Provided by: policycoreutils-python-utils_3.4-1_all
NAME
semanage-user - SELinux Policy Management SELinux User mapping tool
SYNOPSIS
semanage user [-h] [-n] [-N] [-S STORE] [ --add ( -L LEVEL -R ROLES -r RANGE SEUSER) | --delete SEUSER | --deleteall | --extract | --list [-C] | --modify ( -L LEVEL -R ROLES -r RANGE SEUSER ) ]
DESCRIPTION
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage user controls the mapping between an SELinux User and the roles and MLS/MCS levels.
OPTIONS
-h, --help show this help message and exit -n, --noheading Do not print heading when listing the specified object type -N, --noreload Do not reload policy after commit -S STORE, --store STORE Select an alternate SELinux Policy Store to manage -C, --locallist List local customizations -a, --add Add a record of the specified object type -d, --delete Delete a record of the specified object type -m, --modify Modify a record of the specified object type -l, --list List records of the specified object type -E, --extract Extract customizable commands, for use within a transaction -D, --deleteall Remove all local customizations -L LEVEL, --level LEVEL Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only) -r RANGE, --range RANGE MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0. -R [ROLES], --roles [ROLES] SELinux Roles. You must enclose multiple roles within quotes, separate by spaces. Or specify -R multiple times.
EXAMPLE
List SELinux users # semanage user -l Modify groups for staff_u user # semanage user -m -R "system_r unconfined_r staff_r" staff_u Add level for TopSecret Users # semanage user -a -R "staff_r" -rs0-TopSecret topsecret_u
SEE ALSO
selinux(8), semanage(8), semanage-login(8)
AUTHOR
This man page was written by Daniel Walsh <dwalsh@redhat.com> 20130617 semanage-user(8)