seusers man page

seusers — The SELinux GNU/Linux user to SELinux user mapping configuration file


The seusers file contains a list GNU/Linux user to SELinux user mapping for use by SELinux-aware login applications such as PAM(8).

selinux_usersconf_path(3) will return the active policy path to this file. The default SELinux users mapping file is located at:


Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).

getseuserbyname(3) reads this file to map a GNU/Linux user or group to an SELinux user.

File Format

Each line of the seusers configuration file consists of the following:



The GNU/Linux user id, or if preceded by the percentage (%) symbol, then a GNU/Linux group id.
An optional entry set to __default__ can be provided as a fall back if required. seuser_id
The SELinux user identity. range
The optional level or range for an MLS/MCS policy.


# ./seusers

See Also

selinux(8), PAM(8), selinux_usersconf_path(3), getseuserbyname(3), selinux_config(5)

Referenced By


28-Nov-2011 Security Enhanced Linux SELinux configuration