Server : LiteSpeed System : Linux barito.iixcp.rumahweb.net 5.14.0-611.49.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Apr 21 16:39:08 EDT 2026 x86_64 User : elvh3918 ( 1528) PHP Version : 8.2.31 Disable Function : mail Directory : /lib/python3.9/site-packages/sepolicy/help/ |
By Default on a SELinux Targeted Policy system, all users login using the unconfined_t user. SELinux has a very powerful concept called confined users. You can setup individual users on your system to login with different SELinux user types. This SELinux User Screen allows you to create/modify SELinux Users and map them to SELinux Roles and MLS/MCS Ranges Default SELinux Users: * Terminal user/ssh - guest_u - No Network, No setuid, no exec in homedir * Browser user/kiosk - xguest_u - Web access ports only. No setuid, no exec in homedir * Full Desktop user - User_u - Full Network, No SETUID. * Confined Admin/Desktop User - Staff_u - Full Network, sudo to admin only, no root password. Usually a confined admin * Unconfined user - unconfined_u (Default) - SELinux does not block access.