semanage-user(8) semanage-user(8)
NAME
semanage-user - SELinux Policy Management SELinux User mapping tool
SYNOPSIS
semanage user [-h] [-n] [-N] [-S STORE] [ --add ( -L LEVEL -R ROLES -r
RANGE SEUSER) | --delete SEUSER | --deleteall | --extract | --list [-C]
| --modify ( -L LEVEL -R ROLES -r RANGE SEUSER ) ]
DESCRIPTION
semanage is used to configure certain elements of SELinux policy with-
out requiring modification to or recompilation from policy sources.
semanage user controls the mapping between an SELinux User and the
roles and MLS/MCS levels.
OPTIONS
-h, --help
show this help message and exit
-n, --noheading
Do not print heading when listing the specified object type
-N, --noreload
Do not reload policy after commit
-S STORE, --store STORE
Select an alternate SELinux Policy Store to manage
-C, --locallist
List local customizations
-a, --add
Add a record of the specified object type
-d, --delete
Delete a record of the specified object type
-m, --modify
Modify a record of the specified object type
-l, --list
List records of the specified object type
-E, --extract
Extract customizable commands, for use within a transaction
-D, --deleteall
Remove all local customizations
-L LEVEL, --level LEVEL
Default SELinux Level for SELinux user, s0 Default. (MLS/MCS
Systems only)
-r RANGE, --range RANGE
MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for
SELinux login mapping defaults to the SELinux user record range.
SELinux Range for SELinux user defaults to s0.
-R [ROLES], --roles [ROLES]
SELinux Roles. You must enclose multiple roles within quotes,
separate by spaces. Or specify -R multiple times.
EXAMPLE
List SELinux users
# semanage user -l
Modify groups for staff_u user
# semanage user -m -R "system_r unconfined_r staff_r" staff_u
Add level for TopSecret Users
# semanage user -a -R "staff_r" -rs0-TopSecret topsecret_u
SEE ALSO
selinux(8), semanage(8), semanage-login(8)
AUTHOR
This man page was written by Daniel Walsh <dwalsh AT redhat.com>
20130617 semanage-user(8)
Linux-Distributionen
Huschi als Linux-Admin