python/semanage/semanage-user.8 - platform/external/selinux - Git at Google

 .TH "semanage-user" "8" "20130617" "" ""
 .SH "NAME"
 .B semanage\-user \- SELinux Policy Management SELinux User mapping tool
 .SH "SYNOPSIS"
 .B  semanage user [\-h] [\-n] [\-N] [\-S STORE] [ \-\-add ( \-L LEVEL \-R ROLES \-r RANGE SEUSER) | \-\-delete SEUSER | \-\-deleteall  | \-\-extract  | \-\-list [\-C] | \-\-modify ( \-L LEVEL \-R ROLES \-r RANGE SEUSER ) ]

 .SH "DESCRIPTION"
 semanage is used to configure certain elements of
 SELinux policy without requiring modification to or recompilation
 from policy sources.  semanage user controls the mapping between an SELinux User and the roles and MLS/MCS levels.

 .SH "OPTIONS"
 .TP
 .I   \-h, \-\-help
 show this help message and exit
 .TP
 .I   \-n, \-\-noheading
 Do not print heading when listing the specified object type
 .TP
 .I   \-N, \-\-noreload
 Do not reload policy after commit
 .TP
 .I   \-S STORE, \-\-store STORE
 Select an alternate SELinux Policy Store to manage
 .TP
 .I   \-C, \-\-locallist
 List local customizations
 .TP
 .I   \-a, \-\-add
 Add a record of the specified object type
 .TP
 .I   \-d, \-\-delete
 Delete a record of the specified object type
 .TP
 .I   \-m, \-\-modify
 Modify a record of the specified object type
 .TP
 .I   \-l, \-\-list
 List records of the specified object type
 .TP
 .I   \-E, \-\-extract
 Extract customizable commands, for use within a transaction
 .TP
 .I   \-D, \-\-deleteall
 Remove all local customizations
 .TP
 .I   \-L LEVEL, \-\-level LEVEL
 Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)
 .TP
 .I   \-r RANGE, \-\-range RANGE
 MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.
 .TP
 .I   \-R [ROLES], \-\-roles [ROLES]
 SELinux Roles. You must enclose multiple roles within quotes, separate by spaces. Or specify \-R multiple times.

 .SH EXAMPLE
 .nf
 List SELinux users
 # semanage user \-l
 Modify groups for staff_u user
 # semanage user \-m \-R "system_r unconfined_r staff_r" staff_u
 Add level for TopSecret Users
 # semanage user \-a \-R "staff_r" \-rs0\-TopSecret topsecret_u

 .SH "SEE ALSO"
 .BR selinux (8),
 .BR semanage (8),
 .BR semanage\-login (8)

 .SH "AUTHOR"
 This man page was written by Daniel Walsh <dwalsh@redhat.com>
	.TH "semanage-user" "8" "20130617" "" ""
	.SH "NAME"
	.B semanage\-user \- SELinux Policy Management SELinux User mapping tool
	.SH "SYNOPSIS"
	.B semanage user [\-h] [\-n] [\-N] [\-S STORE] [ \-\-add ( \-L LEVEL \-R ROLES \-r RANGE SEUSER) \| \-\-delete SEUSER \| \-\-deleteall \| \-\-extract \| \-\-list [\-C] \| \-\-modify ( \-L LEVEL \-R ROLES \-r RANGE SEUSER ) ]

	.SH "DESCRIPTION"
	semanage is used to configure certain elements of
	SELinux policy without requiring modification to or recompilation
	from policy sources. semanage user controls the mapping between an SELinux User and the roles and MLS/MCS levels.

	.SH "OPTIONS"
	.TP
	.I \-h, \-\-help
	show this help message and exit
	.TP
	.I \-n, \-\-noheading
	Do not print heading when listing the specified object type
	.TP
	.I \-N, \-\-noreload
	Do not reload policy after commit
	.TP
	.I \-S STORE, \-\-store STORE
	Select an alternate SELinux Policy Store to manage
	.TP
	.I \-C, \-\-locallist
	List local customizations
	.TP
	.I \-a, \-\-add
	Add a record of the specified object type
	.TP
	.I \-d, \-\-delete
	Delete a record of the specified object type
	.TP
	.I \-m, \-\-modify
	Modify a record of the specified object type
	.TP
	.I \-l, \-\-list
	List records of the specified object type
	.TP
	.I \-E, \-\-extract
	Extract customizable commands, for use within a transaction
	.TP
	.I \-D, \-\-deleteall
	Remove all local customizations
	.TP
	.I \-L LEVEL, \-\-level LEVEL
	Default SELinux Level for SELinux user, s0 Default. (MLS/MCS Systems only)
	.TP
	.I \-r RANGE, \-\-range RANGE
	MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.
	.TP
	.I \-R [ROLES], \-\-roles [ROLES]
	SELinux Roles. You must enclose multiple roles within quotes, separate by spaces. Or specify \-R multiple times.

	.SH EXAMPLE
	.nf
	List SELinux users
	# semanage user \-l
	Modify groups for staff_u user
	# semanage user \-m \-R "system_r unconfined_r staff_r" staff_u
	Add level for TopSecret Users
	# semanage user \-a \-R "staff_r" \-rs0\-TopSecret topsecret_u

	.SH "SEE ALSO"
	.BR selinux (8),
	.BR semanage (8),
	.BR semanage\-login (8)

	.SH "AUTHOR"
	This man page was written by Daniel Walsh <dwalsh@redhat.com>