SELinux users

As explained before, SELinux users are different from normal Linux users. SELinux users are defined in the policy that's loaded into the memory at boot time, and there are only a few of these users.

After SELinux is enforced, each regular user account is mapped to a SELinux user account. There can be multiple user accounts mapped to the same SELinux user. This enables the normal user account to inherit the permission of its SELinux counterpart.

To view the mapping, we will run the following command:

semanage login -l
SELinux users

Here, we will find that there are only three Login Names as shown in the preceding screenshot representing the Linux user ...

Get Mastering CentOS 7 Linux Server now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.