RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux/python/semanage/semanage-user.8

74 lines
2.2 KiB
Groff
Raw Permalink Blame History

.TH "semanage-user" "8" "20130617" "" ""
.SH "NAME"
.B semanage\-user \- SELinux Policy Management SELinux User mapping tool
.SH "SYNOPSIS"
.B semanage user [\-h] [\-n] [\-N] [\-S STORE] [ \-\-add ( \-L LEVEL \-R ROLES \-r RANGE SEUSER) | \-\-delete SEUSER | \-\-deleteall | \-\-extract | \-\-list [\-C] | \-\-modify ( \-L LEVEL \-R ROLES \-r RANGE SEUSER ) ]
.SH "DESCRIPTION"
semanage is used to configure certain elements of
SELinux policy without requiring modification to or recompilation
from policy sources.
.B semanage user
controls the mapping between an SELinux User and the roles and MLS/MCS levels.
.SH "OPTIONS"
.TP
.I \-h, \-\-help
Show this help message and exit
.TP
.I \-n, \-\-noheading
Do not print heading when listing the specified object type
.TP
.I \-N, \-\-noreload
Do not reload policy after commit
.TP
.I \-S STORE, \-\-store STORE
Select an alternate SELinux Policy Store to manage
.TP
.I \-C, \-\-locallist
List local customizations
.TP
.I \-a, \-\-add
Add a record of the specified object type
.TP
.I \-d, \-\-delete
Delete a record of the specified object type
.TP
.I \-m, \-\-modify
Modify a record of the specified object type
.TP
.I \-l, \-\-list
List records of the specified object type
.TP
.I \-E, \-\-extract
Extract customizable commands, for use within a transaction
.TP
.I \-D, \-\-deleteall
Remove all local customizations
.TP
.I \-L LEVEL, \-\-level LEVEL
Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)
.TP
.I \-r RANGE, \-\-range RANGE
MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.
.TP
.I \-R [ROLES], \-\-roles [ROLES]
SELinux Roles. You must enclose multiple roles within quotes, separate by spaces. Or specify \-R multiple times.
.SH EXAMPLE
.nf
List SELinux users
# semanage user \-l
Modify groups for staff_u user
# semanage user \-m \-R "system_r unconfined_r staff_r" staff_u
Assign user topsecret_u role staff_r and range s0\-TopSecret
# semanage user \-a \-R "staff_r" \-rs0\-TopSecret topsecret_u
.SH "SEE ALSO"
.BR selinux (8),
.BR semanage (8),
.BR semanage\-login (8)
.SH "AUTHOR"
This man page was written by Daniel Walsh <dwalsh@redhat.com>
Reference in New Issue View Git Blame Copy Permalink