Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   17783 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

user_contexts(5)	     SELinux configuration	      user_contexts(5)

NAME
       user_contexts - The SELinux user contexts configuration files

DESCRIPTION
       These  optional	user  context configuration files contain entries that
       allow SELinux-aware login applications such as PAM(8) (running in their
       own  process context), to determine the context that a users login ses‐
       sion should run under.

       SELinux-aware login applications generally use one or more of the  fol‐
       lowing  libselinux functions that read these files from the active pol‐
       icy path:
	      get_default_context(3)
	      get_ordered_context_list(3)
	      get_ordered_context_list_with_level(3)
	      get_default_context_with_level(3)
	      get_default_context_with_role(3)
	      get_default_context_with_rolelevel(3)
	      query_user_context(3)
	      manual_user_enter_context(3)

       There can be one file for each SELinux user configured on  the  system.
       The    file     path   is   formed   using   the	  path	 returned   by
       selinux_user_contexts_path(3) for the active policy, with  the  SELinux
       user name appended, for example:
	      /etc/selinux/{SELINUXTYPE}/contexts/users/unconfined_u
	      /etc/selinux/{SELINUXTYPE}/contexts/users/xguest_u

       Where  {SELINUXTYPE}  is	 the entry from the selinux configuration file
       config (see selinux_config(5)).

       These files contain context information as described in the FILE FORMAT
       section.

FILE FORMAT
       Each  line  in the user context configuration file consists of the fol‐
       lowing:
	      login_process user_login_process

       Where:
	      login_process
		     This consists of a role:type[:range]  entry  that	repre‐
		     sents the login process context.
	      user_login_process
		     This  consists  of	 a role:type[:range] entry that repre‐
		     sents the user login process context.

EXAMPLE
       # Example for xguest_u at /etc/selinux/targeted/contexts/users/xguest_u
       system_r:crond_t:s0	     xguest_r:xguest_t:s0
       system_r:initrc_t:s0	     xguest_r:xguest_t:s0
       system_r:local_login_t:s0     xguest_r:xguest_t:s0
       system_r:remote_login_t:s0    xguest_r:xguest_t:s0
       system_r:sshd_t:s0	     xguest_r:xguest_t:s0
       system_r:xdm_t:s0	     xguest_r:xguest_t:s0
       xguest_r:xguest_t:s0	     xguest_r:xguest_t:s0

SEE ALSO
       selinux(8), selinux_user_contexts_path(3), PAM(8),
       get_ordered_context_list(3), get_ordered_context_list_with_level(3),
       get_default_context_with_level(3), get_default_context_with_role(3),
       get_default_context_with_rolelevel(3), query_user_context(3),
       manual_user_enter_context(3), selinux_config(5)

Security Enhanced Linux		  28-Nov-2011		      user_contexts(5)

Vote for polarhome