Within SELinux systems, the moment a user logs in, the login system checks which SELinux user his or her login is mapped to. Then, when a SELinux user is found, the system looks up the role and domain that the user should be in and sets that as the user's context.
When logged in to the system, we can use
id -Z to obtain the current SELinux context. For many users, this context will be
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023, regardless of their username. If not that, it will be a context based on one of
user_u. This is because the majority of Linux distributions will only provide a limited set of SELinux users by default, aligned with the SELinux roles that ...