GNU.WIKI: The GNU/Linux Knowledge Base

  [HOME] [PHP Manual] [HowTo] [ABS] [MAN1] [MAN2] [MAN3] [MAN4] [MAN5] [MAN6] [MAN7] [MAN8] [MAN9]

  [0-9] [Aa] [Bb] [Cc] [Dd] [Ee] [Ff] [Gg] [Hh] [Ii] [Jj] [Kk] [Ll] [Mm] [Nn] [Oo] [Pp] [Qq] [Rr] [Ss] [Tt] [Uu] [Vv] [Ww] [Xx] [Yy] [Zz]


NAME

       local.users - The SELinux local users configuration file

DESCRIPTION

       The file contains local user definitions in the form of policy language
       user statements and is only found on older SELinux systems  as  it  has
       been deprecated and replaced by the semange(8) services.

       This file is only read by selinux_mkload_policy(3) when SETLOCALDEFS in
       the SELinux config file (see selinux_config(5)) is set to 1.

       selinux_users_path(3)  will  return  the  active  policy  path  to  the
       directory where this file is located. The default local users file is:
              /etc/selinux/{SELINUXTYPE}/contexts/users/local.users

       Where  {SELINUXTYPE}  is  the entry from the selinux configuration file
       config (see selinux_config(5)).

FILE FORMAT

       The file consists of one or more entries terminated with ';', each on a
       separate line as follows:
              user seuser_id roles role_id [[level level] [range range]];

       Where:
              user
                     The user keyword.
              seuser_id
                     The SELinux user identifier.
              roles
                     The roles keyword.
              role_id
                     One   or   more  previously  declared  role  identifiers.
                     Multiple role identifiers consist of  a  space  separated
                     list enclosed in braces '{}'.
              level
                     If MLS/MCS is configured, the level keyword.
              level
                     The  users  default  security  level.  Note that only the
                     sensitivity component of the level (e.g. s0) is required.
              range
                     If MLS/MCS is configured, the range keyword.
              range
                     The current and clearance levels that the user  can  run.
                     These  are  separated  by  a  hyphen  '-' as shown in the
                     EXAMPLE section.

EXAMPLE

       # ./users/local.users
       user test_u roles staff_r level s0 range s0 - s15:c0.c1023;

SEE ALSO

       selinux(8), semanage(8), selinux_users_path(3), selinux_config(5),
       selinux_mkload_policy(3)



  All copyrights belong to their respective owners. Other content (c) 2014-2018, GNU.WIKI. Please report site errors to webmaster@gnu.wiki.
Page load time: 0.086 seconds. Last modified: November 04 2018 12:49:43.