removable_context (5) - Linux Manuals

removable_context: The SELinux removable devices context configuration file

NAME

removable_context - The SELinux removable devices context configuration file

DESCRIPTION

This file contains the default label that should be used for removable devices that are not defined in the media file (that is described in selabel_media(5)).

selinux_removable_context_path(3) will return the active policy path to this file. The default removable context file is:

/etc/selinux/{SELINUXTYPE}/contexts/removable_context

Where {SELINUXTYPE} is the entry from the selinux configuration file config (see selinux_config(5)).

FILE FORMAT

The file consists of a single line entry as follows:
user:role:type[:range]

Where:

user role type range
A user, role, type and optional range (for MCS/MLS) separated by colons (:) that will be applied to removable devices.

EXAMPLE

# ./contexts/removable_contexts
system_u:object_r:removable_t:s0