1seusers(5)                   SELinux configuration                  seusers(5)
2
3
4

NAME

6       seusers - The SELinux GNU/Linux user to SELinux user mapping configura‐
7       tion file
8

DESCRIPTION

10       The seusers file contains a list GNU/Linux user to SELinux user mapping
11       for use by SELinux-aware login applications such as PAM(8).
12
13       selinux_usersconf_path(3)  will  return  the active policy path to this
14       file. The default SELinux users mapping file is located at:
15              /etc/selinux/{SELINUXTYPE}/seusers
16
17       Where {SELINUXTYPE} is the entry from the  selinux  configuration  file
18       config (see selinux_config(5)).
19
20       getseuserbyname(3)  reads this file to map a GNU/Linux user or group to
21       an SELinux user.
22

FILE FORMAT

24       Each line of the seusers configuration file consists of the following:
25
26              [%group_id]|[user_id]:seuser_id[:range]
27
28       Where:
29              group_id|user_id
30                     The  GNU/Linux user id, or if preceded by the  percentage
31                     (%) symbol, then a GNU/Linux group id.
32                     An optional entry set to __default__ can be provided as a
33                     fall back if required.
34              seuser_id
35                     The SELinux  user identity.
36              range
37                     The optional level or range for an MLS/MCS policy.
38

EXAMPLE

40       # ./seusers
41       system_u:system_u:s0-s15:c0.c255
42       root:root:s0-s15:c0.c255
43       fred:user_u:s0
44       __default__:user_u:s0
45       %user_group:user_u:s0
46

SEE ALSO

48       selinux(8), PAM(8), selinux_usersconf_path(3), getseuserbyname(3),
49       selinux_config(5)
50
51
52
53Security Enhanced Linux           28-Nov-2011                       seusers(5)
Impressum