OpenSSH to support the vagaries of one system. Perhaps if your propose something on the ietf-secsh list you might be able to get it adopted.
Comment 5 Damien Miller 2010-04-16 15:49:58 AEST 
Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1