rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

update for release

Browse Source
This commit is contained in:
Chris PeBenito 2005-08-02 17:21:46 +00:00
parent 369b504740
commit 8b1125a766
60 changed files with 21320 additions and 2753 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
www/api-docs/admin.html
View File

@ -58,15 +58,26 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<p><p>
Policy modules for administrative functions, such as package management.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>

14
www/api-docs/admin_consoletype.html
View File

@ -58,9 +58,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -68,8 +74,6 @@
<h1>Layer: admin</h1><p/>
<h2>Module: consoletype</h2><p/>
<h3>Description:</h3>
<p><p>
@ -81,6 +85,7 @@ Determine of the console connected to the controlling terminal.
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_consoletype_domtrans"></a>
<div id="interface">
@ -122,6 +127,7 @@ No
</div>
</div>
<a name="link_consoletype_exec"></a>
<div id="interface">

22
www/api-docs/admin_dmesg.html
View File

@ -58,9 +58,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -68,8 +74,6 @@
<h1>Layer: admin</h1><p/>
<h2>Module: dmesg</h2><p/>
<h3>Description:</h3>
<p><p>Policy for dmesg.</p></p>
@ -79,6 +83,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_dmesg_domtrans"></a>
<div id="interface">
@ -96,12 +101,12 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute dmesg in the dmesg domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -120,6 +125,7 @@ No
</div>
</div>
<a name="link_dmesg_exec"></a>
<div id="interface">
@ -137,12 +143,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute dmesg in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

16
www/api-docs/admin_logrotate.html
View File

@ -58,9 +58,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -68,8 +74,6 @@
<h1>Layer: admin</h1><p/>
<h2>Module: logrotate</h2><p/>
<h3>Description:</h3>
<p><p>Rotate and archive system logs</p></p>
@ -79,6 +83,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_logrotate_domtrans"></a>
<div id="interface">
@ -120,6 +125,7 @@ No
</div>
</div>
<a name="link_logrotate_dontaudit_use_fd"></a>
<div id="interface">
@ -161,6 +167,7 @@ No
</div>
</div>
<a name="link_logrotate_exec"></a>
<div id="interface">
@ -202,6 +209,7 @@ No
</div>
</div>
<a name="link_logrotate_run"></a>
<div id="interface">

21
www/api-docs/admin_netutils.html
View File

@ -58,9 +58,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -68,8 +74,6 @@
<h1>Layer: admin</h1><p/>
<h2>Module: netutils</h2><p/>
<h3>Description:</h3>
<p><p>Network analysis utilities</p></p>
@ -79,6 +83,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_netutils_domtrans"></a>
<div id="interface">
@ -120,6 +125,7 @@ No
</div>
</div>
<a name="link_netutils_domtrans_ping"></a>
<div id="interface">
@ -161,6 +167,7 @@ No
</div>
</div>
<a name="link_netutils_domtrans_traceroute"></a>
<div id="interface">
@ -202,6 +209,7 @@ No
</div>
</div>
<a name="link_netutils_exec"></a>
<div id="interface">
@ -243,6 +251,7 @@ No
</div>
</div>
<a name="link_netutils_exec_ping"></a>
<div id="interface">
@ -284,6 +293,7 @@ No
</div>
</div>
<a name="link_netutils_exec_traceroute"></a>
<div id="interface">
@ -325,6 +335,7 @@ No
</div>
</div>
<a name="link_netutils_run"></a>
<div id="interface">
@ -403,6 +414,7 @@ No
</div>
</div>
<a name="link_netutils_run_ping"></a>
<div id="interface">
@ -481,6 +493,7 @@ No
</div>
</div>
<a name="link_netutils_run_traceroute"></a>
<div id="interface">

146
www/api-docs/admin_rpm.html
View File

@ -58,9 +58,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -68,8 +74,6 @@
<h1>Layer: admin</h1><p/>
<h2>Module: rpm</h2><p/>
<h3>Description:</h3>
<p><p>Policy for the RPM package manager.</p></p>
@ -79,6 +83,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_rpm_domtrans"></a>
<div id="interface">
@ -120,6 +125,7 @@ No
</div>
</div>
<a name="link_rpm_manage_db"></a>
<div id="interface">
@ -161,6 +167,49 @@ No
</div>
</div>
<a name="link_rpm_manage_log"></a>
<div id="interface">
<div id="codeblock">
<b>rpm_manage_log</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete the RPM log.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_rpm_read_db"></a>
<div id="interface">
@ -202,6 +251,7 @@ No
</div>
</div>
<a name="link_rpm_read_pipe"></a>
<div id="interface">
@ -221,7 +271,7 @@ No
<h5>Summary</h5>
<p>
Read from a RPM pipe.
Read from an unnamed RPM pipe.
</p>
@ -243,6 +293,7 @@ No
</div>
</div>
<a name="link_rpm_run"></a>
<div id="interface">
@ -320,6 +371,49 @@ No
</div>
</div>
<a name="link_rpm_rw_pipe"></a>
<div id="interface">
<div id="codeblock">
<b>rpm_rw_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write an unnamed RPM pipe.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_rpm_use_fd"></a>
<div id="interface">
@ -343,6 +437,48 @@ Inherit and use file descriptors from RPM.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_rpm_use_script_fd"></a>
<div id="interface">
<div id="codeblock">
<b>rpm_use_script_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Inherit and use file descriptors from RPM scripts.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

21
www/api-docs/admin_usermanage.html
View File

@ -58,9 +58,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -68,8 +74,6 @@
<h1>Layer: admin</h1><p/>
<h2>Module: usermanage</h2><p/>
<h3>Description:</h3>
<p><p>Policy for managing user accounts.</p></p>
@ -79,6 +83,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_usermanage_domtrans_chfn"></a>
<div id="interface">
@ -120,6 +125,7 @@ No
</div>
</div>
<a name="link_usermanage_domtrans_groupadd"></a>
<div id="interface">
@ -161,6 +167,7 @@ No
</div>
</div>
<a name="link_usermanage_domtrans_passwd"></a>
<div id="interface">
@ -202,6 +209,7 @@ No
</div>
</div>
<a name="link_usermanage_domtrans_useradd"></a>
<div id="interface">
@ -243,6 +251,7 @@ No
</div>
</div>
<a name="link_usermanage_read_crack_db"></a>
<div id="interface">
@ -284,6 +293,7 @@ No
</div>
</div>
<a name="link_usermanage_run_chfn"></a>
<div id="interface">
@ -362,6 +372,7 @@ No
</div>
</div>
<a name="link_usermanage_run_groupadd"></a>
<div id="interface">
@ -440,6 +451,7 @@ No
</div>
</div>
<a name="link_usermanage_run_passwd"></a>
<div id="interface">
@ -518,6 +530,7 @@ No
</div>
</div>
<a name="link_usermanage_run_useradd"></a>
<div id="interface">

13
www/api-docs/apps.html
View File

@ -43,15 +43,24 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h1>Layer: apps</h1><p/>
<p><p>Policy modules for applications</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>

11
www/api-docs/apps_gpg.html
View File

@ -43,9 +43,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -63,6 +69,7 @@
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_gpg_per_userdomain_template"></a>
<div id="template">

226
www/api-docs/global_booleans.html Normal file
View File

@ -0,0 +1,226 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='apps_gpg.html'>
gpg</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_unconfined.html'>
unconfined</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h3>Global booleans:</h3>
<div id="interface">
<div id="codeblock">secure_mode</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Enabling secure mode disallows programs, such as
newrole, from transitioning to administrative
user domains.
</p></p>
</div></div>
</div>
</body>
</html>

503
www/api-docs/global_tunables.html Normal file
View File

@ -0,0 +1,503 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='apps_gpg.html'>
gpg</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_unconfined.html'>
unconfined</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h3>Global tunables:</h3>
<div id="interface">
<div id="codeblock">allow_execmem</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow execution of anonymous mappings, e.g. executable stack.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">allow_execmod</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Support Share libraries with text relocations
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">allow_gpg_execstack</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow gpg executable stack
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">allow_kerberos</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow system to run with kerberos
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">allow_ypbind</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow system to run with NIS
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">cron_can_relabel</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow system cron jobs to relabel filesystem
for restoring file contexts.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">fcron_crond</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Enable extra rules in the cron domain
to support fcron.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">read_default_t</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow reading of default_t files.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">run_ssh_inetd</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow ssh to run from inetd instead of as a daemon.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">ssh_sysadm_login</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow ssh logins as sysadm_r:sysadm_t
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">staff_read_sysadm_file</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow staff_r users to search the sysadm home
dir and read files (such as ~/.bashrc)
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">use_dns</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow the use of DNS for name resolution.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">use_nfs_home_dirs</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Support NFS home directories
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">use_samba_home_dirs</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Support SAMBA home directories
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_direct_mouse</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow regular users direct mouse access
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_dmesg</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow users to read system messages.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_net_control</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow users to control network interfaces
(also needs USERCTL=true)
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_ping</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Control users use of ping and traceroute
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_rw_noexattrfile</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_rw_usb</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow users to rw usb devices
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_tcp_server</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow users to run TCP servers (bind to ports and accept connection from
the same domain and outside users) disabling this forces FTP passive mode
and may change other protocols.
</p></p>
</div></div>
<div id="interface">
<div id="codeblock">user_ttyfile_stat</div>
<div id="description">
<h5>Default value</h5>
<p>false</p>
<h5>Description</h5>
<p><p>
Allow w to display everyone
</p></p>
</div></div>
</div>
</body>
</html>

66
www/api-docs/index.html
View File

@ -91,6 +91,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -136,6 +139,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -160,6 +166,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -178,15 +190,26 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h1>Layer: admin</h1><p/>
<p><p>
Policy modules for administrative functions, such as package management.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -242,6 +265,11 @@ Determine of the console connected to the controlling terminal.
<h1>Layer: kernel</h1><p/>
<p><p>
Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -311,6 +339,9 @@ Policy for kernel security interface, in particular, selinuxfs.
<h1>Layer: apps</h1><p/>
<p><p>Policy modules for applications</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -339,6 +370,11 @@ Policy for kernel security interface, in particular, selinuxfs.
<h1>Layer: system</h1><p/>
<p><p>
Policy modules for system functions from init to multi-user login.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -413,6 +449,11 @@ connection and disconnection of devices at runtime.
init</a></td>
<td><p>System initialization programs (init and init scripts).</p></td>
<tr><td>
<a href='system_ipsec.html'>
ipsec</a></td>
<td><p>TCP/IP encryption</p></td>
<tr><td>
<a href='system_iptables.html'>
iptables</a></td>
@ -453,6 +494,16 @@ connection and disconnection of devices at runtime.
mount</a></td>
<td><p>Policy for mount.</p></td>
<tr><td>
<a href='system_pcmcia.html'>
pcmcia</a></td>
<td><p>PCMCIA card management services</p></td>
<tr><td>
<a href='system_raid.html'>
raid</a></td>
<td><p>RAID array management tools</p></td>
<tr><td>
<a href='system_selinuxutil.html'>
selinuxutil</a></td>
@ -485,6 +536,12 @@ connection and disconnection of devices at runtime.
<h1>Layer: services</h1><p/>
<p><p>
Policy modules for system services, like cron, and network services,
like sshd.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -523,6 +580,11 @@ connection and disconnection of devices at runtime.
nis</a></td>
<td><p>Policy for NIS (YP) servers and clients</p></td>
<tr><td>
<a href='services_nscd.html'>
nscd</a></td>
<td><p>Name service cache daemon</p></td>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>

10551
www/api-docs/interfaces.html
View File

File diff suppressed because it is too large Load Diff

15
www/api-docs/kernel.html
View File

@ -64,15 +64,26 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h1>Layer: kernel</h1><p/>
<p><p>
Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>

145
www/api-docs/kernel_bootloader.html
View File

@ -64,9 +64,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +80,6 @@
<h1>Layer: kernel</h1><p/>
<h2>Module: bootloader</h2><p/>
<h3>Description:</h3>
<p><p>Policy for the kernel modules, kernel image, and bootloader.</p></p>
@ -85,6 +89,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_bootloader_create_kernel"></a>
<div id="interface">
@ -102,12 +107,12 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Install a kernel into the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -126,6 +131,7 @@ No
</div>
</div>
<a name="link_bootloader_create_kernel_symbol_table"></a>
<div id="interface">
@ -143,12 +149,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Install a system.map into the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -167,6 +173,7 @@ No
</div>
</div>
<a name="link_bootloader_create_modules"></a>
<div id="interface">
@ -208,6 +215,7 @@ No
</div>
</div>
<a name="link_bootloader_create_runtime_file"></a>
<div id="interface">
@ -225,13 +233,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read and write the bootloader
temporary data in /tmp.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -250,6 +258,7 @@ No
</div>
</div>
<a name="link_bootloader_delete_kernel"></a>
<div id="interface">
@ -267,12 +276,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Delete a kernel from /boot.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -291,6 +300,7 @@ No
</div>
</div>
<a name="link_bootloader_delete_kernel_symbol_table"></a>
<div id="interface">
@ -308,12 +318,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Delete a system.map in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -332,6 +342,7 @@ No
</div>
</div>
<a name="link_bootloader_domtrans"></a>
<div id="interface">
@ -349,12 +360,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute bootloader in the bootloader domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -373,6 +384,7 @@ No
</div>
</div>
<a name="link_bootloader_dontaudit_search_boot"></a>
<div id="interface">
@ -390,12 +402,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Do not audit attempts to search the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -414,6 +426,49 @@ No
</div>
</div>
<a name="link_bootloader_getattr_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>bootloader_getattr_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_bootloader_list_kernel_modules"></a>
<div id="interface">
@ -431,12 +486,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
List the contents of the kernel module directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -455,6 +510,7 @@ No
</div>
</div>
<a name="link_bootloader_manage_kernel_modules"></a>
<div id="interface">
@ -472,13 +528,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Create, read, write, and delete
kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -497,6 +553,7 @@ No
</div>
</div>
<a name="link_bootloader_read_config"></a>
<div id="interface">
@ -514,12 +571,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read the bootloader configuration file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -538,6 +595,7 @@ No
</div>
</div>
<a name="link_bootloader_read_kernel_modules"></a>
<div id="interface">
@ -555,12 +613,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -579,6 +637,7 @@ No
</div>
</div>
<a name="link_bootloader_read_kernel_symbol_table"></a>
<div id="interface">
@ -596,12 +655,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read system.map in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -620,6 +679,7 @@ No
</div>
</div>
<a name="link_bootloader_run"></a>
<div id="interface">
@ -653,13 +713,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute bootloader interactively and do
a domain transition to the bootloader domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -698,6 +758,7 @@ No
</div>
</div>
<a name="link_bootloader_rw_boot_symlinks"></a>
<div id="interface">
@ -715,13 +776,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read and write symbolic links
in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -740,6 +801,7 @@ No
</div>
</div>
<a name="link_bootloader_rw_config"></a>
<div id="interface">
@ -757,13 +819,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read and write the bootloader
configuration file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -782,6 +844,7 @@ No
</div>
</div>
<a name="link_bootloader_rw_tmp_file"></a>
<div id="interface">
@ -799,13 +862,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read and write the bootloader
temporary data in /tmp.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -824,6 +887,7 @@ No
</div>
</div>
<a name="link_bootloader_search_boot"></a>
<div id="interface">
@ -841,12 +905,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Search the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -865,6 +929,7 @@ No
</div>
</div>
<a name="link_bootloader_write_kernel_modules"></a>
<div id="interface">
@ -882,12 +947,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Write kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

3808
www/api-docs/kernel_corenetwork.html
View File

File diff suppressed because it is too large Load Diff

437
www/api-docs/kernel_devices.html
View File

File diff suppressed because it is too large Load Diff

911
www/api-docs/kernel_filesystem.html
View File

File diff suppressed because it is too large Load Diff

811
www/api-docs/kernel_kernel.html
View File

File diff suppressed because it is too large Load Diff

114
www/api-docs/kernel_selinux.html
View File

@ -64,9 +64,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +80,6 @@
<h1>Layer: kernel</h1><p/>
<h2>Module: selinux</h2><p/>
<h3>Description:</h3>
<p><p>
@ -89,6 +93,7 @@ Policy for kernel security interface, in particular, selinuxfs.
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_selinux_compute_access_vector"></a>
<div id="interface">
@ -106,12 +111,12 @@ Policy for kernel security interface, in particular, selinuxfs.
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allows caller to compute an access vector.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -130,6 +135,7 @@ No
</div>
</div>
<a name="link_selinux_compute_create_context"></a>
<div id="interface">
@ -147,12 +153,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -171,6 +177,7 @@ No
</div>
</div>
<a name="link_selinux_compute_relabel_context"></a>
<div id="interface">
@ -188,12 +195,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -212,6 +219,7 @@ No
</div>
</div>
<a name="link_selinux_compute_user_contexts"></a>
<div id="interface">
@ -229,12 +237,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allows caller to compute possible contexts for a user.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -253,6 +261,49 @@ No
</div>
</div>
<a name="link_selinux_dontaudit_search_fs"></a>
<div id="interface">
<div id="codeblock">
<b>selinux_dontaudit_search_fs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search selinuxfs.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_selinux_get_enforce_mode"></a>
<div id="interface">
@ -270,13 +321,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allows the caller to get the mode of policy enforcement
(enforcing or permissive mode).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -295,6 +346,7 @@ No
</div>
</div>
<a name="link_selinux_get_fs_mount"></a>
<div id="interface">
@ -312,12 +364,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Gets the caller the mountpoint of the selinuxfs filesystem.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -336,6 +388,7 @@ No
</div>
</div>
<a name="link_selinux_load_policy"></a>
<div id="interface">
@ -353,12 +406,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow caller to load the policy into the kernel.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -377,6 +430,7 @@ No
</div>
</div>
<a name="link_selinux_set_boolean"></a>
<div id="interface">
@ -406,13 +460,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow caller to set the state of Booleans to
enable or disable conditional portions of the policy.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -441,6 +495,7 @@ yes
</div>
</div>
<a name="link_selinux_set_enforce_mode"></a>
<div id="interface">
@ -458,13 +513,13 @@ yes
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow caller to set the mode of policy enforcement
(enforcing or permissive mode).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -483,6 +538,7 @@ No
</div>
</div>
<a name="link_selinux_set_parameters"></a>
<div id="interface">
@ -500,12 +556,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow caller to set selinux security parameters.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -524,6 +580,7 @@ No
</div>
</div>
<a name="link_selinux_unconfined"></a>
<div id="interface">
@ -541,12 +598,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Unconfined access to the SELinux security server.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -565,6 +622,7 @@ No
</div>
</div>
<a name="link_selinux_validate_context"></a>
<div id="interface">
@ -582,12 +640,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allows caller to validate security contexts.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

83
www/api-docs/kernel_storage.html
View File

@ -64,9 +64,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +80,6 @@
<h1>Layer: kernel</h1><p/>
<h2>Module: storage</h2><p/>
<h3>Description:</h3>
<p><p>Policy controlling access to storage devices</p></p>
@ -85,6 +89,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_storage_create_fixed_disk"></a>
<div id="interface">
@ -126,6 +131,49 @@ No
</div>
</div>
<a name="link_storage_create_fixed_disk_tmpfs"></a>
<div id="interface">
<div id="codeblock">
<b>storage_create_fixed_disk_tmpfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create fixed disk device nodes on a tmpfs filesystem.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_getattr_fixed_disk"></a>
<div id="interface">
@ -168,6 +216,7 @@ No
</div>
</div>
<a name="link_storage_dontaudit_getattr_removable_device"></a>
<div id="interface">
@ -210,6 +259,7 @@ No
</div>
</div>
<a name="link_storage_dontaudit_setattr_fixed_disk"></a>
<div id="interface">
@ -252,6 +302,7 @@ No
</div>
</div>
<a name="link_storage_dontaudit_setattr_removable_device"></a>
<div id="interface">
@ -294,6 +345,7 @@ No
</div>
</div>
<a name="link_storage_getattr_fixed_disk"></a>
<div id="interface">
@ -336,6 +388,7 @@ No
</div>
</div>
<a name="link_storage_getattr_removable_device"></a>
<div id="interface">
@ -378,6 +431,7 @@ No
</div>
</div>
<a name="link_storage_getattr_scsi_generic"></a>
<div id="interface">
@ -420,6 +474,7 @@ No
</div>
</div>
<a name="link_storage_getattr_scsi_generic"></a>
<div id="interface">
@ -462,6 +517,7 @@ No
</div>
</div>
<a name="link_storage_getattr_tape_device"></a>
<div id="interface">
@ -504,6 +560,7 @@ No
</div>
</div>
<a name="link_storage_manage_fixed_disk"></a>
<div id="interface">
@ -545,6 +602,7 @@ No
</div>
</div>
<a name="link_storage_raw_read_fixed_disk"></a>
<div id="interface">
@ -589,6 +647,7 @@ No
</div>
</div>
<a name="link_storage_raw_read_lvm_volume"></a>
<div id="interface">
@ -633,6 +692,7 @@ No
</div>
</div>
<a name="link_storage_raw_read_removable_device"></a>
<div id="interface">
@ -678,6 +738,7 @@ No
</div>
</div>
<a name="link_storage_raw_write_fixed_disk"></a>
<div id="interface">
@ -722,6 +783,7 @@ No
</div>
</div>
<a name="link_storage_raw_write_lvm_volume"></a>
<div id="interface">
@ -766,6 +828,7 @@ No
</div>
</div>
<a name="link_storage_raw_write_removable_device"></a>
<div id="interface">
@ -811,6 +874,7 @@ No
</div>
</div>
<a name="link_storage_read_scsi_generic"></a>
<div id="interface">
@ -856,6 +920,7 @@ No
</div>
</div>
<a name="link_storage_read_tape_device"></a>
<div id="interface">
@ -898,6 +963,7 @@ No
</div>
</div>
<a name="link_storage_relabel_fixed_disk"></a>
<div id="interface">
@ -939,6 +1005,7 @@ No
</div>
</div>
<a name="link_storage_set_scsi_generic_attributes"></a>
<div id="interface">
@ -981,6 +1048,7 @@ No
</div>
</div>
<a name="link_storage_setattr_fixed_disk"></a>
<div id="interface">
@ -1023,6 +1091,7 @@ No
</div>
</div>
<a name="link_storage_setattr_removable_device"></a>
<div id="interface">
@ -1065,6 +1134,7 @@ No
</div>
</div>
<a name="link_storage_setattr_scsi_generic"></a>
<div id="interface">
@ -1107,6 +1177,7 @@ No
</div>
</div>
<a name="link_storage_setattr_tape_device"></a>
<div id="interface">
@ -1149,6 +1220,7 @@ No
</div>
</div>
<a name="link_storage_swapon_fixed_disk"></a>
<div id="interface">
@ -1190,6 +1262,7 @@ No
</div>
</div>
<a name="link_storage_unconfined"></a>
<div id="interface">
@ -1231,6 +1304,7 @@ No
</div>
</div>
<a name="link_storage_write_scsi_generic"></a>
<div id="interface">
@ -1276,6 +1350,7 @@ No
</div>
</div>
<a name="link_storage_write_tape_device"></a>
<div id="interface">

218
www/api-docs/kernel_terminal.html
View File

@ -64,9 +64,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +80,6 @@
<h1>Layer: kernel</h1><p/>
<h2>Module: terminal</h2><p/>
<h3>Description:</h3>
<p><p>Policy for terminals.</p></p>
@ -85,6 +89,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_term_create_pty"></a>
<div id="interface">
@ -144,6 +149,51 @@ No
</div>
</div>
<a name="link_term_dontaudit_getattr_all_user_ptys"></a>
<div id="interface">
<div id="codeblock">
<b>term_dontaudit_getattr_all_user_ptys</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Do not audit attempts to get the
attributes of any user pty
device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_term_dontaudit_getattr_all_user_ttys"></a>
<div id="interface">
@ -187,6 +237,50 @@ No
</div>
</div>
<a name="link_term_dontaudit_getattr_unallocated_ttys"></a>
<div id="interface">
<div id="codeblock">
<b>term_dontaudit_getattr_unallocated_ttys</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Do not audit attempts to get the attributes
of all unallocated tty device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_term_dontaudit_list_ptys"></a>
<div id="interface">
@ -229,6 +323,7 @@ No
</div>
</div>
<a name="link_term_dontaudit_use_all_user_ptys"></a>
<div id="interface">
@ -271,6 +366,7 @@ No
</div>
</div>
<a name="link_term_dontaudit_use_all_user_ttys"></a>
<div id="interface">
@ -313,6 +409,7 @@ No
</div>
</div>
<a name="link_term_dontaudit_use_console"></a>
<div id="interface">
@ -355,6 +452,7 @@ No
</div>
</div>
<a name="link_term_dontaudit_use_generic_pty"></a>
<div id="interface">
@ -398,6 +496,7 @@ No
</div>
</div>
<a name="link_term_dontaudit_use_ptmx"></a>
<div id="interface">
@ -440,6 +539,7 @@ No
</div>
</div>
<a name="link_term_dontaudit_use_unallocated_tty"></a>
<div id="interface">
@ -482,6 +582,7 @@ No
</div>
</div>
<a name="link_term_getattr_all_user_ptys"></a>
<div id="interface">
@ -524,6 +625,7 @@ No
</div>
</div>
<a name="link_term_getattr_all_user_ttys"></a>
<div id="interface">
@ -566,6 +668,7 @@ No
</div>
</div>
<a name="link_term_getattr_unallocated_ttys"></a>
<div id="interface">
@ -608,6 +711,7 @@ No
</div>
</div>
<a name="link_term_list_ptys"></a>
<div id="interface">
@ -650,6 +754,7 @@ No
</div>
</div>
<a name="link_term_login_pty"></a>
<div id="interface">
@ -692,6 +797,7 @@ No
</div>
</div>
<a name="link_term_pty"></a>
<div id="interface">
@ -733,6 +839,7 @@ No
</div>
</div>
<a name="link_term_relabel_all_user_ptys"></a>
<div id="interface">
@ -775,6 +882,7 @@ No
</div>
</div>
<a name="link_term_relabel_all_user_ttys"></a>
<div id="interface">
@ -817,6 +925,7 @@ No
</div>
</div>
<a name="link_term_relabel_unallocated_ttys"></a>
<div id="interface">
@ -859,6 +968,49 @@ No
</div>
</div>
<a name="link_term_relabelto_all_user_ptys"></a>
<div id="interface">
<div id="codeblock">
<b>term_relabelto_all_user_ptys</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel to all user ptys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_term_reset_tty_labels"></a>
<div id="interface">
@ -901,6 +1053,50 @@ No
</div>
</div>
<a name="link_term_setattr_all_user_ptys"></a>
<div id="interface">
<div id="codeblock">
<b>term_setattr_all_user_ptys</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set the attributes of all user
pty device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_term_setattr_all_user_ttys"></a>
<div id="interface">
@ -943,6 +1139,7 @@ No
</div>
</div>
<a name="link_term_setattr_console"></a>
<div id="interface">
@ -985,6 +1182,7 @@ No
</div>
</div>
<a name="link_term_setattr_unallocated_ttys"></a>
<div id="interface">
@ -1027,6 +1225,7 @@ No
</div>
</div>
<a name="link_term_tty"></a>
<div id="interface">
@ -1068,6 +1267,7 @@ No
</div>
</div>
<a name="link_term_use_all_terms"></a>
<div id="interface">
@ -1110,6 +1310,7 @@ No
</div>
</div>
<a name="link_term_use_all_user_ptys"></a>
<div id="interface">
@ -1151,6 +1352,7 @@ No
</div>
</div>
<a name="link_term_use_all_user_ttys"></a>
<div id="interface">
@ -1192,6 +1394,7 @@ No
</div>
</div>
<a name="link_term_use_console"></a>
<div id="interface">
@ -1233,6 +1436,7 @@ No
</div>
</div>
<a name="link_term_use_controlling_term"></a>
<div id="interface">
@ -1275,6 +1479,7 @@ No
</div>
</div>
<a name="link_term_use_generic_pty"></a>
<div id="interface">
@ -1318,6 +1523,7 @@ No
</div>
</div>
<a name="link_term_use_unallocated_tty"></a>
<div id="interface">
@ -1359,6 +1565,7 @@ No
</div>
</div>
<a name="link_term_user_pty"></a>
<div id="interface">
@ -1421,6 +1628,7 @@ No
</div>
</div>
<a name="link_term_write_all_user_ttys"></a>
<div id="interface">
@ -1462,6 +1670,7 @@ No
</div>
</div>
<a name="link_term_write_console"></a>
<div id="interface">
@ -1503,6 +1712,7 @@ No
</div>
</div>
<a name="link_term_write_unallocated_ttys"></a>
<div id="interface">

24
www/api-docs/services.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,15 +67,27 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h1>Layer: services</h1><p/>
<p><p>
Policy modules for system services, like cron, and network services,
like sshd.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -111,6 +126,11 @@
nis</a></td>
<td><p>Policy for NIS (YP) servers and clients</p></td>
<tr><td>
<a href='services_nscd.html'>
nscd</a></td>
<td><p>Name service cache daemon</p></td>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>

21
www/api-docs/services_cron.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,11 +83,9 @@
<h1>Layer: services</h1><p/>
<h2>Module: cron</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>Periodic execution of scheduled commands.</p></p>
@ -88,6 +95,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_cron_read_pipe"></a>
<div id="interface">
@ -129,6 +137,7 @@ No
</div>
</div>
<a name="link_cron_rw_log"></a>
<div id="interface">
@ -170,6 +179,7 @@ No
</div>
</div>
<a name="link_cron_search_spool"></a>
<div id="interface">
@ -211,6 +221,7 @@ No
</div>
</div>
<a name="link_cron_system_entry"></a>
<div id="interface">
@ -278,6 +289,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_cron_admin_template"></a>
<div id="template">
@ -328,6 +340,7 @@ No
</div>
</div>
<a name="link_cron_per_userdomain_template"></a>
<div id="template">

61
www/api-docs/services_inetd.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +83,6 @@
<h1>Layer: services</h1><p/>
<h2>Module: inetd</h2><p/>
<h3>Description:</h3>
<p><p>Internet services daemon.</p></p>
@ -85,6 +92,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_inetd_core_service_domain"></a>
<div id="interface">
@ -153,6 +161,7 @@ No
</div>
</div>
<a name="link_inetd_service_domain"></a>
<div id="interface">
@ -212,6 +221,49 @@ No
</div>
</div>
<a name="link_inetd_tcp_connectto"></a>
<div id="interface">
<div id="codeblock">
<b>inetd_tcp_connectto</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Connect to the inetd service using a TCP connection.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_inetd_tcp_service_domain"></a>
<div id="interface">
@ -271,6 +323,7 @@ No
</div>
</div>
<a name="link_inetd_udp_service_domain"></a>
<div id="interface">

31
www/api-docs/services_kerberos.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +83,6 @@
<h1>Layer: services</h1><p/>
<h2>Module: kerberos</h2><p/>
<h3>Description:</h3>
<p><p>
@ -84,10 +91,20 @@ This policy supports:
</p><p>
</p><p>
Servers:
</p><ul><li>kadmind</li><li>krb5kdc</li></ul><p>
<ul><p>
</p><li><p>kadmind</p></li><p>
</p><li><p>krb5kdc</p></li><p>
</p></ul>
</p><p>
</p><p>
Clients:
</p><ul><li>kinit</li><li>kdestroy</li><li>klist</li><li>ksu (incomplete)</li></ul><p>
<ul><p>
</p><li><p>kinit</p></li><p>
</p><li><p>kdestroy</p></li><p>
</p><li><p>klist</p></li><p>
</p><li><p>ksu (incomplete)</p></li><p>
</p></ul>
</p><p>
</p></p>
@ -95,6 +112,7 @@ Clients:
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_kerberos_read_conf"></a>
<div id="interface">
@ -136,6 +154,7 @@ No
</div>
</div>
<a name="link_kerberos_use"></a>
<div id="interface">

69
www/api-docs/services_mta.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,11 +83,9 @@
<h1>Layer: services</h1><p/>
<h2>Module: mta</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>Policy common to all email tranfer agents.</p></p>
@ -88,6 +95,50 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_mta_dontaudit_read_spool_symlink"></a>
<div id="interface">
<div id="codeblock">
<b>mta_dontaudit_read_spool_symlink</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read a symlink
in the mail spool.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_mta_exec"></a>
<div id="interface">
@ -129,6 +180,7 @@ No
</div>
</div>
<a name="link_mta_getattr_spool"></a>
<div id="interface">
@ -170,6 +222,7 @@ No
</div>
</div>
<a name="link_mta_mailserver"></a>
<div id="interface">
@ -211,6 +264,7 @@ No
</div>
</div>
<a name="link_mta_manage_queue"></a>
<div id="interface">
@ -252,6 +306,7 @@ No
</div>
</div>
<a name="link_mta_manage_spool"></a>
<div id="interface">
@ -293,6 +348,7 @@ No
</div>
</div>
<a name="link_mta_read_aliases"></a>
<div id="interface">
@ -334,6 +390,7 @@ No
</div>
</div>
<a name="link_mta_rw_aliases"></a>
<div id="interface">
@ -375,6 +432,7 @@ No
</div>
</div>
<a name="link_mta_rw_spool"></a>
<div id="interface">
@ -416,6 +474,7 @@ No
</div>
</div>
<a name="link_mta_send_mail"></a>
<div id="interface">
@ -457,6 +516,7 @@ No
</div>
</div>
<a name="link_mta_sendmail_mailserver"></a>
<div id="interface">
@ -540,6 +600,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_mta_per_userdomain_template"></a>
<div id="template">

18
www/api-docs/services_nis.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +83,6 @@
<h1>Layer: services</h1><p/>
<h2>Module: nis</h2><p/>
<h3>Description:</h3>
<p><p>Policy for NIS (YP) servers and clients</p></p>
@ -85,6 +92,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_nis_list_var_yp"></a>
<div id="interface">
@ -126,6 +134,7 @@ No
</div>
</div>
<a name="link_nis_udp_sendto_ypbind"></a>
<div id="interface">
@ -167,6 +176,7 @@ No
</div>
</div>
<a name="link_nis_use_ypbind"></a>
<div id="interface">

314
www/api-docs/services_nscd.html Normal file
View File

@ -0,0 +1,314 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: nscd</h2><p/>
<h3>Description:</h3>
<p><p>Name service cache daemon</p></p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_nscd_domtrans"></a>
<div id="interface">
<div id="codeblock">
<b>nscd_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute NSCD in the nscd domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_nscd_read_pid"></a>
<div id="interface">
<div id="codeblock">
<b>nscd_read_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read NSCD pid file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_nscd_unconfined"></a>
<div id="interface">
<div id="codeblock">
<b>nscd_unconfined</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Unconfined access to NSCD services.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_nscd_use_shared_mem"></a>
<div id="interface">
<div id="codeblock">
<b>nscd_use_shared_mem</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Use NSCD services by mapping the database from
an inherited NSCD file descriptor.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_nscd_use_socket"></a>
<div id="interface">
<div id="codeblock">
<b>nscd_use_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Use NSCD services by connecting using
a unix stream socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

16
www/api-docs/services_remotelogin.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +83,6 @@
<h1>Layer: services</h1><p/>
<h2>Module: remotelogin</h2><p/>
<h3>Description:</h3>
<p><p>Policy for rshd, rlogind, and telnetd.</p></p>
@ -85,6 +92,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_remotelogin_domtrans"></a>
<div id="interface">

16
www/api-docs/services_sendmail.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,8 +83,6 @@
<h1>Layer: services</h1><p/>
<h2>Module: sendmail</h2><p/>
<h3>Description:</h3>
<p><p>Policy for sendmail.</p></p>
@ -85,6 +92,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_sendmail_domtrans"></a>
<div id="interface">

18
www/api-docs/services_ssh.html
View File

@ -46,6 +46,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -64,9 +67,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -74,11 +83,9 @@
<h1>Layer: services</h1><p/>
<h2>Module: ssh</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>Secure shell client and server policy.</p></p>
@ -88,6 +95,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_ssh_dontaudit_read_server_keys"></a>
<div id="interface">
@ -134,6 +142,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_ssh_per_userdomain_template"></a>
<div id="template">
@ -190,6 +199,7 @@ No
</div>
</div>
<a name="link_ssh_server_template"></a>
<div id="template">

39
www/api-docs/system.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,15 +118,26 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<p><p>
Policy modules for system functions from init to multi-user login.
</p></p><br/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -192,6 +212,11 @@ connection and disconnection of devices at runtime.
init</a></td>
<td><p>System initialization programs (init and init scripts).</p></td>
<tr><td>
<a href='system_ipsec.html'>
ipsec</a></td>
<td><p>TCP/IP encryption</p></td>
<tr><td>
<a href='system_iptables.html'>
iptables</a></td>
@ -232,6 +257,16 @@ connection and disconnection of devices at runtime.
mount</a></td>
<td><p>Policy for mount.</p></td>
<tr><td>
<a href='system_pcmcia.html'>
pcmcia</a></td>
<td><p>PCMCIA card management services</p></td>
<tr><td>
<a href='system_raid.html'>
raid</a></td>
<td><p>RAID array management tools</p></td>
<tr><td>
<a href='system_selinuxutil.html'>
selinuxutil</a></td>

155
www/api-docs/system_authlogin.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,11 +134,9 @@
<h1>Layer: system</h1><p/>
<h2>Module: authlogin</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>Common policy for authentication and user login.</p></p>
@ -133,6 +146,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_auth_delete_pam_pid"></a>
<div id="interface">
@ -174,6 +188,7 @@ No
</div>
</div>
<a name="link_auth_domtrans_chk_passwd"></a>
<div id="interface">
@ -215,6 +230,7 @@ No
</div>
</div>
<a name="link_auth_domtrans_login_program"></a>
<div id="interface">
@ -274,6 +290,7 @@ No
</div>
</div>
<a name="link_auth_domtrans_pam"></a>
<div id="interface">
@ -315,6 +332,7 @@ No
</div>
</div>
<a name="link_auth_domtrans_pam_console"></a>
<div id="interface">
@ -356,6 +374,7 @@ No
</div>
</div>
<a name="link_auth_domtrans_utempter"></a>
<div id="interface">
@ -397,6 +416,7 @@ No
</div>
</div>
<a name="link_auth_dontaudit_getattr_shadow"></a>
<div id="interface">
@ -414,12 +434,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of the shadow passwords file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -428,7 +449,7 @@ No
domain
</td><td>
The type of the process performing this action.
Domain to not audit.
</td><td>
No
@ -438,6 +459,7 @@ No
</div>
</div>
<a name="link_auth_dontaudit_read_shadow"></a>
<div id="interface">
@ -480,6 +502,7 @@ No
</div>
</div>
<a name="link_auth_dontaudit_write_login_records"></a>
<div id="interface">
@ -521,6 +544,7 @@ No
</div>
</div>
<a name="link_auth_exec_pam"></a>
<div id="interface">
@ -562,6 +586,49 @@ No
</div>
</div>
<a name="link_auth_getattr_shadow"></a>
<div id="interface">
<div id="codeblock">
<b>auth_getattr_shadow</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of the shadow passwords file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_auth_list_pam_console_data"></a>
<div id="interface">
@ -603,6 +670,7 @@ No
</div>
</div>
<a name="link_auth_login_entry_type"></a>
<div id="interface">
@ -644,6 +712,7 @@ No
</div>
</div>
<a name="link_auth_manage_all_files_except_shadow"></a>
<div id="interface">
@ -709,6 +778,7 @@ yes
</div>
</div>
<a name="link_auth_manage_login_records"></a>
<div id="interface">
@ -750,6 +820,7 @@ No
</div>
</div>
<a name="link_auth_manage_pam_console_data"></a>
<div id="interface">
@ -791,6 +862,7 @@ No
</div>
</div>
<a name="link_auth_manage_shadow"></a>
<div id="interface">
@ -832,6 +904,7 @@ No
</div>
</div>
<a name="link_auth_read_login_records"></a>
<div id="interface">
@ -873,6 +946,7 @@ No
</div>
</div>
<a name="link_auth_read_pam_console_data"></a>
<div id="interface">
@ -914,6 +988,7 @@ No
</div>
</div>
<a name="link_auth_read_pam_pid"></a>
<div id="interface">
@ -955,6 +1030,7 @@ No
</div>
</div>
<a name="link_auth_read_shadow"></a>
<div id="interface">
@ -996,6 +1072,7 @@ No
</div>
</div>
<a name="link_auth_relabel_all_files_except_shadow"></a>
<div id="interface">
@ -1061,6 +1138,7 @@ yes
</div>
</div>
<a name="link_auth_relabelto_shadow"></a>
<div id="interface">
@ -1102,6 +1180,7 @@ No
</div>
</div>
<a name="link_auth_run_pam"></a>
<div id="interface">
@ -1179,6 +1258,7 @@ No
</div>
</div>
<a name="link_auth_run_utempter"></a>
<div id="interface">
@ -1256,6 +1336,7 @@ No
</div>
</div>
<a name="link_auth_rw_faillog"></a>
<div id="interface">
@ -1297,6 +1378,7 @@ No
</div>
</div>
<a name="link_auth_rw_lastlog"></a>
<div id="interface">
@ -1338,6 +1420,7 @@ No
</div>
</div>
<a name="link_auth_rw_login_records"></a>
<div id="interface">
@ -1379,6 +1462,7 @@ No
</div>
</div>
<a name="link_auth_rw_shadow"></a>
<div id="interface">
@ -1420,6 +1504,60 @@ No
</div>
</div>
<a name="link_auth_unconfined"></a>
<div id="interface">
<div id="codeblock">
<b>auth_unconfined</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Unconfined access to the authlogin module.
</p>
<h5>Description</h5>
<p>
</p><p>
Unconfined access to the authlogin module.
</p><p>
</p><p>
Currently, this only allows assertions for
the shadow passwords file (/etc/shadow) to
be passed. No access is granted yet.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
@ -1427,6 +1565,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_authlogin_per_userdomain_template"></a>
<div id="template">

25
www/api-docs/system_clock.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: clock</h2><p/>
<h3>Description:</h3>
<p><p>Policy for reading and setting the hardware clock.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_clock_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_clock_exec"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_clock_run"></a>
<div id="interface">
@ -290,6 +306,7 @@ No
</div>
</div>
<a name="link_clock_rw_adjtime"></a>
<div id="interface">

478
www/api-docs/system_corecommands.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: corecommands</h2><p/>
<h3>Description:</h3>
<p><p>
@ -133,53 +146,13 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_corecmd_bin_domtrans"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_chroot_exec_chroot</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_domtrans_shell</b>(
<b>corecmd_bin_domtrans</b>(
@ -199,10 +172,31 @@ No
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute a file in a bin directory
in the specified domain.
</p>
<h5>Description</h5>
<p>
Execute a shell in the target domain.
</p><p>
Execute a file in a bin directory
in the specified domain. This allows
the specified domain to execute any file
on these filesystems in the specified
domain. This is not suggested.
</p><p>
</p><p>
No interprocess communication (signals, pipes,
etc.) is provided by this interface since
the domains are not owned by this module.
</p><p>
</p><p>
This interface was added to handle
the ssh-agent policy.
</p><p>
</p>
<h5>Parameters</h5>
@ -223,7 +217,7 @@ No
target_domain
</td><td>
The type of the shell process.
The type of the new process.
</td><td>
No
@ -233,6 +227,7 @@ No
</div>
</div>
<a name="link_corecmd_dontaudit_getattr_sbin_file"></a>
<div id="interface">
@ -274,6 +269,7 @@ No
</div>
</div>
<a name="link_corecmd_exec_bin"></a>
<div id="interface">
@ -315,6 +311,49 @@ No
</div>
</div>
<a name="link_corecmd_exec_chroot"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_exec_chroot</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_exec_ls"></a>
<div id="interface">
@ -356,6 +395,7 @@ No
</div>
</div>
<a name="link_corecmd_exec_sbin"></a>
<div id="interface">
@ -397,6 +437,7 @@ No
</div>
</div>
<a name="link_corecmd_exec_shell"></a>
<div id="interface">
@ -438,6 +479,7 @@ No
</div>
</div>
<a name="link_corecmd_getattr_bin_file"></a>
<div id="interface">
@ -479,6 +521,7 @@ No
</div>
</div>
<a name="link_corecmd_getattr_sbin_file"></a>
<div id="interface">
@ -520,6 +563,7 @@ No
</div>
</div>
<a name="link_corecmd_list_bin"></a>
<div id="interface">
@ -561,6 +605,7 @@ No
</div>
</div>
<a name="link_corecmd_list_sbin"></a>
<div id="interface">
@ -602,6 +647,133 @@ No
</div>
</div>
<a name="link_corecmd_read_bin_file"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_bin_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in bin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_read_bin_pipe"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_bin_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read pipes in bin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_read_bin_socket"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_bin_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read named sockets in bin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_read_bin_symlink"></a>
<div id="interface">
@ -643,6 +815,133 @@ No
</div>
</div>
<a name="link_corecmd_read_sbin_file"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_sbin_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in sbin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_read_sbin_pipe"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_sbin_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read named pipes in sbin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_read_sbin_socket"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_sbin_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read named sockets in sbin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_read_sbin_symlink"></a>
<div id="interface">
@ -684,6 +983,7 @@ No
</div>
</div>
<a name="link_corecmd_search_bin"></a>
<div id="interface">
@ -725,6 +1025,7 @@ No
</div>
</div>
<a name="link_corecmd_search_sbin"></a>
<div id="interface">
@ -766,6 +1067,79 @@ No
</div>
</div>
<a name="link_corecmd_shell_domtrans"></a>
<div id="interface">
<div id="codeblock">
<b>corecmd_shell_domtrans</b>(
domain
,
target_domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute a shell in the specified domain.
</p>
<h5>Description</h5>
<p>
</p><p>
Execute a shell in the specified domain.
</p><p>
</p><p>
No interprocess communication (signals, pipes,
etc.) is provided by this interface since
the domains are not owned by this module.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
target_domain
</td><td>
The type of the shell process.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_corecmd_shell_entry_type"></a>
<div id="interface">
@ -807,6 +1181,7 @@ No
</div>
</div>
<a name="link_corecmd_shell_spec_domtrans"></a>
<div id="interface">
@ -835,9 +1210,16 @@ No
<h5>Description</h5>
<p>
</p><p>
Execute a shell in the target domain. This
is an explicit transition, requiring the
caller to use setexeccon().
</p><p>
</p><p>
No interprocess communication (signals, pipes,
etc.) is provided by this interface since
the domains are not owned by this module.
</p><p>
</p>
<h5>Parameters</h5>

348
www/api-docs/system_domain.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,11 +134,9 @@
<h1>Layer: system</h1><p/>
<h2>Module: domain</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>Core policy for domains.</p></p>
@ -135,6 +148,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_domain_base_domain_type"></a>
<div id="interface">
@ -176,6 +190,62 @@ No
</div>
</div>
<a name="link_domain_dontaudit_getattr_all_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getattr_all_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all domains sockets, for all socket types.
</p>
<h5>Description</h5>
<p>
</p><p>
Do not audit attempts to get the attributes
of all domains sockets, for all socket types.
</p><p>
</p><p>
This interface was added for PCMCIA cardmgr
and is probably excessive.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_domain_dontaudit_getattr_all_tcp_sockets"></a>
<div id="interface">
@ -193,13 +263,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all domains TCP sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -218,6 +288,7 @@ No
</div>
</div>
<a name="link_domain_dontaudit_getattr_all_udp_sockets"></a>
<div id="interface">
@ -235,13 +306,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all domains UDP sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -260,6 +331,7 @@ No
</div>
</div>
<a name="link_domain_dontaudit_getattr_all_unix_dgram_sockets"></a>
<div id="interface">
@ -302,6 +374,7 @@ No
</div>
</div>
<a name="link_domain_dontaudit_getattr_all_unnamed_pipes"></a>
<div id="interface">
@ -344,6 +417,50 @@ No
</div>
</div>
<a name="link_domain_dontaudit_getsession_all_domains"></a>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getsession_all_domains</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the
session ID of all domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_domain_dontaudit_list_all_domains_proc"></a>
<div id="interface">
@ -386,6 +503,136 @@ No
</div>
</div>
<a name="link_domain_dontaudit_read_all_domains_state"></a>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_read_all_domains_state</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read the process
state (/proc/pid) of all domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_domain_dontaudit_rw_all_key_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_rw_all_key_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
all domains key sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_domain_dontaudit_rw_all_udp_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_rw_all_udp_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
all domains UDP sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_domain_dontaudit_use_wide_inherit_fd"></a>
<div id="interface">
@ -427,6 +674,7 @@ No
</div>
</div>
<a name="link_domain_dyntrans_type"></a>
<div id="interface">
@ -468,6 +716,7 @@ No
</div>
</div>
<a name="link_domain_entry_file"></a>
<div id="interface">
@ -509,6 +758,7 @@ No
</div>
</div>
<a name="link_domain_exec_all_entry_files"></a>
<div id="interface">
@ -550,6 +800,62 @@ No
</div>
</div>
<a name="link_domain_getattr_all_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>domain_getattr_all_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all domains
sockets, for all socket types.
</p>
<h5>Description</h5>
<p>
</p><p>
Get the attributes of all domains
sockets, for all socket types.
</p><p>
</p><p>
This is commonly used for domains
that can use lsof on all domains.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_domain_getsession_all_domains"></a>
<div id="interface">
@ -567,12 +873,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Get the session ID of all domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -591,6 +897,7 @@ No
</div>
</div>
<a name="link_domain_kill_all_domains"></a>
<div id="interface">
@ -632,6 +939,7 @@ No
</div>
</div>
<a name="link_domain_obj_id_change_exempt"></a>
<div id="interface">
@ -674,6 +982,7 @@ No
</div>
</div>
<a name="link_domain_read_all_domains_state"></a>
<div id="interface">
@ -691,12 +1000,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read the process state (/proc/pid) of all domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -715,6 +1024,7 @@ No
</div>
</div>
<a name="link_domain_read_all_entry_files"></a>
<div id="interface">
@ -756,6 +1066,7 @@ No
</div>
</div>
<a name="link_domain_role_change_exempt"></a>
<div id="interface">
@ -798,6 +1109,7 @@ No
</div>
</div>
<a name="link_domain_setpriority_all_domains"></a>
<div id="interface">
@ -839,6 +1151,7 @@ No
</div>
</div>
<a name="link_domain_sigchld_all_domains"></a>
<div id="interface">
@ -880,6 +1193,7 @@ No
</div>
</div>
<a name="link_domain_sigchld_wide_inherit_fd"></a>
<div id="interface">
@ -922,6 +1236,7 @@ No
</div>
</div>
<a name="link_domain_signal_all_domains"></a>
<div id="interface">
@ -963,6 +1278,7 @@ No
</div>
</div>
<a name="link_domain_signull_all_domains"></a>
<div id="interface">
@ -1004,6 +1320,7 @@ No
</div>
</div>
<a name="link_domain_sigstop_all_domains"></a>
<div id="interface">
@ -1045,6 +1362,7 @@ No
</div>
</div>
<a name="link_domain_subj_id_change_exempt"></a>
<div id="interface">
@ -1087,6 +1405,7 @@ No
</div>
</div>
<a name="link_domain_type"></a>
<div id="interface">
@ -1128,6 +1447,7 @@ No
</div>
</div>
<a name="link_domain_unconfined"></a>
<div id="interface">
@ -1169,6 +1489,7 @@ No
</div>
</div>
<a name="link_domain_use_wide_inherit_fd"></a>
<div id="interface">
@ -1210,6 +1531,7 @@ No
</div>
</div>
<a name="link_domain_wide_inherit_fd"></a>
<div id="interface">
@ -1258,6 +1580,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_domain_auto_trans"></a>
<div id="template">
@ -1299,6 +1622,7 @@ No
</div>
</div>
<a name="link_domain_trans"></a>
<div id="template">

1668
www/api-docs/system_files.html
View File

File diff suppressed because it is too large Load Diff

24
www/api-docs/system_fstools.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: fstools</h2><p/>
<h3>Description:</h3>
<p><p>Tools for filesystem management, such as mkfs and fsck.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_fstools_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_fstools_exec"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_fstools_run"></a>
<div id="interface">

25
www/api-docs/system_getty.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: getty</h2><p/>
<h3>Description:</h3>
<p><p>Policy for getty.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_getty_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_getty_modify_config"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_getty_read_config"></a>
<div id="interface">
@ -253,6 +269,7 @@ No
</div>
</div>
<a name="link_getty_read_log"></a>
<div id="interface">

41
www/api-docs/system_hostname.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: hostname</h2><p/>
<h3>Description:</h3>
<p><p>Policy for changing the system host name.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_hostname_domtrans"></a>
<div id="interface">
@ -147,12 +161,12 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute hostname in the hostname domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -162,7 +176,6 @@ domain
</td><td>
The type of the process performing this action.
Has a sigchld signal backchannel.
</td><td>
No
@ -172,6 +185,7 @@ No
</div>
</div>
<a name="link_hostname_exec"></a>
<div id="interface">
@ -189,13 +203,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute hostname in the hostname domain, and
Has a sigchld signal backchannel.
Execute hostname in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -214,6 +227,7 @@ No
</div>
</div>
<a name="link_hostname_run"></a>
<div id="interface">
@ -247,14 +261,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute hostname in the hostname domain, and
allow the specified role the hostname domain.
Has a sigchld signal backchannel.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>

115
www/api-docs/system_hotplug.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: hotplug</h2><p/>
<h3>Description:</h3>
<p><p>
@ -133,6 +146,7 @@ connection and disconnection of devices at runtime.
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_hotplug_domtrans"></a>
<div id="interface">
@ -174,6 +188,7 @@ No
</div>
</div>
<a name="link_hotplug_dontaudit_search_config"></a>
<div id="interface">
@ -215,6 +230,7 @@ No
</div>
</div>
<a name="link_hotplug_dontaudit_use_fd"></a>
<div id="interface">
@ -256,6 +272,7 @@ No
</div>
</div>
<a name="link_hotplug_exec"></a>
<div id="interface">
@ -297,6 +314,49 @@ No
</div>
</div>
<a name="link_hotplug_getattr_config_dir"></a>
<div id="interface">
<div id="codeblock">
<b>hotplug_getattr_config_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of the hotplug configuration directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_hotplug_read_config"></a>
<div id="interface">
@ -314,12 +374,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read the configuration files for hotplug.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -338,6 +398,49 @@ No
</div>
</div>
<a name="link_hotplug_search_config"></a>
<div id="interface">
<div id="codeblock">
<b>hotplug_search_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the hotplug configuration directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_hotplug_use_fd"></a>
<div id="interface">

50
www/api-docs/system_init.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: init</h2><p/>
<h3>Description:</h3>
<p><p>System initialization programs (init and init scripts).</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_init_daemon_domain"></a>
<div id="interface">
@ -190,6 +204,7 @@ No
</div>
</div>
<a name="link_init_domain"></a>
<div id="interface">
@ -249,6 +264,7 @@ No
</div>
</div>
<a name="link_init_domtrans"></a>
<div id="interface">
@ -290,6 +306,7 @@ No
</div>
</div>
<a name="link_init_domtrans_script"></a>
<div id="interface">
@ -331,6 +348,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_getattr_initctl"></a>
<div id="interface">
@ -372,6 +390,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_rw_script_pid"></a>
<div id="interface">
@ -413,6 +432,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_use_fd"></a>
<div id="interface">
@ -454,6 +474,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_use_initctl"></a>
<div id="interface">
@ -495,6 +516,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_use_script_fd"></a>
<div id="interface">
@ -536,6 +558,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_use_script_pty"></a>
<div id="interface">
@ -577,6 +600,7 @@ No
</div>
</div>
<a name="link_init_dontaudit_write_script_pid"></a>
<div id="interface">
@ -618,6 +642,7 @@ No
</div>
</div>
<a name="link_init_exec_script"></a>
<div id="interface">
@ -659,6 +684,7 @@ No
</div>
</div>
<a name="link_init_get_process_group"></a>
<div id="interface">
@ -700,6 +726,7 @@ No
</div>
</div>
<a name="link_init_get_script_process_group"></a>
<div id="interface">
@ -741,6 +768,7 @@ No
</div>
</div>
<a name="link_init_getattr_initctl"></a>
<div id="interface">
@ -782,6 +810,7 @@ No
</div>
</div>
<a name="link_init_read_script_pid"></a>
<div id="interface">
@ -823,6 +852,7 @@ No
</div>
</div>
<a name="link_init_read_script_process_state"></a>
<div id="interface">
@ -864,6 +894,7 @@ No
</div>
</div>
<a name="link_init_run_daemon"></a>
<div id="interface">
@ -941,6 +972,7 @@ No
</div>
</div>
<a name="link_init_rw_script_pid"></a>
<div id="interface">
@ -982,6 +1014,7 @@ No
</div>
</div>
<a name="link_init_rw_script_pipe"></a>
<div id="interface">
@ -1023,6 +1056,7 @@ No
</div>
</div>
<a name="link_init_rw_script_tmp_files"></a>
<div id="interface">
@ -1064,6 +1098,7 @@ No
</div>
</div>
<a name="link_init_sigchld"></a>
<div id="interface">
@ -1105,6 +1140,7 @@ No
</div>
</div>
<a name="link_init_system_domain"></a>
<div id="interface">
@ -1165,6 +1201,7 @@ No
</div>
</div>
<a name="link_init_udp_sendto_script"></a>
<div id="interface">
@ -1206,6 +1243,7 @@ No
</div>
</div>
<a name="link_init_use_fd"></a>
<div id="interface">
@ -1247,6 +1285,7 @@ No
</div>
</div>
<a name="link_init_use_initctl"></a>
<div id="interface">
@ -1288,6 +1327,7 @@ No
</div>
</div>
<a name="link_init_use_script_fd"></a>
<div id="interface">
@ -1329,6 +1369,7 @@ No
</div>
</div>
<a name="link_init_use_script_pty"></a>
<div id="interface">
@ -1370,6 +1411,7 @@ No
</div>
</div>
<a name="link_init_write_initctl"></a>
<div id="interface">

405
www/api-docs/system_ipsec.html Normal file
View File

@ -0,0 +1,405 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_unconfined.html'>
unconfined</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: ipsec</h2><p/>
<h3>Description:</h3>
<p><p>TCP/IP encryption</p></p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_ipsec_connectto_unix_stream_socket"></a>
<div id="interface">
<div id="codeblock">
<b>ipsec_connectto_unix_stream_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Connect to an IPSEC unix domain stream socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_ipsec_domtrans"></a>
<div id="interface">
<div id="codeblock">
<b>ipsec_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute ipsec in the ipsec domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_ipsec_exec_mgmt"></a>
<div id="interface">
<div id="codeblock">
<b>ipsec_exec_mgmt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute the IPSEC management program in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_ipsec_getattr_key_socket"></a>
<div id="interface">
<div id="codeblock">
<b>ipsec_getattr_key_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of an IPSEC key socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_ipsec_manage_pid"></a>
<div id="interface">
<div id="codeblock">
<b>ipsec_manage_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete the IPSEC pid files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_ipsec_read_config"></a>
<div id="interface">
<div id="codeblock">
<b>ipsec_read_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the IPSEC configuration
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

24
www/api-docs/system_iptables.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: iptables</h2><p/>
<h3>Description:</h3>
<p><p>Policy for iptables.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_iptables_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_iptables_exec"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_iptables_run"></a>
<div id="interface">

32
www/api-docs/system_libraries.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: libraries</h2><p/>
<h3>Description:</h3>
<p><p>Policy for system libraries.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_libs_domtrans_ldconfig"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_libs_exec_ld_so"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_libs_exec_lib_files"></a>
<div id="interface">
@ -253,6 +269,7 @@ No
</div>
</div>
<a name="link_libs_legacy_use_ld_so"></a>
<div id="interface">
@ -295,6 +312,7 @@ No
</div>
</div>
<a name="link_libs_legacy_use_shared_libs"></a>
<div id="interface">
@ -337,6 +355,7 @@ No
</div>
</div>
<a name="link_libs_read_lib"></a>
<div id="interface">
@ -379,6 +398,7 @@ No
</div>
</div>
<a name="link_libs_run_ldconfig"></a>
<div id="interface">
@ -456,6 +476,7 @@ No
</div>
</div>
<a name="link_libs_rw_ld_so_cache"></a>
<div id="interface">
@ -498,6 +519,7 @@ No
</div>
</div>
<a name="link_libs_search_lib"></a>
<div id="interface">
@ -539,6 +561,7 @@ No
</div>
</div>
<a name="link_libs_use_ld_so"></a>
<div id="interface">
@ -581,6 +604,7 @@ No
</div>
</div>
<a name="link_libs_use_shared_libs"></a>
<div id="interface">

24
www/api-docs/system_locallogin.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: locallogin</h2><p/>
<h3>Description:</h3>
<p><p>Policy for local logins.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_locallogin_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_locallogin_signull"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_locallogin_use_fd"></a>
<div id="interface">

76
www/api-docs/system_logging.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: logging</h2><p/>
<h3>Description:</h3>
<p><p>Policy for the kernel message logger and system logging daemon.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_logging_append_all_logs"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_logging_create_log"></a>
<div id="interface">
@ -212,6 +227,49 @@ No
</div>
</div>
<a name="link_logging_domtrans_syslog"></a>
<div id="interface">
<div id="codeblock">
<b>logging_domtrans_syslog</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute syslogd in the syslog domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_getattr_all_logs"></a>
<div id="interface">
@ -253,6 +311,7 @@ No
</div>
</div>
<a name="link_logging_exec_all_logs"></a>
<div id="interface">
@ -294,6 +353,7 @@ No
</div>
</div>
<a name="link_logging_log_file"></a>
<div id="interface">
@ -335,6 +395,7 @@ No
</div>
</div>
<a name="link_logging_manage_all_logs"></a>
<div id="interface">
@ -376,6 +437,7 @@ No
</div>
</div>
<a name="link_logging_read_all_logs"></a>
<div id="interface">
@ -417,6 +479,7 @@ No
</div>
</div>
<a name="link_logging_read_generic_logs"></a>
<div id="interface">
@ -458,6 +521,7 @@ No
</div>
</div>
<a name="link_logging_rw_generic_logs"></a>
<div id="interface">
@ -499,6 +563,7 @@ No
</div>
</div>
<a name="link_logging_rw_log_dir"></a>
<div id="interface">
@ -540,6 +605,7 @@ No
</div>
</div>
<a name="link_logging_search_logs"></a>
<div id="interface">
@ -583,6 +649,7 @@ No
</div>
</div>
<a name="link_logging_send_syslog_msg"></a>
<div id="interface">
@ -624,6 +691,7 @@ No
</div>
</div>
<a name="link_logging_write_generic_logs"></a>
<div id="interface">

24
www/api-docs/system_lvm.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: lvm</h2><p/>
<h3>Description:</h3>
<p><p>Policy for logical volume management programs.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_lvm_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_lvm_read_config"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_lvm_run"></a>
<div id="interface">

172
www/api-docs/system_miscfiles.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: miscfiles</h2><p/>
<h3>Description:</h3>
<p><p>Miscelaneous files.</p></p>
@ -130,6 +143,49 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_miscfiles_exec_tetex_data"></a>
<div id="interface">
<div id="codeblock">
<b>miscfiles_exec_tetex_data</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute TeX data programs in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_miscfiles_legacy_read_localization"></a>
<div id="interface">
@ -147,11 +203,11 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to read legacy time localization info
</p>
Allow process to read legacy time localization info
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -161,8 +217,8 @@
domain
</td><td>
Type type of the process performing this action.
Type type of the process performing this action.
</td><td>
No
</td></tr>
@ -171,6 +227,7 @@ No
</div>
</div>
<a name="link_miscfiles_read_fonts"></a>
<div id="interface">
@ -188,11 +245,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to read fonts files
</p>
Read fonts
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -202,8 +259,8 @@ No
domain
</td><td>
Type type of the process performing this action.
Type type of the process performing this action.
</td><td>
No
</td></tr>
@ -212,6 +269,7 @@ No
</div>
</div>
<a name="link_miscfiles_read_localization"></a>
<div id="interface">
@ -229,11 +287,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to read localization info
</p>
Allow process to read localization info
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -243,8 +301,8 @@ No
domain
</td><td>
Type type of the process performing this action.
Type type of the process performing this action.
</td><td>
No
</td></tr>
@ -253,6 +311,7 @@ No
</div>
</div>
<a name="link_miscfiles_read_man_pages"></a>
<div id="interface">
@ -270,11 +329,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to read manpages
</p>
Allow process to read man pages
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -284,8 +343,8 @@ No
domain
</td><td>
Type type of the process performing this action.
Type type of the process performing this action.
</td><td>
No
</td></tr>
@ -294,6 +353,49 @@ No
</div>
</div>
<a name="link_miscfiles_read_tetex_data"></a>
<div id="interface">
<div id="codeblock">
<b>miscfiles_read_tetex_data</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read TeX data
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Type type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_miscfiles_rw_man_cache"></a>
<div id="interface">
@ -311,12 +413,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to create files and dirs in /var/cache/man
and /var/catman/
</p>
Allow process to create files and dirs in /var/cache/man
and /var/catman/
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -326,8 +428,8 @@ No
domain
</td><td>
Type type of the process performing this action.
Type type of the process performing this action.
</td><td>
No
</td></tr>

32
www/api-docs/system_modutils.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: modutils</h2><p/>
<h3>Description:</h3>
<p><p>Policy for kernel module utilities</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_modutils_domtrans_depmod"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_modutils_domtrans_insmod"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_modutils_domtrans_update_mods"></a>
<div id="interface">
@ -253,6 +269,7 @@ No
</div>
</div>
<a name="link_modutils_exec_depmod"></a>
<div id="interface">
@ -294,6 +311,7 @@ No
</div>
</div>
<a name="link_modutils_exec_insmod"></a>
<div id="interface">
@ -335,6 +353,7 @@ No
</div>
</div>
<a name="link_modutils_exec_update_mods"></a>
<div id="interface">
@ -376,6 +395,7 @@ No
</div>
</div>
<a name="link_modutils_read_mods_deps"></a>
<div id="interface">
@ -417,6 +437,7 @@ No
</div>
</div>
<a name="link_modutils_read_module_conf"></a>
<div id="interface">
@ -459,6 +480,7 @@ No
</div>
</div>
<a name="link_modutils_run_depmod"></a>
<div id="interface">
@ -536,6 +558,7 @@ No
</div>
</div>
<a name="link_modutils_run_insmod"></a>
<div id="interface">
@ -616,6 +639,7 @@ No
</div>
</div>
<a name="link_modutils_run_update_mods"></a>
<div id="interface">

25
www/api-docs/system_mount.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: mount</h2><p/>
<h3>Description:</h3>
<p><p>Policy for mount.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_mount_domtrans"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_mount_run"></a>
<div id="interface">
@ -250,6 +265,7 @@ No
</div>
</div>
<a name="link_mount_send_nfs_client_request"></a>
<div id="interface">
@ -292,6 +308,7 @@ No
</div>
</div>
<a name="link_mount_use_fd"></a>
<div id="interface">

444
www/api-docs/system_pcmcia.html Normal file
View File

@ -0,0 +1,444 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_unconfined.html'>
unconfined</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: pcmcia</h2><p/>
<h3>Description:</h3>
<p><p>PCMCIA card management services</p></p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_pcmcia_domtrans_cardctl"></a>
<div id="interface">
<div id="codeblock">
<b>pcmcia_domtrans_cardctl</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute cardctl in the cardmgr domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_pcmcia_domtrans_cardmgr"></a>
<div id="interface">
<div id="codeblock">
<b>pcmcia_domtrans_cardmgr</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute cardmgr in the cardmgr domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_pcmcia_manage_pid"></a>
<div id="interface">
<div id="codeblock">
<b>pcmcia_manage_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete
cardmgr pid files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_pcmcia_manage_runtime_chr"></a>
<div id="interface">
<div id="codeblock">
<b>pcmcia_manage_runtime_chr</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete
cardmgr runtime character nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_pcmcia_read_pid"></a>
<div id="interface">
<div id="codeblock">
<b>pcmcia_read_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read cardmgr pid files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_pcmcia_run_cardctl"></a>
<div id="interface">
<div id="codeblock">
<b>pcmcia_run_cardctl</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute cardmgr in the cardctl domain, and
allow the specified role the cardmgr domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the cardmgr domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the cardmgr domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

247
www/api-docs/system_raid.html Normal file
View File

@ -0,0 +1,247 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_unconfined.html'>
unconfined</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: raid</h2><p/>
<h3>Description:</h3>
<p><p>RAID array management tools</p></p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_raid_domtrans_mdadm"></a>
<div id="interface">
<div id="codeblock">
<b>raid_domtrans_mdadm</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute software raid tools in the mdadm domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_raid_manage_mdadm_pid"></a>
<div id="interface">
<div id="codeblock">
<b>raid_manage_mdadm_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete the mdadm pid files.
</p>
<h5>Description</h5>
<p>
</p><p>
Create, read, write, and delete the mdadm pid files.
</p><p>
</p><p>
Added for use in the init module.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

96
www/api-docs/system_selinuxutil.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: selinuxutil</h2><p/>
<h3>Description:</h3>
<p><p>Policy for SELinux policy and userland applications.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_seutil_create_binary_pol"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_seutil_domtrans_checkpol"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_seutil_domtrans_loadpol"></a>
<div id="interface">
@ -253,6 +269,7 @@ No
</div>
</div>
<a name="link_seutil_domtrans_newrole"></a>
<div id="interface">
@ -294,6 +311,7 @@ No
</div>
</div>
<a name="link_seutil_domtrans_restorecon"></a>
<div id="interface">
@ -335,6 +353,7 @@ No
</div>
</div>
<a name="link_seutil_domtrans_runinit"></a>
<div id="interface">
@ -376,6 +395,7 @@ No
</div>
</div>
<a name="link_seutil_domtrans_setfiles"></a>
<div id="interface">
@ -417,6 +437,50 @@ No
</div>
</div>
<a name="link_seutil_dontaudit_search_config"></a>
<div id="interface">
<div id="codeblock">
<b>seutil_dontaudit_search_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the SELinux
configuration directory (/etc/selinux).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_seutil_dontaudit_signal_newrole"></a>
<div id="interface">
@ -459,6 +523,7 @@ No
</div>
</div>
<a name="link_seutil_exec_checkpol"></a>
<div id="interface">
@ -500,6 +565,7 @@ No
</div>
</div>
<a name="link_seutil_exec_loadpol"></a>
<div id="interface">
@ -541,6 +607,7 @@ No
</div>
</div>
<a name="link_seutil_exec_newrole"></a>
<div id="interface">
@ -582,6 +649,7 @@ No
</div>
</div>
<a name="link_seutil_exec_restorecon"></a>
<div id="interface">
@ -623,6 +691,7 @@ No
</div>
</div>
<a name="link_seutil_exec_setfiles"></a>
<div id="interface">
@ -664,6 +733,7 @@ No
</div>
</div>
<a name="link_seutil_manage_binary_pol"></a>
<div id="interface">
@ -705,6 +775,7 @@ No
</div>
</div>
<a name="link_seutil_manage_src_pol"></a>
<div id="interface">
@ -746,6 +817,7 @@ No
</div>
</div>
<a name="link_seutil_read_binary_pol"></a>
<div id="interface">
@ -787,6 +859,7 @@ No
</div>
</div>
<a name="link_seutil_read_config"></a>
<div id="interface">
@ -828,6 +901,7 @@ No
</div>
</div>
<a name="link_seutil_read_default_contexts"></a>
<div id="interface">
@ -869,6 +943,7 @@ No
</div>
</div>
<a name="link_seutil_read_file_contexts"></a>
<div id="interface">
@ -910,6 +985,7 @@ No
</div>
</div>
<a name="link_seutil_read_loadpol"></a>
<div id="interface">
@ -951,6 +1027,7 @@ No
</div>
</div>
<a name="link_seutil_read_src_pol"></a>
<div id="interface">
@ -992,6 +1069,7 @@ No
</div>
</div>
<a name="link_seutil_relabelto_binary_pol"></a>
<div id="interface">
@ -1033,6 +1111,7 @@ No
</div>
</div>
<a name="link_seutil_run_checkpol"></a>
<div id="interface">
@ -1113,6 +1192,7 @@ No
</div>
</div>
<a name="link_seutil_run_loadpol"></a>
<div id="interface">
@ -1193,6 +1273,7 @@ No
</div>
</div>
<a name="link_seutil_run_newrole"></a>
<div id="interface">
@ -1272,6 +1353,7 @@ No
</div>
</div>
<a name="link_seutil_run_restorecon"></a>
<div id="interface">
@ -1351,6 +1433,7 @@ No
</div>
</div>
<a name="link_seutil_run_runinit"></a>
<div id="interface">
@ -1430,6 +1513,7 @@ No
</div>
</div>
<a name="link_seutil_run_setfiles"></a>
<div id="interface">
@ -1509,6 +1593,7 @@ No
</div>
</div>
<a name="link_seutil_search_default_contexts"></a>
<div id="interface">
@ -1550,6 +1635,7 @@ No
</div>
</div>
<a name="link_seutil_sigchld_newrole"></a>
<div id="interface">
@ -1591,6 +1677,7 @@ No
</div>
</div>
<a name="link_seutil_use_newrole_fd"></a>
<div id="interface">
@ -1632,6 +1719,7 @@ No
</div>
</div>
<a name="link_seutil_use_runinit_fd"></a>
<div id="interface">

75
www/api-docs/system_sysnetwork.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: sysnetwork</h2><p/>
<h3>Description:</h3>
<p><p>Policy for network configuration: ifconfig and dhcp client.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_sysnet_domtrans_dhcpc"></a>
<div id="interface">
@ -171,6 +185,7 @@ No
</div>
</div>
<a name="link_sysnet_domtrans_ifconfig"></a>
<div id="interface">
@ -212,6 +227,7 @@ No
</div>
</div>
<a name="link_sysnet_kill_dhcpc"></a>
<div id="interface">
@ -253,6 +269,49 @@ No
</div>
</div>
<a name="link_sysnet_manage_config"></a>
<div id="interface">
<div id="codeblock">
<b>sysnet_manage_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete network config files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_sysnet_read_config"></a>
<div id="interface">
@ -294,6 +353,7 @@ No
</div>
</div>
<a name="link_sysnet_read_dhcpc_pid"></a>
<div id="interface">
@ -335,6 +395,7 @@ No
</div>
</div>
<a name="link_sysnet_read_dhcpc_state"></a>
<div id="interface">
@ -376,6 +437,7 @@ No
</div>
</div>
<a name="link_sysnet_run_ifconfig"></a>
<div id="interface">
@ -455,6 +517,7 @@ No
</div>
</div>
<a name="link_sysnet_rw_dhcp_config"></a>
<div id="interface">
@ -496,6 +559,7 @@ No
</div>
</div>
<a name="link_sysnet_sigchld_dhcpc"></a>
<div id="interface">
@ -537,6 +601,7 @@ No
</div>
</div>
<a name="link_sysnet_signal_dhcpc"></a>
<div id="interface">
@ -578,6 +643,7 @@ No
</div>
</div>
<a name="link_sysnet_signull_dhcpc"></a>
<div id="interface">
@ -619,6 +685,7 @@ No
</div>
</div>
<a name="link_sysnet_sigstop_dhcpc"></a>
<div id="interface">

103
www/api-docs/system_udev.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,8 +134,6 @@
<h1>Layer: system</h1><p/>
<h2>Module: udev</h2><p/>
<h3>Description:</h3>
<p><p>Policy for udev.</p></p>
@ -130,6 +143,7 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_udev_domtrans"></a>
<div id="interface">
@ -147,11 +161,11 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute udev in the udev domain.
</p>
Execute udev in the udev domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -161,8 +175,8 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
@ -171,6 +185,50 @@ No
</div>
</div>
<a name="link_udev_donaudit_rw_unix_dgram_socket"></a>
<div id="interface">
<div id="codeblock">
<b>udev_donaudit_rw_unix_dgram_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
to a udev unix datagram socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_udev_read_db"></a>
<div id="interface">
@ -188,11 +246,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to read list of devices.
</p>
Allow process to read list of devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -202,8 +260,8 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
@ -212,6 +270,7 @@ No
</div>
</div>
<a name="link_udev_rw_db"></a>
<div id="interface">
@ -229,11 +288,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow process to modify list of devices.
</p>
Allow process to modify list of devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -243,8 +302,8 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>

206
www/api-docs/system_unconfined.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,11 +134,9 @@
<h1>Layer: system</h1><p/>
<h2>Module: unconfined</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>The unconfined domain.</p></p>
@ -133,12 +146,13 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_unconfined_domtrans"></a>
<div id="interface">
<div id="codeblock">
<b>unconfined_domtrans_shell</b>(
<b>unconfined_domtrans</b>(
@ -152,7 +166,7 @@
<h5>Summary</h5>
<p>
Transition to the unconfined domain by executing a shell.
Transition to the unconfined domain.
</p>
@ -174,6 +188,62 @@ No
</div>
</div>
<a name="link_unconfined_dontaudit_rw_tcp_socket"></a>
<div id="interface">
<div id="codeblock">
<b>unconfined_dontaudit_rw_tcp_socket</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
unconfined domain tcp sockets.
</p>
<h5>Description</h5>
<p>
</p><p>
Do not audit attempts to read or write
unconfined domain tcp sockets.
</p><p>
</p><p>
This interface was added due to a broken
symptom in ldconfig.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_unconfined_role"></a>
<div id="interface">
@ -215,6 +285,85 @@ No
</div>
</div>
<a name="link_unconfined_run"></a>
<div id="interface">
<div id="codeblock">
<b>unconfined_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Execute specified programs in the unconfined domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to allow the unconfined domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the unconfined domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_unconfined_rw_pipe"></a>
<div id="interface">
@ -256,6 +405,49 @@ No
</div>
</div>
<a name="link_unconfined_shell_domtrans"></a>
<div id="interface">
<div id="codeblock">
<b>unconfined_shell_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Transition to the unconfined domain by executing a shell.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_unconfined_sigchld"></a>
<div id="interface">
@ -297,6 +489,7 @@ No
</div>
</div>
<a name="link_unconfined_use_fd"></a>
<div id="interface">
@ -345,6 +538,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_unconfined_domain_template"></a>
<div id="template">

317
www/api-docs/system_userdomain.html
View File

@ -67,6 +67,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -91,6 +94,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -109,9 +118,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -119,11 +134,9 @@
<h1>Layer: system</h1><p/>
<h2>Module: userdomain</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p><p>Policy for user domains</p></p>
@ -133,6 +146,135 @@
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_userdom_dontaudit_search_all_users_home"></a>
<div id="interface">
<div id="codeblock">
<b>userdom_dontaudit_search_all_users_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search all users home directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_userdom_dontaudit_search_staff_home_dir"></a>
<div id="interface">
<div id="codeblock">
<b>userdom_dontaudit_search_staff_home_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the staff
users home directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_userdom_dontaudit_search_sysadm_home_dir"></a>
<div id="interface">
<div id="codeblock">
<b>userdom_dontaudit_search_sysadm_home_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the sysadm
users home directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_userdom_dontaudit_use_sysadm_terms"></a>
<div id="interface">
@ -152,7 +294,7 @@
<h5>Summary</h5>
<p>
Do not audit attempts to use admin ttys and ptys.
Do not audit attempts to use sysadm ttys and ptys.
</p>
@ -164,7 +306,7 @@ Do not audit attempts to use admin ttys and ptys.
domain
</td><td>
The type of the process performing this action.
Domain to not audit.
</td><td>
No
@ -174,6 +316,49 @@ No
</div>
</div>
<a name="link_userdom_dontaudit_use_sysadm_tty"></a>
<div id="interface">
<div id="codeblock">
<b>userdom_dontaudit_use_sysadm_tty</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to use sysadm ttys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_userdom_dontaudit_use_unpriv_user_fd"></a>
<div id="interface">
@ -216,6 +401,7 @@ No
</div>
</div>
<a name="link_userdom_dontaudit_use_unpriv_user_tty"></a>
<div id="interface">
@ -258,6 +444,7 @@ No
</div>
</div>
<a name="link_userdom_read_all_user_files"></a>
<div id="interface">
@ -299,6 +486,7 @@ No
</div>
</div>
<a name="link_userdom_read_staff_home_files"></a>
<div id="interface">
@ -340,6 +528,7 @@ No
</div>
</div>
<a name="link_userdom_read_sysadm_home_files"></a>
<div id="interface">
@ -381,6 +570,7 @@ No
</div>
</div>
<a name="link_userdom_rw_sysadm_pipe"></a>
<div id="interface">
@ -422,6 +612,7 @@ No
</div>
</div>
<a name="link_userdom_search_all_users_home"></a>
<div id="interface">
@ -463,6 +654,91 @@ No
</div>
</div>
<a name="link_userdom_search_staff_home_dir"></a>
<div id="interface">
<div id="codeblock">
<b>userdom_search_staff_home_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the staff users home directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_userdom_search_sysadm_home_dir"></a>
<div id="interface">
<div id="codeblock">
<b>userdom_search_sysadm_home_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the sysadm users home directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a name="link_userdom_shell_domtrans_sysadm"></a>
<div id="interface">
@ -504,6 +780,7 @@ No
</div>
</div>
<a name="link_userdom_signal_all_users"></a>
<div id="interface">
@ -545,6 +822,7 @@ No
</div>
</div>
<a name="link_userdom_signal_unpriv_users"></a>
<div id="interface">
@ -586,6 +864,7 @@ No
</div>
</div>
<a name="link_userdom_spec_domtrans_all_users"></a>
<div id="interface">
@ -629,6 +908,7 @@ No
</div>
</div>
<a name="link_userdom_spec_domtrans_unpriv_users"></a>
<div id="interface">
@ -672,6 +952,7 @@ No
</div>
</div>
<a name="link_userdom_unconfined"></a>
<div id="interface">
@ -713,6 +994,7 @@ No
</div>
</div>
<a name="link_userdom_use_all_user_fd"></a>
<div id="interface">
@ -754,6 +1036,7 @@ No
</div>
</div>
<a name="link_userdom_use_sysadm_fd"></a>
<div id="interface">
@ -795,6 +1078,7 @@ No
</div>
</div>
<a name="link_userdom_use_sysadm_pty"></a>
<div id="interface">
@ -836,6 +1120,7 @@ No
</div>
</div>
<a name="link_userdom_use_sysadm_terms"></a>
<div id="interface">
@ -877,6 +1162,7 @@ No
</div>
</div>
<a name="link_userdom_use_sysadm_tty"></a>
<div id="interface">
@ -918,6 +1204,7 @@ No
</div>
</div>
<a name="link_userdom_use_unpriv_users_fd"></a>
<div id="interface">
@ -959,6 +1246,7 @@ No
</div>
</div>
<a name="link_userdom_write_unpriv_user_tmp"></a>
<div id="interface">
@ -1007,6 +1295,7 @@ No
<a name="templates"></a>
<h3>Templates: </h3>
<a name="link_admin_user_template"></a>
<div id="template">
@ -1037,6 +1326,20 @@ This template creates a user domain, types, and
rules for the user's tty, pty, home directories,
tmp, and tmpfs files.
</p><p>
</p><p>
The privileges given to administrative users are:
<ul><p>
</p><li><p>Raw disk access</p></li><p>
</p><li><p>Set all sysctls</p></li><p>
</p><li><p>All kernel ring buffer controls</p></li><p>
</p><li><p>Set SELinux enforcement mode (enforcing/permissive)</p></li><p>
</p><li><p>Set SELinux booleans</p></li><p>
</p><li><p>Relabel all files but shadow</p></li><p>
</p><li><p>Create, read, write, and delete all files but shadow</p></li><p>
</p><li><p>Manage source and binary format SELinux policy</p></li><p>
</p><li><p>Run insmod</p></li><p>
</p></ul>
</p><p>
</p>
<h5>Parameters</h5>
@ -1058,6 +1361,7 @@ No
</div>
</div>
<a name="link_base_user_template"></a>
<div id="template">
@ -1115,6 +1419,7 @@ No
</div>
</div>
<a name="link_unpriv_user_template"></a>
<div id="template">

48
www/api-docs/templates.html
View File

@ -91,6 +91,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nscd.html'>
nscd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
@ -136,6 +139,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_ipsec.html'>
ipsec</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
@ -160,6 +166,12 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_pcmcia.html'>
pcmcia</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_raid.html'>
raid</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
@ -178,9 +190,15 @@
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<a href="global_booleans.html">*&nbsp;Global&nbsp;Booleans&nbsp;</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
<a href="global_tunables.html">*&nbsp;Global&nbsp;Tunables&nbsp;</a>
<p/><br/><p/>
<a href="index.html">*&nbsp;Layer Index</a>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface&nbsp;Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template&nbsp;Index</a>
</div>
<div id="Content">
@ -188,7 +206,7 @@
<div id="templatesmall">
Module: <a href='system_userdomain.html'>
Module: <a href='system_userdomain.html#link_admin_user_template'>
userdomain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
@ -214,7 +232,7 @@ The template for creating an administrative user.
</div>
<div id="templatesmall">
Module: <a href='system_authlogin.html'>
Module: <a href='system_authlogin.html#link_authlogin_per_userdomain_template'>
authlogin</a><p/>
Layer: <a href='system.html'>
system</a><p/>
@ -240,7 +258,7 @@ The per user domain template for the authlogin module.
</div>
<div id="templatesmall">
Module: <a href='system_userdomain.html'>
Module: <a href='system_userdomain.html#link_base_user_template'>
userdomain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
@ -267,7 +285,7 @@ users and administrative users.
</div>
<div id="templatesmall">
Module: <a href='services_cron.html'>
Module: <a href='services_cron.html#link_cron_admin_template'>
cron</a><p/>
Layer: <a href='services.html'>
services</a><p/>
@ -293,7 +311,7 @@ The administrative functions template for the cron module.
</div>
<div id="templatesmall">
Module: <a href='services_cron.html'>
Module: <a href='services_cron.html#link_cron_per_userdomain_template'>
cron</a><p/>
Layer: <a href='services.html'>
services</a><p/>
@ -319,7 +337,7 @@ The per user domain template for the cron module.
</div>
<div id="templatesmall">
Module: <a href='system_domain.html'>
Module: <a href='system_domain.html#link_domain_auto_trans'>
domain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
@ -345,7 +363,7 @@ Summary is missing!
</div>
<div id="templatesmall">
Module: <a href='system_domain.html'>
Module: <a href='system_domain.html#link_domain_trans'>
domain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
@ -371,7 +389,7 @@ Summary is missing!
</div>
<div id="templatesmall">
Module: <a href='apps_gpg.html'>
Module: <a href='apps_gpg.html#link_gpg_per_userdomain_template'>
gpg</a><p/>
Layer: <a href='apps.html'>
apps</a><p/>
@ -397,7 +415,7 @@ The per user domain template for the gpg module.
</div>
<div id="templatesmall">
Module: <a href='services_mta.html'>
Module: <a href='services_mta.html#link_mta_per_userdomain_template'>
mta</a><p/>
Layer: <a href='services.html'>
services</a><p/>
@ -423,7 +441,7 @@ Summary is missing!
</div>
<div id="templatesmall">
Module: <a href='services_ssh.html'>
Module: <a href='services_ssh.html#link_ssh_per_userdomain_template'>
ssh</a><p/>
Layer: <a href='services.html'>
services</a><p/>
@ -449,7 +467,7 @@ The per user domain template for the ssh module.
</div>
<div id="templatesmall">
Module: <a href='services_ssh.html'>
Module: <a href='services_ssh.html#link_ssh_server_template'>
ssh</a><p/>
Layer: <a href='services.html'>
services</a><p/>
@ -475,7 +493,7 @@ The template to define a ssh server.
</div>
<div id="templatesmall">
Module: <a href='system_unconfined.html'>
Module: <a href='system_unconfined.html#link_unconfined_domain_template'>
unconfined</a><p/>
Layer: <a href='system.html'>
system</a><p/>
@ -501,7 +519,7 @@ A template to make the specified domain unconfined.
</div>
<div id="templatesmall">
Module: <a href='system_userdomain.html'>
Module: <a href='system_userdomain.html#link_unpriv_user_template'>
userdomain</a><p/>
Layer: <a href='system.html'>
system</a><p/>