semanage-user(category34-froxlor.html) - phpMan

semanage-user(8)                                              semanage-user(8)
NAME
       semanage-user - SELinux Policy Management SELinux User mapping tool
SYNOPSIS
       semanage  user [-h] [-n] [-N] [-S STORE] [ --add ( -L LEVEL -R ROLES -r
       RANGE SEUSER) | --delete SEUSER | --deleteall | --extract | --list [-C]
       | --modify ( -L LEVEL -R ROLES -r RANGE SEUSER ) ]
DESCRIPTION
       semanage  is used to configure certain elements of SELinux policy with-
       out requiring modification to or  recompilation  from  policy  sources.
       semanage  user  controls  the  mapping  between an SELinux User and the
       roles and MLS/MCS levels.
OPTIONS
       -h, --help
              show this help message and exit
       -n, --noheading
              Do not print heading when listing the specified object type
       -N, --noreload
              Do not reload policy after commit
       -S STORE, --store STORE
              Select an alternate SELinux Policy Store to manage
       -C, --locallist
              List local customizations
       -a, --add
              Add a record of the specified object type
       -d, --delete
              Delete a record of the specified object type
       -m, --modify
              Modify a record of the specified object type
       -l, --list
              List records of the specified object type
       -E, --extract
              Extract customizable commands, for use within a transaction
       -D, --deleteall
              Remove all local customizations
       -L LEVEL, --level LEVEL
              Default SELinux Level for SELinux  user,  s0  Default.  (MLS/MCS
              Systems only)
       -r RANGE, --range RANGE
              MLS/MCS  Security Range (MLS/MCS Systems only) SELinux Range for
              SELinux login mapping defaults to the SELinux user record range.
              SELinux Range for SELinux user defaults to s0.
       -R [ROLES], --roles [ROLES]
              SELinux  Roles.  You  must enclose multiple roles within quotes,
              separate by spaces. Or specify -R multiple times.
EXAMPLE
       List SELinux users
       # semanage user -l
       Modify groups for staff_u user
       # semanage user -m -R "system_r unconfined_r staff_r" staff_u
       Add level for TopSecret Users
       # semanage user -a -R "staff_r" -rs0-TopSecret topsecret_u
SEE ALSO
       selinux(8), semanage(8), semanage-login(8)
AUTHOR
       This man page was written by Daniel Walsh <dwalsh AT redhat.com>
                                   20130617                   semanage-user(8)