On Apache
Under GNU General Public License
2024-04-27 06:36 @18.221.13.173 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
service_seusers(5) SELinux configuration service_seusers(5)
NAME
service_seusers - The SELinux GNU/Linux user and service to SELinux user mapping configu-
ration files
DESCRIPTION
These are optional files that allow services to define an SELinux user when authenticating
via SELinux-aware login applications such as PAM(8).
There is one file for each GNU/Linux user name that will be required to run a service with
a specific SELinux user name.
The path for each configuration file is formed by the path returned by selinux_pol-
icy_root(3) with /logins/username appended (where username is a file representing the
GNU/Linux user name). The default services directory is located at:
/etc/selinux/{SELINUXTYPE}/logins
Where {SELINUXTYPE} is the entry from the selinux configuration file config (see
selinux_config(5)).
getseuser(3) reads this file to map services to an SELinux user.
FILE FORMAT
Each line within the username file is formatted as follows with each component separated
by a colon:
service:seuser[:range]
Where:
service
The service name used by the application.
seuser
The SELinux user name.
range
The range for MCS/MLS policies.
EXAMPLES
Example 1 - for the 'root' user:
# ./logins/root
ipa:user_u:s0
this_service:unconfined_u:s0
Example 2 - for GNU/Linux user 'rch':
# ./logins/rch
ipa:unconfined_u:s0
that_service:unconfined_u:s0
SEE ALSO
selinux(8), PAM(8), selinux_policy_root(3), getseuser(3), selinux_config(5)
Security Enhanced Linux 28-Nov-2011 service_seusers(5)
Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-04-27 06:36 @18.221.13.173 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)