| Dir : /usr/lib/python3.6/site-packages/sepolicy/help/ |
| Server: Linux cloud.virginhosting.lk 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64 IP: 128.140.68.198 |
| Dir : //usr/lib/python3.6/site-packages/sepolicy/help/login.txt |
By Default on a SELinux Targeted Policy system, all users login using the unconfined_t user. But SELinux has a very powerful concept called confined users. You can setup individual users on your system to login with different SELinux user types. This Login Mapping Screen allows you to map a Linux login user to an SELinux User. Default SELinux Users: * Terminal user/ssh - guest_u - No Network, No setuid, no exec in homedir * Browser user/kiosk - xguest_u - Web access ports only. No setuid, no exec in homedir * Full Desktop user - User_u - Full Network, No SETUID. * Confined Admin/Desktop User - Staff_u - Full Network, sudo to admin only, no root password. Usually a confined admin * Unconfined user - unconfined_u (Default) - SELinux does not block access.