PNG  IHDR;IDATxܻn0K )(pA 7LeG{ §㻢|ذaÆ 6lذaÆ 6lذaÆ 6lom$^yذag5bÆ 6lذaÆ 6lذa{ 6lذaÆ `}HFkm,mӪôô! x|'ܢ˟;E:9&ᶒ}{v]n&6 h_tڠ͵-ҫZ;Z$.Pkž)!o>}leQfJTu іچ\X=8Rن4`Vwl>nG^is"ms$ui?wbs[m6K4O.4%/bC%t Mז -lG6mrz2s%9s@-k9=)kB5\+͂Zsٲ Rn~GRC wIcIn7jJhۛNCS|j08yiHKֶۛkɈ+;SzL/F*\Ԕ#"5m2[S=gnaPeғL lذaÆ 6l^ḵaÆ 6lذaÆ 6lذa; _ذaÆ 6lذaÆ 6lذaÆ RIENDB` By Default on a SELinux Targeted Policy system, all users login using the unconfined_t user. SELinux has a very powerful concept called confined users. You can setup individual users on your system to login with different SELinux user types. This SELinux User Screen allows you to create/modify SELinux Users and map them to SELinux Roles and MLS/MCS Ranges Default SELinux Users: * Terminal user/ssh - guest_u - No Network, No setuid, no exec in homedir * Browser user/kiosk - xguest_u - Web access ports only. No setuid, no exec in homedir * Full Desktop user - User_u - Full Network, No SETUID. * Confined Admin/Desktop User - Staff_u - Full Network, sudo to admin only, no root password. Usually a confined admin * Unconfined user - unconfined_u (Default) - SELinux does not block access.