1local.users(5)               SELinux configuration              local.users(5)
2
3
4

NAME

6       local.users - The SELinux local users configuration file
7

DESCRIPTION

9       The file contains local user definitions in the form of policy language
10       user statements and is only found on older SELinux systems  as  it  has
11       been deprecated and replaced by the semange(8) services.
12
13       This file is only read by selinux_mkload_policy(3) when SETLOCALDEFS in
14       the SELinux config file (see selinux_config(5)) is set to 1.
15
16       selinux_users_path(3) will return the active policy path to the  direc‐
17       tory where this file is located. The default local users file is:
18              /etc/selinux/{SELINUXTYPE}/contexts/users/local.users
19
20       Where  {SELINUXTYPE}  is  the entry from the selinux configuration file
21       config (see selinux_config(5)).
22

FILE FORMAT

24       The file consists of one or more entries terminated with ';', each on a
25       separate line as follows:
26              user seuser_id roles role_id [[level level] [range range]];
27
28       Where:
29              user
30                     The user keyword.
31              seuser_id
32                     The SELinux user identifier.
33              roles
34                     The roles keyword.
35              role_id
36                     One  or more previously declared role identifiers. Multi‐
37                     ple role identifiers consist of a  space  separated  list
38                     enclosed in braces '{}'.
39              level
40                     If MLS/MCS is configured, the level keyword.
41              level
42                     The users default security level. Note that only the sen‐
43                     sitivity component of the level (e.g. s0) is required.
44              range
45                     If MLS/MCS is configured, the range keyword.
46              range
47                     The current and clearance levels that the user  can  run.
48                     These are separated by a hyphen '-' as shown in the EXAM‐
49                     PLE section.
50

EXAMPLE

52       # ./users/local.users
53       user test_u roles staff_r level s0 range s0 - s15:c0.c1023;
54

SEE ALSO

56       selinux(8), semanage(8), selinux_users_path(3), selinux_config(5),
57       selinux_mkload_policy(3)
58
59
60
61Security Enhanced Linux           28-Nov-2011                   local.users(5)
Impressum