System Administrator Security & Network SELinux Current: SELinux confining user SELinux confining user 개요SELinux user mappingAs the Linux root user, run the semanage login -l command to view the mapping between Linux users and SELinux users: ~]# semanage login -lLogin Name SELinux User MLS/MCS Range__default__ unconfined_u s0-s0:c0.c1023 root unconfined_u s0-s0:c0.c1023 system_u system_u s0-s0:c0.c1023 모든 사용자는 기본적으로 __default__ 에 매핑되고 SElinux user 는 unconfined_u 이다. Confining New Linux Users: useradd현재 login user 의 policy 보기~]$ id -Zunconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 사용자 추가시 user mapping 지정As the Linux root user, run the useradd -Z user_u useruuser command to create a new Linux user (useruuser) that is mapped to the SELinux user_u user.기존 사용자는 usermod -Z 로 mapping 수정 가능semanage 로 user mapping 확인As the Linux root user, run the semanage login -l command to view the mapping between the Linux useruuser user and user_u:참고 자료https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/chap-Security-Enhanced_Linux-Confining_Users.html ×