user mapping
Stephen Smalley
sds at tycho.nsa.gov
Wed Feb 1 12:25:22 UTC 2006
On Tue, 2006-01-31 at 20:49 +0100, Thorsten Scherf wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> general question: I have a Unix user called "foo" which I would like to
> map to the SELinux User Identity "bar_u". In which file must I define
> this mapping, so that every time the user "foo" logs in, the context is
> set to "bar_u:[user_r_user_t]"?!
In rawhide/FC5, you would use semanage(8) to configure
the /etc/selinux/$SELINUXTYPE/seusers file (where SELINUXTYPE is defined
by /etc/selinux/config and is targeted by default in Fedora). Like
this:
/usr/sbin/semanage login -a -s bar_u foo
Then to list the current settings,
/usr/sbin/semanage login -l
This manipulates the seusers file in the module store and then
regenerates the installed file; don't edit that file directly.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list