seusers(5) SELinux configuration seusers(5)
NAME
seusers - The SELinux GNU/Linux user to SELinux user mapping configuration file
DESCRIPTION
The seusers file contains a list GNU/Linux user to SELinux user mapping for use by SELinux-aware login appliā
cations such as PAM(8).
selinux_usersconf_path(3) will return the active policy path to this file. The default SELinux users mapping
file is located at:
/etc/selinux/{SELINUXTYPE}/seusers
Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).
getseuserbyname(3) reads this file to map a GNU/Linux user or group to an SELinux user.
FILE FORMAT
Each line of the seusers configuration file consists of the following:
[%group_id]|[user_id]:seuser_id[:range]
Where:
group_id|user_id
The GNU/Linux user id, or if preceded by the percentage (%) symbol, then a GNU/Linux group id.
An optional entry set to __default__ can be provided as a fall back if required.
seuser_id
The SELinux user identity.
range
The optional level or range for an MLS/MCS policy.
EXAMPLE
# ./seusers
system_u:system_u:s0-s15:c0.c255
root:root:s0-s15:c0.c255
fred:user_u:s0
__default__:user_u:s0
%user_group:user_u:s0
SEE ALSO
selinux(8), PAM(8), selinux_usersconf_path(3), getseuserbyname(3), selinux_config(5)
Security Enhanced Linux 28-Nov-2011 seusers(5)
Back to main site | Back to man page index