Users

The users properties edit the policy/users file which defines the users included in the policy.

The list at the top displays all of the users defined in the users file. By selecting one of the rows it is possible to edit the information.

When editing, the Username, Prefix and Roles columns are self-explanatory. The MLS Default is the default MLS level the user should receive when logging in. This can be a specific label (s0 for example) or it can be one of the macros defined by reference policy, such as mls_systemhigh or mls_systemlow. The MLS range is similar but contains a minimum and maximum MLS value. The MCS Categories lists the mcs catagories available to the user. The MCS and MLS values use standard MCS and MLS notation.

The information presented in the Active For box shows when the selected user is active. Its contents are based on settings in the build.conf file.

Active for Strict Policy means the rule is enabled when compiling a strict policy. Active for Targeted Policy means the rule is enabled when compiling a targeted policy. Active for N/A means the rule is enabled for both strict and targeted policies. The options for strict and targeted will not be available if the policy source doesn't distinguish between strict and targeted.

For MLS, the value On means the rule is enabled when MLS is on, Off means the rule is enabled when MLS is off. A value of N/A means the rule is enabled regardless of whether MLS is on or off. The options for MCS and DirectInitRC behave similarly.

The Add User button will create a new user in the file and select it for editing. The Remove User button will remove the currently selected item from the file.