1 files changed, 12 insertions, 3 deletions

diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index 77f3a1c17..d153f8fb5 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -54,7 +54,7 @@ static security_context_t
 ssh_selinux_getctxbyname(char *pwname)
 {
         security_context_t sc;
-        char *sename = NULL, *lvl = NULL;
+        char *sename = NULL, *role = NULL, *lvl = NULL;
         int r;
 
 #ifdef HAVE_GETSEUSERBYNAME
@@ -64,11 +64,20 @@ ssh_selinux_getctxbyname(char *pwname)
         sename = pwname;
         lvl = NULL;
 #endif
+        if (the_authctxt)
+                role = the_authctxt->role;
 
 #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL
-        r = get_default_context_with_level(sename, lvl, NULL, &sc);
+        if (role != NULL && role[0])
+                r = get_default_context_with_rolelevel(sename, role, lvl, NULL,
+                                                       &sc);
+        else
+                r = get_default_context_with_level(sename, lvl, NULL, &sc);
 #else
-        r = get_default_context(sename, NULL, &sc);
+        if (role != NULL && role[0])
+                r = get_default_context_with_role(sename, role, NULL, &sc);
+        else
+                r = get_default_context(sename, NULL, &sc);
 #endif
 
         if (r != 0) {