Run shells with substitute user and group
Execute su in the caller domain.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain | Domain allowed access. | No |
The per user domain template for the su module.
This template creates a derived domain which is allowed to change the linux user id, to run shells as a different user.
This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.
| Parameter: | Description: | Optional: |
|---|---|---|
| userdomain_prefix | The prefix of the user domain (e.g., user is the prefix for user_t). | No |
| user_domain | The type of the user domain. | No |
| user_role | The role associated with the user domain. | No |