rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Initial revision

Browse Source
This commit is contained in:
Karl MacMillan 2005-06-15 15:45:57 +00:00
parent 102a59ba77
commit 660bf70f23
42 changed files with 57105 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
www/api-docs/admin.html Normal file
View File

@ -0,0 +1,88 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
<tr><td>
<a href='admin_dmesg.html'>
dmesg</a></td>
<td><p>Policy for dmesg.</p></td>
<tr><td>
<a href='admin_rpm.html'>
rpm</a></td>
<td><p>Policy for the RPM package manager.</p></td>
<tr><td>
<a href='admin_usermanage.html'>
usermanage</a></td>
<td><p>Policy for managing user accounts.</p></td>
</td></tr>
</td></tr>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

144
www/api-docs/admin_dmesg.html Normal file
View File

@ -0,0 +1,144 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<h2>Module: dmesg</h2><p/>
<h3>Description:</h3>
<p>Policy for dmesg.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>dmesg_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute dmesg in the dmesg domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>dmesg_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute dmesg in the caller domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

303
www/api-docs/admin_rpm.html Normal file
View File

@ -0,0 +1,303 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<h2>Module: rpm</h2><p/>
<h3>Description:</h3>
<p>Policy for the RPM package manager.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>rpm_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute rpm programs in the rpm domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>rpm_read_db</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read RPM package database.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>rpm_read_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read from a RPM pipe.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>rpm_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute RPM programs in the RPM domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to allow the RPM domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the RPM domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>rpm_use_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Inherit and use file descriptors from RPM.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

538
www/api-docs/admin_usermanage.html Normal file
View File

@ -0,0 +1,538 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<h2>Module: usermanage</h2><p/>
<h3>Description:</h3>
<p>Policy for managing user accounts.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>usermanage_domtrans_chfn</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute chfn in the chfn domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_domtrans_groupadd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute groupadd in the groupadd domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_domtrans_passwd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute passwd in the passwd domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_domtrans_useradd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute useradd in the useradd domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_run_chfn</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute chfn in the chfn domain, and
allow the specified role the chfn domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the chfn domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the chfn domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_run_groupadd</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute groupadd in the groupadd domain, and
allow the specified role the groupadd domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the groupadd domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the groupadd domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_run_passwd</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute passwd in the passwd domain, and
allow the specified role the passwd domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the passwd domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the passwd domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_run_useradd</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute useradd in the useradd domain, and
allow the specified role the useradd domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the useradd domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the useradd domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

419
www/api-docs/index.html Normal file
View File

@ -0,0 +1,419 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
<tr><td>
<a href='admin_dmesg.html'>
dmesg</a></td>
<td><p>Policy for dmesg.</p></td>
<tr><td>
<a href='admin_rpm.html'>
rpm</a></td>
<td><p>Policy for the RPM package manager.</p></td>
<tr><td>
<a href='admin_usermanage.html'>
usermanage</a></td>
<td><p>Policy for managing user accounts.</p></td>
</td></tr>
</td></tr>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
<h1>Layer: kernel</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
<tr><td>
<a href='kernel_bootloader.html'>
bootloader</a></td>
<td><p>Policy for the kernel modules, kernel image, and bootloader.</p></td>
<tr><td>
<a href='kernel_corenetwork.html'>
corenetwork</a></td>
<td><p>Policy controlling access to network objects</p></td>
<tr><td>
<a href='kernel_devices.html'>
devices</a></td>
<td><p>
Device nodes and interfaces for many basic system devices.
</p></td>
<tr><td>
<a href='kernel_filesystem.html'>
filesystem</a></td>
<td><p>Policy for filesystems.</p></td>
<tr><td>
<a href='kernel_kernel.html'>
kernel</a></td>
<td><p>
Policy for kernel threads, proc filesystem,
and unlabeled processes and objects.
</p></td>
<tr><td>
<a href='kernel_selinux.html'>
selinux</a></td>
<td><p>
Policy for kernel security interface, in particular, selinuxfs.
</p></td>
<tr><td>
<a href='kernel_storage.html'>
storage</a></td>
<td><p>Policy controlling access to storage devices</p></td>
<tr><td>
<a href='kernel_terminal.html'>
terminal</a></td>
<td><p>Policy for terminals.</p></td>
</td></tr>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
<h1>Layer: services</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>
<tr><td>
<a href='services_mta.html'>
mta</a></td>
<td><p>Policy common to all email tranfer agents.</p></td>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>
<td><p>Policy for rshd, rlogind, and telnetd.</p></td>
<tr><td>
<a href='services_sendmail.html'>
sendmail</a></td>
<td><p>Policy for sendmail.</p></td>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
<h1>Layer: system</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>
</td></tr>
<tr><td>
<a href='system_authlogin.html'>
authlogin</a></td>
<td><p>Common policy for authentication and user login.</p></td>
<tr><td>
<a href='system_clock.html'>
clock</a></td>
<td><p>Policy for reading and setting the hardware clock.</p></td>
<tr><td>
<a href='system_corecommands.html'>
corecommands</a></td>
<td><p>
Core policy for shells, and generic programs
in /bin, /sbin, /usr/bin, and /usr/sbin.
</p></td>
<tr><td>
<a href='system_domain.html'>
domain</a></td>
<td><p>Core policy for domains.</p></td>
<tr><td>
<a href='system_files.html'>
files</a></td>
<td><p>
Basic filesystem types and interfaces.
</p></td>
<tr><td>
<a href='system_getty.html'>
getty</a></td>
<td><p>Policy for getty.</p></td>
<tr><td>
<a href='system_hostname.html'>
hostname</a></td>
<td><p>Policy for changing the system host name.</p></td>
<tr><td>
<a href='system_hotplug.html'>
hotplug</a></td>
<td><p>
Policy for hotplug system, for supporting the
connection and disconnection of devices at runtime.
</p></td>
<tr><td>
<a href='system_init.html'>
init</a></td>
<td><p>System initialization programs (init and init scripts).</p></td>
<tr><td>
<a href='system_iptables.html'>
iptables</a></td>
<td><p>Policy for iptables.</p></td>
<tr><td>
<a href='system_libraries.html'>
libraries</a></td>
<td><p>Policy for system libraries.</p></td>
<tr><td>
<a href='system_locallogin.html'>
locallogin</a></td>
<td><p>Policy for local logins.</p></td>
<tr><td>
<a href='system_logging.html'>
logging</a></td>
<td><p>Policy for the kernel message logger and system logging daemon.</p></td>
<tr><td>
<a href='system_lvm.html'>
lvm</a></td>
<td><p>Policy for logical volume management programs.</p></td>
<tr><td>
<a href='system_miscfiles.html'>
miscfiles</a></td>
<td><p>Miscelaneous files.</p></td>
<tr><td>
<a href='system_modutils.html'>
modutils</a></td>
<td><p>Policy for kernel module utilities</p></td>
<tr><td>
<a href='system_mount.html'>
mount</a></td>
<td><p>Policy for mount.</p></td>
<tr><td>
<a href='system_selinuxutil.html'>
selinuxutil</a></td>
<td><p>Policy for SELinux policy and userland applications.</p></td>
<tr><td>
<a href='system_sysnetwork.html'>
sysnetwork</a></td>
<td><p>Policy for network configuration: ifconfig and dhcp client.</p></td>
<tr><td>
<a href='system_udev.html'>
udev</a></td>
<td><p>Policy for udev.</p></td>
<tr><td>
<a href='system_userdomain.html'>
userdomain</a></td>
<td><p>Policy for user domains</p></td>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

17321
www/api-docs/interfaces.html Normal file
View File

File diff suppressed because it is too large Load Diff

135
www/api-docs/kernel.html Normal file
View File

@ -0,0 +1,135 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: kernel</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
<tr><td>
<a href='kernel_bootloader.html'>
bootloader</a></td>
<td><p>Policy for the kernel modules, kernel image, and bootloader.</p></td>
<tr><td>
<a href='kernel_corenetwork.html'>
corenetwork</a></td>
<td><p>Policy controlling access to network objects</p></td>
<tr><td>
<a href='kernel_devices.html'>
devices</a></td>
<td><p>
Device nodes and interfaces for many basic system devices.
</p></td>
<tr><td>
<a href='kernel_filesystem.html'>
filesystem</a></td>
<td><p>Policy for filesystems.</p></td>
<tr><td>
<a href='kernel_kernel.html'>
kernel</a></td>
<td><p>
Policy for kernel threads, proc filesystem,
and unlabeled processes and objects.
</p></td>
<tr><td>
<a href='kernel_selinux.html'>
selinux</a></td>
<td><p>
Policy for kernel security interface, in particular, selinuxfs.
</p></td>
<tr><td>
<a href='kernel_storage.html'>
storage</a></td>
<td><p>Policy controlling access to storage devices</p></td>
<tr><td>
<a href='kernel_terminal.html'>
terminal</a></td>
<td><p>Policy for terminals.</p></td>
</td></tr>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

857
www/api-docs/kernel_bootloader.html Normal file
View File

@ -0,0 +1,857 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: kernel</h1><p/>
<h2>Module: bootloader</h2><p/>
<h3>Description:</h3>
<p>Policy for the kernel modules, kernel image, and bootloader.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>bootloader_create_kernel</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Install a kernel into the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_create_kernel_symbol_table</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Install a system.map into the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_create_runtime_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read and write the bootloader
temporary data in /tmp.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_delete_kernel</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Delete a kernel from /boot.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_delete_kernel_symbol_table</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Delete a system.map in the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute bootloader in the bootloader domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_dontaudit_search_boot</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to search the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_list_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
List the contents of the kernel module directories.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_manage_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Create, read, write, and delete
kernel module files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_read_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read the bootloader configuration file.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_read_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read kernel module files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_read_kernel_symbol_table</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read system.map in the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute bootloader interactively and do
a domain transition to the bootloader domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the bootloader domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the bootloader domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_rw_boot_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read and write symbolic links
in the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_rw_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read and write the bootloader
configuration file.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_rw_tmp_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read and write the bootloader
temporary data in /tmp.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_search_boot_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Search the /boot directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_write_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Write kernel module files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

15944
www/api-docs/kernel_corenetwork.html Normal file
View File

File diff suppressed because it is too large Load Diff

3545
www/api-docs/kernel_devices.html Normal file
View File

File diff suppressed because it is too large Load Diff

3316
www/api-docs/kernel_filesystem.html Normal file
View File

File diff suppressed because it is too large Load Diff

2119
www/api-docs/kernel_kernel.html Normal file
View File

File diff suppressed because it is too large Load Diff

555
www/api-docs/kernel_selinux.html Normal file
View File

@ -0,0 +1,555 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: kernel</h1><p/>
<h2>Module: selinux</h2><p/>
<h3>Description:</h3>
<p>
Policy for kernel security interface, in particular, selinuxfs.
</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>selinux_compute_access_vector</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allows caller to compute an access vector.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type allowed to compute an access vector.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_compute_create_context</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_compute_relabel_context</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_compute_user_contexts</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allows caller to compute possible contexts for a user.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type allowed to compute user contexts.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_get_enforce_mode</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allows the caller to get the mode of policy enforcement
(enforcing or permissive mode).
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to allow to get the enforcing mode.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_get_fs_mount</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Gets the caller the mountpoint of the selinuxfs filesystem.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type requesting the selinuxfs mountpoint.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_load_policy</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow caller to load the policy into the kernel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type that will load the policy.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_set_boolean</b>(
domain
,
[
booltype
]
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow caller to set the state of Booleans to
enable or disable conditional portions of the policy.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type allowed to set the Boolean.
</td><td>
No
</td></tr>
<tr><td>
booltype
</td><td>
The type of Booleans the caller is allowed to set.
</td><td>
yes
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_set_enforce_mode</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow caller to set the mode of policy enforcement
(enforcing or permissive mode).
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to allow to set the enforcement mode.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_set_parameters</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow caller to set selinux security parameters.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to allow to set security parameters.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>selinux_validate_context</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allows caller to validate security contexts.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type permitted to validate contexts.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

1019
www/api-docs/kernel_storage.html Normal file
View File

File diff suppressed because it is too large Load Diff

1452
www/api-docs/kernel_terminal.html Normal file
View File

File diff suppressed because it is too large Load Diff

88
www/api-docs/services.html Normal file
View File

@ -0,0 +1,88 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: services</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>
<tr><td>
<a href='services_mta.html'>
mta</a></td>
<td><p>Policy common to all email tranfer agents.</p></td>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>
<td><p>Policy for rshd, rlogind, and telnetd.</p></td>
<tr><td>
<a href='services_sendmail.html'>
sendmail</a></td>
<td><p>Policy for sendmail.</p></td>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

103
www/api-docs/services_mta.html Normal file
View File

@ -0,0 +1,103 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: services</h1><p/>
<h2>Module: mta</h2><p/>
<h3>Description:</h3>
<p>Policy common to all email tranfer agents.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>mta_read_aliases</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read mail address aliases.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

103
www/api-docs/services_remotelogin.html Normal file
View File

@ -0,0 +1,103 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: services</h1><p/>
<h2>Module: remotelogin</h2><p/>
<h3>Description:</h3>
<p>Policy for rshd, rlogind, and telnetd.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>remotelogin_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Domain transition to the remote login domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

103
www/api-docs/services_sendmail.html Normal file
View File

@ -0,0 +1,103 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: services</h1><p/>
<h2>Module: sendmail</h2><p/>
<h3>Description:</h3>
<p>Policy for sendmail.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>sendmail_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Domain transition to sendmail.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

192
www/api-docs/style.css Normal file
View File

@ -0,0 +1,192 @@
body {
margin:0px;
padding:0px;
font-family:verdana, arial, helvetica, sans-serif;
color:#333;
background-color:white;
}
h1 {
margin:0px 0px 5px 0px;
padding:0px;
font-size:150%
line-height:28px;
font-weight:900;
color:#ccc;
}
h2 {
font-size:125%;
margin:0px;
padding:5px 0px 10px 0px;
}
h3 {
font-size:110%;
margin:0px;
padding:5px 0px 10px 5px;
}
h4 {
font-size:100%;
margin:0px;
padding:5px 0px 10px 5px;
}
h5 {
font-size:100%;
margin:0px;
font-weight:600;
padding:0px 0px 5px 0px;
margin:0px 0px 0px 5px;
}
li {
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 0px 10px;
padding:0px;
}
p {
/* normal */
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 0px 10px;
padding:0px;
}
tt {
/* inline code */
font-family: monospace;
}
table {
background-color:#efefef;
/*background-color: white;*/
border-style:solid;
border-color:black;
border-width:0px 1px 1px 0px;
color: black;
text-align: left;
font:11px/20px verdana, arial, helvetica, sans-serif;
margin-left: 5%;
margin-right: 5%;
}
th {
font-weight:500;
background-color: #eaeaef;
text-align: center;
}
td.header {
font-weight: bold;
}
#Content>p {margin:0px;}
#Content>p+p {text-indent:30px;}
a {
color:#09c;
font-size:11px;
text-decoration:none;
font-weight:600;
font-family:verdana, arial, helvetica, sans-serif;
}
a:link {color:#09c;}
a:visited {color:#07a;}
a:hover {background-color:#eee;}
#Codeblock {
margin:5px 50px 5px 10px;
padding:5px 0px 5px 15px;
border-style:solid;
border-color:lightgrey;
border-width:1px 1px 1px 1px;
background-color:#f5f5ff;
font-size:100%;
font-weight:600;
text-decoration:none;
font-family:monospace;
}
#Interface {
margin:5px 0px 25px 5px;
padding:5px 0px 5px 5px;
border-style:solid;
border-color:black;
border-width:1px 1px 1px 1px;
background-color:#fafafa;
font-size:14px;
font-weight:400;
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
}
#Interfacesmall {
margin:0px 0px 5px 0px;
padding:5px 0px 0px 5px;
border-style:solid;
border-color:black;
border-width:1px 1px 1px 1px;
background-color:#fafafa;
font-size:14px;
font-weight:400;
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
}
#Description {
margin:0px 0px 0px 5px;
padding:0px 0px 0px 5px;
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
font-size:12px;
font-weight:400;
}
pre {
margin:0px;
padding:0px;
font-size:14px;
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
}
dl {
/* definition text block */
font:11px/20px verdana, arial, helvetica, sans-serif;
margin:0px 0px 16px 0px;
padding:0px;
}
dt {
/* definition term */
font-weight: bold;
}
#Header {
margin:50px 0px 10px 0px;
padding:17px 0px 0px 20px;
/* For IE5/Win's benefit height = [correct height] + [top padding] + [top and bottom border widths] */
height:33px; /* 14px + 17px + 2px = 33px */
border-style:solid;
border-color:black;
border-width:1px 0px; /* top and bottom borders: 1px; left and right borders: 0px */
line-height:11px;
font-size:110%;
background-color:#eee;
voice-family: "\"}\"";
voice-family:inherit;
height:14px; /* the correct height */
}
body>#Header {height:14px;}
#Content {
margin:0px 50px 0px 200px;
padding:10px;
}
#Menu {
position:absolute;
top:100px;
left:20px;
width:162px;
padding:10px;
background-color:#eee;
border:1px solid #aaa;
line-height:17px;
text-align:left;
voice-family: "\"}\"";
voice-family:inherit;
width:160px;
}
#Menu subitem {
font-size: 5px;
}
body>#Menu {width:160px;}

240
www/api-docs/system.html Normal file
View File

@ -0,0 +1,240 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>
</td></tr>
<tr><td>
<a href='system_authlogin.html'>
authlogin</a></td>
<td><p>Common policy for authentication and user login.</p></td>
<tr><td>
<a href='system_clock.html'>
clock</a></td>
<td><p>Policy for reading and setting the hardware clock.</p></td>
<tr><td>
<a href='system_corecommands.html'>
corecommands</a></td>
<td><p>
Core policy for shells, and generic programs
in /bin, /sbin, /usr/bin, and /usr/sbin.
</p></td>
<tr><td>
<a href='system_domain.html'>
domain</a></td>
<td><p>Core policy for domains.</p></td>
<tr><td>
<a href='system_files.html'>
files</a></td>
<td><p>
Basic filesystem types and interfaces.
</p></td>
<tr><td>
<a href='system_getty.html'>
getty</a></td>
<td><p>Policy for getty.</p></td>
<tr><td>
<a href='system_hostname.html'>
hostname</a></td>
<td><p>Policy for changing the system host name.</p></td>
<tr><td>
<a href='system_hotplug.html'>
hotplug</a></td>
<td><p>
Policy for hotplug system, for supporting the
connection and disconnection of devices at runtime.
</p></td>
<tr><td>
<a href='system_init.html'>
init</a></td>
<td><p>System initialization programs (init and init scripts).</p></td>
<tr><td>
<a href='system_iptables.html'>
iptables</a></td>
<td><p>Policy for iptables.</p></td>
<tr><td>
<a href='system_libraries.html'>
libraries</a></td>
<td><p>Policy for system libraries.</p></td>
<tr><td>
<a href='system_locallogin.html'>
locallogin</a></td>
<td><p>Policy for local logins.</p></td>
<tr><td>
<a href='system_logging.html'>
logging</a></td>
<td><p>Policy for the kernel message logger and system logging daemon.</p></td>
<tr><td>
<a href='system_lvm.html'>
lvm</a></td>
<td><p>Policy for logical volume management programs.</p></td>
<tr><td>
<a href='system_miscfiles.html'>
miscfiles</a></td>
<td><p>Miscelaneous files.</p></td>
<tr><td>
<a href='system_modutils.html'>
modutils</a></td>
<td><p>Policy for kernel module utilities</p></td>
<tr><td>
<a href='system_mount.html'>
mount</a></td>
<td><p>Policy for mount.</p></td>
<tr><td>
<a href='system_selinuxutil.html'>
selinuxutil</a></td>
<td><p>Policy for SELinux policy and userland applications.</p></td>
<tr><td>
<a href='system_sysnetwork.html'>
sysnetwork</a></td>
<td><p>Policy for network configuration: ifconfig and dhcp client.</p></td>
<tr><td>
<a href='system_udev.html'>
udev</a></td>
<td><p>Policy for udev.</p></td>
<tr><td>
<a href='system_userdomain.html'>
userdomain</a></td>
<td><p>Policy for user domains</p></td>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

1033
www/api-docs/system_authlogin.html Normal file
View File

File diff suppressed because it is too large Load Diff

317
www/api-docs/system_clock.html Normal file
View File

@ -0,0 +1,317 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: clock</h2><p/>
<h3>Description:</h3>
<p>Policy for reading and setting the hardware clock.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>clock_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute hwclock in the clock domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>clock_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute hwclock
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>clock_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute hwclock in the clock domain, and
allow the specified role the hwclock domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the clock domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the clock domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>clock_rw_adjtime</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow executing domain to modify clock drift
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

239
www/api-docs/system_corecommands.html Normal file
View File

@ -0,0 +1,239 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: corecommands</h2><p/>
<h3>Description:</h3>
<p>
Core policy for shells, and generic programs
in /bin, /sbin, /usr/bin, and /usr/sbin.
</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>corecmd_domtrans_shell</b>(
domain
,
target_domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute a shell in the target domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
target_domain
</td><td>
The type of the shell process.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_shell_spec_domtrans</b>(
domain
,
target_domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute a shell in the target domain. This
is an explicit transition, requiring the
caller to use setexeccon().
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
target_domain
</td><td>
The type of the shell process.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

739
www/api-docs/system_domain.html Normal file
View File

@ -0,0 +1,739 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: domain</h2><p/>
<h3>Description:</h3>
<p>Core policy for domains.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getattr_all_tcp_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to get the attributes
of all domains TCP sockets.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getattr_all_udp_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to get the attributes
of all domains UDP sockets.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getattr_all_unix_dgram_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to get the attributes
of all domains unix datagram sockets.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getattr_all_unnamed_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to get the attributes
of all domains unnamed pipes.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_list_all_domains_proc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to read the process state
directories of all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_getsession_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Get the session ID of all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_kill_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Send a kill signal to all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_obj_id_change_exempt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Makes caller an exception to the constraint preventing
changing the user identity in object contexts.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to make an exception to the constraint.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_read_all_domains_state</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read the process state (/proc/pid) of all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_role_change_exempt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Makes caller an exception to the constraint preventing
changing of role.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to make an exception to the constraint.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_sigchld_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Send a child terminated signal to all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_signal_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Send general signals to all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_signull_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Send a null signal to all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_sigstop_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Send a stop signal to all domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_subj_id_change_exempt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Makes caller an exception to the constraint preventing
changing of user identity.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The process type to make an exception to the constraint.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

590
www/api-docs/system_files.html Normal file
View File

@ -0,0 +1,590 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: files</h2><p/>
<h3>Description:</h3>
<p>
</p><p>
This module contains basic filesystem types and interfaces. This
includes:
</p><ul><li>The concept of different file types including basic
files, mount points, tmp files, etc.</li><li>Access to groups of files and all files.</li><li>Types and interfaces for the basic filesystem layout
(/, /etc, /tmp, /usr, etc.).</li></ul><p>
</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>files_create_root</b>(
domain
,
[
private type
]
,
[
object
]
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Create an object in the root directory, with a private
type. If no object class is specified, the
default is file.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
private type
</td><td>
The type of the object to be created. If no type
is specified, the type of the root directory will
be used.
</td><td>
yes
</td></tr>
<tr><td>
object
</td><td>
The object class of the object being created. If
no class is specified, file will be used.
</td><td>
yes
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_delete_generic_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Delete system configuration files in /etc.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_ioctl_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to ioctl daemon runtime data files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to write to daemon runtime data files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_exec_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute programs in /usr/src in the caller domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_list_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Get listing home home directories.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_manage_all_files</b>(
domain
,
[
exception_types
]
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Manage all files on the filesystem, except
the listed exceptions.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the domain perfoming this action.
</td><td>
No
</td></tr>
<tr><td>
exception_types
</td><td>
The types to be excluded. Each type or attribute
must be negated by the caller.
</td><td>
yes
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_relabel_all_files</b>(
domain
,
[
exception_types
]
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Relabel all files on the filesystem, except
the listed exceptions.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the domain perfoming this action.
</td><td>
No
</td></tr>
<tr><td>
exception_types
</td><td>
The types to be excluded. Each type or attribute
must be negated by the caller.
</td><td>
yes
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>files_tmpfs_file</b>(
type
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Transform the type into a file, for use on a
virtual memory filesystem (tmpfs).
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
type
</td><td>
The type to be transformed.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

280
www/api-docs/system_getty.html Normal file
View File

@ -0,0 +1,280 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: getty</h2><p/>
<h3>Description:</h3>
<p>Policy for getty.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>getty_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute gettys in the getty domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>getty_modify_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to edit getty config file.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>getty_read_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read getty config file.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>getty_read_log</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read getty log file.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

279
www/api-docs/system_hostname.html Normal file
View File

@ -0,0 +1,279 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: hostname</h2><p/>
<h3>Description:</h3>
<p>Policy for changing the system host name.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>hostname_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute hostname in the hostname domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
Has a sigchld signal backchannel.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hostname_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute hostname in the hostname domain, and
Has a sigchld signal backchannel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hostname_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute hostname in the hostname domain, and
allow the specified role the hostname domain.
Has a sigchld signal backchannel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the hostname domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the hostname domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

160
www/api-docs/system_hotplug.html Normal file
View File

@ -0,0 +1,160 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: hotplug</h2><p/>
<h3>Description:</h3>
<p>
Policy for hotplug system, for supporting the
connection and disconnection of devices at runtime.
</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>hotplug_read_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read the configuration files for hotplug.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

198
www/api-docs/system_init.html Normal file
View File

@ -0,0 +1,198 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: init</h2><p/>
<h3>Description:</h3>
<p>System initialization programs (init and init scripts).</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>init_read_script_process_state</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read the process state (/proc/pid) of the init scripts.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>init_rw_script_tmp_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read and write init script temporary data.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

276
www/api-docs/system_iptables.html Normal file
View File

@ -0,0 +1,276 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: iptables</h2><p/>
<h3>Description:</h3>
<p>Policy for iptables.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>iptables_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute iptables in the iptables domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>iptables_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute iptables in the caller domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>iptables_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute iptables in the iptables domain, and
allow the specified role the iptables domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the iptables domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the iptables domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

572
www/api-docs/system_libraries.html Normal file
View File

@ -0,0 +1,572 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: libraries</h2><p/>
<h3>Description:</h3>
<p>Policy for system libraries.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>libs_domtrans_ldconfig</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute ldconfig in the ldconfig domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_exec_ld_so</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute the dynamic link/loader in the caller's
domain. This is commonly needed for the
/usr/bin/ldd program. Note: this can be used
to execute any binary that the caller can
read, even if the caller does not have execute
permissions.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_exec_lib_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute library scripts in the caller domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_legacy_use_ld_so</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Use the dynamic link/loader for automatic loading
of shared libraries with legacy support.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_legacy_use_shared_libs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Load and execute functions from shared libraries,
with legacy support.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_read_lib</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read files in the library directories, such
as static libraries.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_run_ldconfig</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute ldconfig in the ldconfig domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to allow the ldconfig domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the ldconfig domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_rw_ld_so_cache</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Modify the dynamic link/loader's cached listing
of shared libraries.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_use_ld_so</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Use the dynamic link/loader for automatic loading
of shared libraries.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_use_shared_libs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Load and execute functions from shared libraries.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

198
www/api-docs/system_locallogin.html Normal file
View File

@ -0,0 +1,198 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: locallogin</h2><p/>
<h3>Description:</h3>
<p>Policy for local logins.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>locallogin_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute local logins in the locallogin domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>locallogin_use_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow processes to inherit local login file descriptors
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

159
www/api-docs/system_logging.html Normal file
View File

@ -0,0 +1,159 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: logging</h2><p/>
<h3>Description:</h3>
<p>Policy for the kernel message logger and system logging daemon.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>logging_search_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allows the domain to open a file in the
log directory, but does not allow the listing
of the contents of the log directory.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

275
www/api-docs/system_lvm.html Normal file
View File

@ -0,0 +1,275 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: lvm</h2><p/>
<h3>Description:</h3>
<p>Policy for logical volume management programs.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>lvm_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute lvm programs in the lvm domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>lvm_read_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read LVM configuration files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>lvm_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute lvm programs in the lvm domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to allow the LVM domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the LVM domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

322
www/api-docs/system_miscfiles.html Normal file
View File

@ -0,0 +1,322 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: miscfiles</h2><p/>
<h3>Description:</h3>
<p>Miscelaneous files.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>miscfiles_legacy_read_localization</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read legacy time localization info
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>miscfiles_read_fonts</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read fonts files
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>miscfiles_read_localization</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read localization info
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>miscfiles_read_man_pages</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read manpages
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>miscfiles_rw_man_cache</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to create files and dirs in /var/cache/man
and /var/catman/
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

557
www/api-docs/system_modutils.html Normal file
View File

@ -0,0 +1,557 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: modutils</h2><p/>
<h3>Description:</h3>
<p>Policy for kernel module utilities</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>modutils_domtrans_depmod</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute depmod in the depmod domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_domtrans_insmod</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute insmod in the insmod domain. Has a
sigchld backchannel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_domtrans_update_mods</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute depmod in the depmod domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_read_kernel_module_dependencies</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read the dependencies of kernel modules.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_read_module_conf</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read the configuration options used when
loading modules.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_run_depmod</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute depmod in the depmod domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the depmod domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the depmod domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_run_insmod</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute insmod in the insmod domain, and
allow the specified role the insmod domain,
and use the caller's terminal. Has a sigchld
backchannel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the insmod domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the insmod domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_run_update_mods</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute update_modules in the update_modules domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the update_modules domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the update_modules domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

319
www/api-docs/system_mount.html Normal file
View File

@ -0,0 +1,319 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: mount</h2><p/>
<h3>Description:</h3>
<p>Policy for mount.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>mount_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute mount in the mount domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mount_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute mount in the mount domain, and
allow the specified role the mount domain,
and use the caller's terminal.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the mount domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the mount domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mount_send_nfs_client_request</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow the mount domain to send nfs requests for mounting
network drives
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mount_use_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Use file descriptors for mount.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

921
www/api-docs/system_selinuxutil.html Normal file
View File

@ -0,0 +1,921 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: selinuxutil</h2><p/>
<h3>Description:</h3>
<p>Policy for SELinux policy and userland applications.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>seutil_domtrans_checkpol</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute checkpolicy in the checkpolicy domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_domtrans_loadpol</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute load_policy in the load_policy domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_domtrans_newrole</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute newrole in the load_policy domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_domtrans_restorecon</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute restorecon in the restorecon domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_domtrans_runinit</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute run_init in the run_init domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_domtrans_setfiles</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute setfiles in the setfiles domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_dontaudit_newrole_signal</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit the caller attempts to send
a signal to newrole.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_relabelto_binary_pol</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow the caller to relabel a file to the binary policy type.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_run_checkpol</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute checkpolicy in the checkpolicy domain, and
allow the specified role the checkpolicy domain,
and use the caller's terminal.
Has a SIGCHLD signal backchannel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the checkpolicy domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the checkpolicy domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_run_loadpol</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute load_policy in the load_policy domain, and
allow the specified role the load_policy domain,
and use the caller's terminal.
Has a SIGCHLD signal backchannel.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the load_policy domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the load_policy domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_run_newrole</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute newrole in the newrole domain, and
allow the specified role the newrole domain,
and use the caller's terminal.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the newrole domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the newrole domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_run_restorecon</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute restorecon in the restorecon domain, and
allow the specified role the restorecon domain,
and use the caller's terminal.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the restorecon domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the restorecon domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_run_runinit</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute run_init in the run_init domain, and
allow the specified role the run_init domain,
and use the caller's terminal.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the run_init domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the run_init domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>seutil_run_setfiles</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute setfiles in the setfiles domain, and
allow the specified role the setfiles domain,
and use the caller's terminal.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the setfiles domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the setfiles domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

318
www/api-docs/system_sysnetwork.html Normal file
View File

@ -0,0 +1,318 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: sysnetwork</h2><p/>
<h3>Description:</h3>
<p>Policy for network configuration: ifconfig and dhcp client.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>sysnet_domtrans_dhcpc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute dhcp client in dhcpc domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_domtrans_ifconfig</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute ifconfig in the ifconfig domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_read_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow network init to read network config files.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_run_ifconfig</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute ifconfig in the ifconfig domain, and
allow the specified role the ifconfig domain,
and use the caller's terminal.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the ifconfig domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the ifconfig domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

239
www/api-docs/system_udev.html Normal file
View File

@ -0,0 +1,239 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: udev</h2><p/>
<h3>Description:</h3>
<p>Policy for udev.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>udev_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute udev in the udev domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>udev_read_db</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to read list of devices.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>udev_rw_db</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Allow process to modify list of devices.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>

530
www/api-docs/system_userdomain.html Normal file
View File

@ -0,0 +1,530 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: userdomain</h2><p/>
<h3>Description:</h3>
<p>Policy for user domains</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>userdom_dontaudit_use_sysadm_terms</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to use admin ttys and ptys.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_dontaudit_use_unpriv_user_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Do not audit attempts to inherit the
file descriptors from all user domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_read_all_user_data</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read all files in all users home directories.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_search_all_users_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Search all users home directories.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_shell_domtrans_sysadm</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute a shell in the sysadm domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_signal_all_users</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Send general signals to all user domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_spec_domtrans_all_users</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute a shell in all user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_use_all_user_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Inherit the file descriptors from all user domains
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_use_sysadm_terms</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Read and write administrative users
physical and pseudo terminals.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_use_unpriv_users_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Inherit the file descriptors from all user domains.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>