selinux-policy/www/api-docs/services_xserver.html

<html>
<head>
<title>
 Security Enhanced Linux Reference Policy
 </title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
	
		<a href="admin.html">+&nbsp;
		admin</a></br/>
		<div id='subitem'>
		
		</div>
	
		<a href="apps.html">+&nbsp;
		apps</a></br/>
		<div id='subitem'>
		
		</div>
	
		<a href="kernel.html">+&nbsp;
		kernel</a></br/>
		<div id='subitem'>
		
		</div>
	
		<a href="services.html">+&nbsp;
		services</a></br/>
		<div id='subitem'>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_apache.html'>
			apache</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_apm.html'>
			apm</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_arpwatch.html'>
			arpwatch</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_automount.html'>
			automount</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_avahi.html'>
			avahi</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_bind.html'>
			bind</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_bluetooth.html'>
			bluetooth</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_canna.html'>
			canna</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_comsat.html'>
			comsat</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cpucontrol.html'>
			cpucontrol</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
			cron</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cups.html'>
			cups</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cvs.html'>
			cvs</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cyrus.html'>
			cyrus</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_dbskk.html'>
			dbskk</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_dbus.html'>
			dbus</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_dhcp.html'>
			dhcp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_dictd.html'>
			dictd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_distcc.html'>
			distcc</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_djbdns.html'>
			djbdns</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_dovecot.html'>
			dovecot</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_fetchmail.html'>
			fetchmail</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_finger.html'>
			finger</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ftp.html'>
			ftp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_gpm.html'>
			gpm</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_hal.html'>
			hal</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_howl.html'>
			howl</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_i18n_input.html'>
			i18n_input</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
			inetd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inn.html'>
			inn</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_irqbalance.html'>
			irqbalance</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
			kerberos</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ktalk.html'>
			ktalk</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ldap.html'>
			ldap</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_lpd.html'>
			lpd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mailman.html'>
			mailman</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
			mta</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mysql.html'>
			mysql</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_networkmanager.html'>
			networkmanager</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
			nis</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
			nscd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ntp.html'>
			ntp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_openct.html'>
			openct</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_pegasus.html'>
			pegasus</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_portmap.html'>
			portmap</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_postfix.html'>
			postfix</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_postgresql.html'>
			postgresql</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ppp.html'>
			ppp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_privoxy.html'>
			privoxy</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_procmail.html'>
			procmail</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_publicfile.html'>
			publicfile</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_radius.html'>
			radius</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_radvd.html'>
			radvd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_rdisc.html'>
			rdisc</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
			remotelogin</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_rlogin.html'>
			rlogin</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_roundup.html'>
			roundup</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_rpc.html'>
			rpc</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_rshd.html'>
			rshd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_rsync.html'>
			rsync</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_samba.html'>
			samba</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sasl.html'>
			sasl</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
			sendmail</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_slrnpull.html'>
			slrnpull</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_smartmon.html'>
			smartmon</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_snmp.html'>
			snmp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_spamassassin.html'>
			spamassassin</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_squid.html'>
			squid</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
			ssh</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_stunnel.html'>
			stunnel</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sysstat.html'>
			sysstat</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_tcpd.html'>
			tcpd</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_telnet.html'>
			telnet</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_tftp.html'>
			tftp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_timidity.html'>
			timidity</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ucspitcp.html'>
			ucspitcp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_uucp.html'>
			uucp</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_xfs.html'>
			xfs</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_xserver.html'>
			xserver</a><br/>
		
			&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_zebra.html'>
			zebra</a><br/>
		
		</div>
	
		<a href="system.html">+&nbsp;
		system</a></br/>
		<div id='subitem'>
		
		</div>
	
	<br/><p/>
	<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
	<br/><p/>
	<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
	<p/><br/><p/>
	<a href="index.html">*&nbsp;Layer Index</a>
	<br/><p/>
	<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
	<br/><p/>
	<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>

<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: xserver</h2><p/>

<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>

<h3>Description:</h3>

<p><p>X Windows Server</p></p>


<a name="interfaces"></a>
<h3>Interfaces: </h3>

<a name="link_xserver_create_xdm_tmp_sockets"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_create_xdm_tmp_sockets</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Create a named socket in a XDM
temporary directory.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_delete_log"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_delete_log</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Do not audit attempts to write the X server
log files.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain to not audit
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_domtrans_xdm_xserver"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_domtrans_xdm_xserver</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Execute the X server in the XDM X server domain.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_dontaudit_write_log"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_dontaudit_write_log</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Do not audit attempts to write the X server
log files.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain to not audit
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_read_xdm_pid"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_read_xdm_pid</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Read XDM pid files.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_read_xdm_rw_config"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_read_xdm_rw_config</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Read xdm-writable configuration files.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_setattr_xdm_tmp_dirs"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_setattr_xdm_tmp_dirs</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Set the attributes of XDM temporary directories.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_stream_connect_xdm"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_stream_connect_xdm</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Connect to XDM over a unix domain
stream socket.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_xsession_entry_type"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_xsession_entry_type</b>(
	
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Make an X session script an entrypoint for the specified domain.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
The domain for which the shell is an entrypoint.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_xsession_spec_domtrans"></a>
<div id="interface">


<div id="codeblock">

<b>xserver_xsession_spec_domtrans</b>(
	
		
		domain
		
	
			,
		
		
		target_domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Execute an X session in the target domain.  This
is an explicit transition, requiring the
caller to use setexeccon().
</p>


<h5>Description</h5>
<p>
</p><p>
Execute an Xsession in the target domain.  This
is an explicit transition, requiring the
caller to use setexeccon().
</p><p>
</p><p>
No interprocess communication (signals, pipes,
etc.) is provided by this interface since
the domains are not owned by this module.
</p><p>
</p>

<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

<tr><td>
target_domain
</td><td>
<p>
The type of the shell process.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>


<a href=#top>Return</a>


<a name="templates"></a>
<h3>Templates: </h3>

<a name="link_xserver_common_domain_template"></a>
<div id="template">


<div id="codeblock">

<b>xserver_common_domain_template</b>(
	
		
		prefix
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Template to create types and rules common to
all X server domains.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
prefix
</td><td>
<p>
The prefix of the domain (e.g., user
is the prefix for user_t).
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_domtrans_user_xauth"></a>
<div id="template">


<div id="codeblock">

<b>xserver_domtrans_user_xauth</b>(
	
		
		userdomain_prefix
		
	
			,
		
		
		domain
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Transition to a user Xauthority domain.
</p>


<h5>Description</h5>
<p>
</p><p>
Transition to a user Xauthority domain.
</p><p>
</p><p>
This is a templated interface, and should only
be called from a per-userdomain template.
</p><p>
</p>

<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
userdomain_prefix
</td><td>
<p>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</p>
</td><td>
No
</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_per_userdomain_template"></a>
<div id="template">


<div id="codeblock">

<b>xserver_per_userdomain_template</b>(
	
		
		prefix
		
	
			,
		
		
		user_domain
		
	
			,
		
		
		user_role
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
The per user domain template for the xserver module.
</p>


<h5>Description</h5>
<p>
</p><p>
Define a derived domain for the X server when executed
by a user domain (e.g. via startx).  See the xdm module
if using an X Display Manager.
</p><p>
</p><p>
This is invoked automatically for each user and
generally does not need to be invoked directly
by policy writers.
</p><p>
</p>

<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
prefix
</td><td>
<p>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</p>
</td><td>
No
</td></tr>

<tr><td>
user_domain
</td><td>
<p>
The type of the user domain.
</p>
</td><td>
No
</td></tr>

<tr><td>
user_role
</td><td>
<p>
The role associated with the user domain.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_ro_session_template"></a>
<div id="template">


<div id="codeblock">

<b>xserver_ro_session_template</b>(
	
		
		prefix
		
	
			,
		
		
		domain
		
	
			,
		
		
		tmpfs_type
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Template for creating sessions on a
prefix X server, with read-only
access to the X server shared
memory segments.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
prefix
</td><td>
<p>
The prefix of the domain (e.g., user
is the prefix for user_t).
</p>
</td><td>
No
</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

<tr><td>
tmpfs_type
</td><td>
<p>
The type of the domain SYSV tmpfs files.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_rw_session_template"></a>
<div id="template">


<div id="codeblock">

<b>xserver_rw_session_template</b>(
	
		
		prefix
		
	
			,
		
		
		domain
		
	
			,
		
		
		tmpfs_type
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Template for creating sessions on a
prefix X server, with read and write
access to the X server shared
memory segments.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
prefix
</td><td>
<p>
The prefix of the domain (e.g., user
is the prefix for user_t).
</p>
</td><td>
No
</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

<tr><td>
tmpfs_type
</td><td>
<p>
The type of the domain SYSV tmpfs files.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>

<a name="link_xserver_user_client_template"></a>
<div id="template">


<div id="codeblock">

<b>xserver_user_client_template</b>(
	
		
		prefix
		
	
			,
		
		
		domain
		
	
			,
		
		
		tmpfs_type
		
	
	)<br>
</div>
<div id="description">

<h5>Summary</h5>
<p>
Template for creating full client sessions
on a user X server.
</p>


<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

<tr><td>
prefix
</td><td>
<p>
The prefix of the domain (e.g., user
is the prefix for user_t).
</p>
</td><td>
No
</td></tr>

<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td><td>
No
</td></tr>

<tr><td>
tmpfs_type
</td><td>
<p>
The type of the domain SYSV tmpfs files.
</p>
</td><td>
No
</td></tr>

</table>
</div>
</div>


<a href=#top>Return</a>


</div>
</body>
</html>
update api docs 2006-03-07 14:35:03 +00:00			`<html>`
			`<head>`
			`<title>`
			`Security Enhanced Linux Reference Policy`
			`</title>`
			`<style type="text/css" media="all">@import "style.css";</style>`
			`</head>`
			`<body>`
			`<div id="Header">Security Enhanced Linux Reference Policy</div>`
			`<div id='Menu'>`

			`<a href="admin.html">+ `
			`admin</a></br/>`
			`<div id='subitem'>`

			`</div>`

			`<a href="apps.html">+ `
			`apps</a></br/>`
			`<div id='subitem'>`

			`</div>`

			`<a href="kernel.html">+ `
			`kernel</a></br/>`
			`<div id='subitem'>`

			`</div>`

			`<a href="services.html">+ `
			`services</a></br/>`
			`<div id='subitem'>`

			`   - <a href='services_apache.html'>`
			`apache</a><br/>`

			`   - <a href='services_apm.html'>`
			`apm</a><br/>`

			`   - <a href='services_arpwatch.html'>`
			`arpwatch</a><br/>`

			`   - <a href='services_automount.html'>`
			`automount</a><br/>`

			`   - <a href='services_avahi.html'>`
			`avahi</a><br/>`

			`   - <a href='services_bind.html'>`
			`bind</a><br/>`

			`   - <a href='services_bluetooth.html'>`
			`bluetooth</a><br/>`

			`   - <a href='services_canna.html'>`
			`canna</a><br/>`

			`   - <a href='services_comsat.html'>`
			`comsat</a><br/>`

			`   - <a href='services_cpucontrol.html'>`
			`cpucontrol</a><br/>`

			`   - <a href='services_cron.html'>`
			`cron</a><br/>`

			`   - <a href='services_cups.html'>`
			`cups</a><br/>`

			`   - <a href='services_cvs.html'>`
			`cvs</a><br/>`

			`   - <a href='services_cyrus.html'>`
			`cyrus</a><br/>`

			`   - <a href='services_dbskk.html'>`
			`dbskk</a><br/>`

			`   - <a href='services_dbus.html'>`
			`dbus</a><br/>`

			`   - <a href='services_dhcp.html'>`
			`dhcp</a><br/>`

			`   - <a href='services_dictd.html'>`
			`dictd</a><br/>`

			`   - <a href='services_distcc.html'>`
			`distcc</a><br/>`

			`   - <a href='services_djbdns.html'>`
			`djbdns</a><br/>`

			`   - <a href='services_dovecot.html'>`
			`dovecot</a><br/>`

			`   - <a href='services_fetchmail.html'>`
			`fetchmail</a><br/>`

			`   - <a href='services_finger.html'>`
			`finger</a><br/>`

			`   - <a href='services_ftp.html'>`
			`ftp</a><br/>`

			`   - <a href='services_gpm.html'>`
			`gpm</a><br/>`

			`   - <a href='services_hal.html'>`
			`hal</a><br/>`

			`   - <a href='services_howl.html'>`
			`howl</a><br/>`

			`   - <a href='services_i18n_input.html'>`
			`i18n_input</a><br/>`

			`   - <a href='services_inetd.html'>`
			`inetd</a><br/>`

			`   - <a href='services_inn.html'>`
			`inn</a><br/>`

			`   - <a href='services_irqbalance.html'>`
			`irqbalance</a><br/>`

			`   - <a href='services_kerberos.html'>`
			`kerberos</a><br/>`

			`   - <a href='services_ktalk.html'>`
			`ktalk</a><br/>`

			`   - <a href='services_ldap.html'>`
			`ldap</a><br/>`

			`   - <a href='services_lpd.html'>`
			`lpd</a><br/>`

			`   - <a href='services_mailman.html'>`
			`mailman</a><br/>`

			`   - <a href='services_mta.html'>`
			`mta</a><br/>`

			`   - <a href='services_mysql.html'>`
			`mysql</a><br/>`

			`   - <a href='services_networkmanager.html'>`
			`networkmanager</a><br/>`

			`   - <a href='services_nis.html'>`
			`nis</a><br/>`

			`   - <a href='services_nscd.html'>`
			`nscd</a><br/>`

			`   - <a href='services_ntp.html'>`
			`ntp</a><br/>`

			`   - <a href='services_openct.html'>`
			`openct</a><br/>`

			`   - <a href='services_pegasus.html'>`
			`pegasus</a><br/>`

			`   - <a href='services_portmap.html'>`
			`portmap</a><br/>`

			`   - <a href='services_postfix.html'>`
			`postfix</a><br/>`

			`   - <a href='services_postgresql.html'>`
			`postgresql</a><br/>`

			`   - <a href='services_ppp.html'>`
			`ppp</a><br/>`

			`   - <a href='services_privoxy.html'>`
			`privoxy</a><br/>`

			`   - <a href='services_procmail.html'>`
			`procmail</a><br/>`

			`   - <a href='services_publicfile.html'>`
			`publicfile</a><br/>`

			`   - <a href='services_radius.html'>`
			`radius</a><br/>`

			`   - <a href='services_radvd.html'>`
			`radvd</a><br/>`

			`   - <a href='services_rdisc.html'>`
			`rdisc</a><br/>`

			`   - <a href='services_remotelogin.html'>`
			`remotelogin</a><br/>`

			`   - <a href='services_rlogin.html'>`
			`rlogin</a><br/>`

			`   - <a href='services_roundup.html'>`
			`roundup</a><br/>`

			`   - <a href='services_rpc.html'>`
			`rpc</a><br/>`

			`   - <a href='services_rshd.html'>`
			`rshd</a><br/>`

			`   - <a href='services_rsync.html'>`
			`rsync</a><br/>`

			`   - <a href='services_samba.html'>`
			`samba</a><br/>`

			`   - <a href='services_sasl.html'>`
			`sasl</a><br/>`

			`   - <a href='services_sendmail.html'>`
			`sendmail</a><br/>`

			`   - <a href='services_slrnpull.html'>`
			`slrnpull</a><br/>`

			`   - <a href='services_smartmon.html'>`
			`smartmon</a><br/>`

			`   - <a href='services_snmp.html'>`
			`snmp</a><br/>`

			`   - <a href='services_spamassassin.html'>`
			`spamassassin</a><br/>`

			`   - <a href='services_squid.html'>`
			`squid</a><br/>`

			`   - <a href='services_ssh.html'>`
			`ssh</a><br/>`

			`   - <a href='services_stunnel.html'>`
			`stunnel</a><br/>`

			`   - <a href='services_sysstat.html'>`
			`sysstat</a><br/>`

			`   - <a href='services_tcpd.html'>`
			`tcpd</a><br/>`

			`   - <a href='services_telnet.html'>`
			`telnet</a><br/>`

			`   - <a href='services_tftp.html'>`
			`tftp</a><br/>`

			`   - <a href='services_timidity.html'>`
			`timidity</a><br/>`

			`   - <a href='services_ucspitcp.html'>`
			`ucspitcp</a><br/>`

			`   - <a href='services_uucp.html'>`
			`uucp</a><br/>`

			`   - <a href='services_xfs.html'>`
			`xfs</a><br/>`

			`   - <a href='services_xserver.html'>`
			`xserver</a><br/>`

			`   - <a href='services_zebra.html'>`
			`zebra</a><br/>`

			`</div>`

			`<a href="system.html">+ `
			`system</a></br/>`
			`<div id='subitem'>`

			`</div>`

			`<br/><p/>`
			`<a href="global_booleans.html">* Global Booleans </a>`
			`<br/><p/>`
			`<a href="global_tunables.html">* Global Tunables </a>`
			`<p/><br/><p/>`
			`<a href="index.html">* Layer Index</a>`
			`<br/><p/>`
			`<a href="interfaces.html">* Interface Index</a>`
			`<br/><p/>`
			`<a href="templates.html">* Template Index</a>`
			`</div>`

			`<div id="Content">`
			`<a name="top":></a>`
			`<h1>Layer: services</h1><p/>`
			`<h2>Module: xserver</h2><p/>`

			`<a href=#interfaces>Interfaces</a>`
			`<a href=#templates>Templates</a>`

			`<h3>Description:</h3>`

			`<p><p>X Windows Server</p></p>`



			`<a name="interfaces"></a>`
			`<h3>Interfaces: </h3>`

			`<a name="link_xserver_create_xdm_tmp_sockets"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_create_xdm_tmp_sockets</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Create a named socket in a XDM`
			`temporary directory.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_delete_log"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_delete_log</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Do not audit attempts to write the X server`
			`log files.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain to not audit`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_domtrans_xdm_xserver"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_domtrans_xdm_xserver</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Execute the X server in the XDM X server domain.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_dontaudit_write_log"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_dontaudit_write_log</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Do not audit attempts to write the X server`
			`log files.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain to not audit`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_read_xdm_pid"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_read_xdm_pid</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Read XDM pid files.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_read_xdm_rw_config"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_read_xdm_rw_config</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Read xdm-writable configuration files.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_setattr_xdm_tmp_dirs"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_setattr_xdm_tmp_dirs</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Set the attributes of XDM temporary directories.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_stream_connect_xdm"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_stream_connect_xdm</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Connect to XDM over a unix domain`
			`stream socket.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_xsession_entry_type"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_xsession_entry_type</b>(`




			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Make an X session script an entrypoint for the specified domain.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`The domain for which the shell is an entrypoint.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_xsession_spec_domtrans"></a>`
			`<div id="interface">`


			`<div id="codeblock">`

			`<b>xserver_xsession_spec_domtrans</b>(`




			`domain`



			`,`



			`target_domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Execute an X session in the target domain. This`
			`is an explicit transition, requiring the`
			`caller to use setexeccon().`
			`</p>`


			`<h5>Description</h5>`
			`<p>`
			`</p><p>`
			`Execute an Xsession in the target domain. This`
			`is an explicit transition, requiring the`
			`caller to use setexeccon().`
			`</p><p>`
			`</p><p>`
			`No interprocess communication (signals, pipes,`
			`etc.) is provided by this interface since`
			`the domains are not owned by this module.`
			`</p><p>`
			`</p>`

			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`target_domain`
			`</td><td>`
			`<p>`
			`The type of the shell process.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`


			`<a href=#top>Return</a>`


			`<a name="templates"></a>`
			`<h3>Templates: </h3>`

			`<a name="link_xserver_common_domain_template"></a>`
			`<div id="template">`


			`<div id="codeblock">`

			`<b>xserver_common_domain_template</b>(`




			`prefix`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Template to create types and rules common to`
			`all X server domains.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`prefix`
			`</td><td>`
			`<p>`
			`The prefix of the domain (e.g., user`
			`is the prefix for user_t).`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_domtrans_user_xauth"></a>`
			`<div id="template">`


			`<div id="codeblock">`

			`<b>xserver_domtrans_user_xauth</b>(`




			`userdomain_prefix`



			`,`



			`domain`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Transition to a user Xauthority domain.`
			`</p>`


			`<h5>Description</h5>`
			`<p>`
			`</p><p>`
			`Transition to a user Xauthority domain.`
			`</p><p>`
			`</p><p>`
			`This is a templated interface, and should only`
			`be called from a per-userdomain template.`
			`</p><p>`
			`</p>`

			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`userdomain_prefix`
			`</td><td>`
			`<p>`
			`The prefix of the user domain (e.g., user`
			`is the prefix for user_t).`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_per_userdomain_template"></a>`
			`<div id="template">`


			`<div id="codeblock">`

			`<b>xserver_per_userdomain_template</b>(`




			`prefix`



			`,`



			`user_domain`



			`,`



			`user_role`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`The per user domain template for the xserver module.`
			`</p>`


			`<h5>Description</h5>`
			`<p>`
			`</p><p>`
			`Define a derived domain for the X server when executed`
			`by a user domain (e.g. via startx). See the xdm module`
			`if using an X Display Manager.`
			`</p><p>`
			`</p><p>`
			`This is invoked automatically for each user and`
			`generally does not need to be invoked directly`
			`by policy writers.`
			`</p><p>`
			`</p>`

			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`prefix`
			`</td><td>`
			`<p>`
			`The prefix of the user domain (e.g., user`
			`is the prefix for user_t).`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`user_domain`
			`</td><td>`
			`<p>`
			`The type of the user domain.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`user_role`
			`</td><td>`
			`<p>`
			`The role associated with the user domain.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_ro_session_template"></a>`
			`<div id="template">`


			`<div id="codeblock">`

			`<b>xserver_ro_session_template</b>(`




			`prefix`



			`,`



			`domain`



			`,`



			`tmpfs_type`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Template for creating sessions on a`
			`prefix X server, with read-only`
			`access to the X server shared`
			`memory segments.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`prefix`
			`</td><td>`
			`<p>`
			`The prefix of the domain (e.g., user`
			`is the prefix for user_t).`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`tmpfs_type`
			`</td><td>`
			`<p>`
			`The type of the domain SYSV tmpfs files.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_rw_session_template"></a>`
			`<div id="template">`


			`<div id="codeblock">`

			`<b>xserver_rw_session_template</b>(`




			`prefix`



			`,`



			`domain`



			`,`



			`tmpfs_type`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Template for creating sessions on a`
			`prefix X server, with read and write`
			`access to the X server shared`
			`memory segments.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`prefix`
			`</td><td>`
			`<p>`
			`The prefix of the domain (e.g., user`
			`is the prefix for user_t).`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`tmpfs_type`
			`</td><td>`
			`<p>`
			`The type of the domain SYSV tmpfs files.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`

			`<a name="link_xserver_user_client_template"></a>`
			`<div id="template">`


			`<div id="codeblock">`

			`<b>xserver_user_client_template</b>(`




			`prefix`



			`,`



			`domain`



			`,`



			`tmpfs_type`


			`)<br>`
			`</div>`
			`<div id="description">`

			`<h5>Summary</h5>`
			`<p>`
			`Template for creating full client sessions`
			`on a user X server.`
			`</p>`


			`<h5>Parameters</h5>`
			`<table border="1" cellspacing="0" cellpadding="3" width="80%">`
			`<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>`

			`<tr><td>`
			`prefix`
			`</td><td>`
			`<p>`
			`The prefix of the domain (e.g., user`
			`is the prefix for user_t).`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`domain`
			`</td><td>`
			`<p>`
			`Domain allowed access.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`<tr><td>`
			`tmpfs_type`
			`</td><td>`
			`<p>`
			`The type of the domain SYSV tmpfs files.`
			`</p>`
			`</td><td>`
			`No`
			`</td></tr>`

			`</table>`
			`</div>`
			`</div>`


			`<a href=#top>Return</a>`



			`</div>`
			`</body>`
			`</html>`