1default_contexts(5)          SELinux configuration         default_contexts(5)
2
3
4

NAME

6       default_contexts - The SELinux default contexts configuration file
7

DESCRIPTION

9       The  default  contexts  configuration  file  default_contexts  contains
10       entries that allow SELinux-aware login applications such as PAM(8)
11
12       SELinux-aware login applications generally use one or more of the  fol‐
13       lowing  libselinux functions that read these files from the active pol‐
14       icy path:
15              get_default_context(3)
16              get_ordered_context_list(3)
17              get_ordered_context_list_with_level(3)
18              get_default_context_with_level(3)
19              get_default_context_with_role(3)
20              get_default_context_with_rolelevel(3)
21              query_user_context(3)
22              manual_user_enter_context(3)
23
24       The default context configuration file path for the  active  policy  is
25       returned by selinux_default_contexts_path(3). The default, default con‐
26       texts file is:
27              /etc/selinux/{SELINUXTYPE}/contexts/default_contexts
28
29       Where {SELINUXTYPE} is the entry from the  selinux  configuration  file
30       config (see selinux_config(5)).
31

FILE FORMAT

33       Each line in the default configuration file consists of the following:
34              login_process user_login_process [user_login_process] ...
35
36       Where:
37              login_process
38                     This  consists  of  a role:type[:range] entry that repre‐
39                     sents the login process context that are defined  in  the
40                     policy.
41              user_login_process
42                     This  consists  of  one or more role:type[:range] entries
43                     that represent the user login process context defined  in
44                     the policy.
45

EXAMPLE

47       # ./contexts/default_contexts
48       system_r:crond_t:s0            system_r:system_crond_t:s0
49       system_r:local_login_t:s0      user_r:user_t:s0 staff_r:staff_t:s0
50       system_r:remote_login_t:s0     user_r:user_t:s0
51       system_r:sshd_t:s0             user_r:user_t:s0
52       system_r:sulogin_t:s0          sysadm_r:sysadm_t:s0
53       system_r:xdm_t:s0              user_r:user_t:s0
54

SEE ALSO

56       selinux(8), selinux_default_contexts_path(3), PAM(8),
57       selinux_default_type_path(3), get_default_context(3),
58       get_ordered_context_list(3), get_ordered_context_list_with_level(3),
59       get_default_context_with_level(3), get_default_context_with_role(3),
60       get_default_context_with_rolelevel(3), query_user_context(3),
61       manual_user_enter_context(3), selinux_config(5)
62
63
64
65Security Enhanced Linux           28-Nov-2011              default_contexts(5)
Impressum