rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

update for 20050705 release

Browse Source
This commit is contained in:
Chris PeBenito 2005-07-05 13:36:21 +00:00
parent 1fe082e29e
commit e3a8e3f1e2
54 changed files with 32113 additions and 5026 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
www/api-docs/admin.html
View File

@ -13,9 +13,18 @@
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
@ -24,6 +33,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -44,6 +59,8 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
@ -54,11 +71,28 @@
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
<tr><td>
<a href='admin_consoletype.html'>
consoletype</a></td>
<td><p>
Determine of the console connected to the controlling terminal.
</p></td>
<tr><td>
<a href='admin_dmesg.html'>
dmesg</a></td>
<td><p>Policy for dmesg.</p></td>
<tr><td>
<a href='admin_logrotate.html'>
logrotate</a></td>
<td><p>Rotate and archive system logs</p></td>
<tr><td>
<a href='admin_netutils.html'>
netutils</a></td>
<td><p>Network analysis utilities</p></td>
<tr><td>
<a href='admin_rpm.html'>
rpm</a></td>
@ -80,6 +114,9 @@
</td></tr>
</td></tr>
</table>
<p/><br/><br/>

172
www/api-docs/admin_consoletype.html Normal file
View File

@ -0,0 +1,172 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: admin</h1><p/>
<h2>Module: consoletype</h2><p/>
<h3>Description:</h3>
<p>
Determine of the console connected to the controlling terminal.
</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>consoletype_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Execute consoletype in the consoletype domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>consoletype_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Execute consoletype in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

34
www/api-docs/admin_dmesg.html
View File

@ -13,9 +13,18 @@
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
@ -24,6 +33,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -44,15 +59,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: admin</h1><p/>
<h2>Module: dmesg</h2><p/>
<h3>Description:</h3>
<p>Policy for dmesg.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -75,7 +98,7 @@
<h5>Description</h5>
<p>
Execute dmesg in the dmesg domain.
Execute dmesg in the dmesg domain.
</p>
<h5>Parameters</h5>
@ -86,7 +109,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -116,7 +139,7 @@ No
<h5>Description</h5>
<p>
Execute dmesg in the caller domain.
Execute dmesg in the caller domain.
</p>
<h5>Parameters</h5>
@ -127,7 +150,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -138,6 +161,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

289
www/api-docs/admin_logrotate.html Normal file
View File

@ -0,0 +1,289 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: admin</h1><p/>
<h2>Module: logrotate</h2><p/>
<h3>Description:</h3>
<p>Rotate and archive system logs</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>logrotate_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute logrotate in the logrotate domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logrotate_dontaudit_use_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to inherit logrotate file descriptors.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logrotate_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute logrotate in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logrotate_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute logrotate in the logrotate domain, and
allow the specified role the logrotate domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the logrotate domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the logrotate domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

568
www/api-docs/admin_netutils.html Normal file
View File

@ -0,0 +1,568 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: admin</h1><p/>
<h2>Module: netutils</h2><p/>
<h3>Description:</h3>
<p>Network analysis utilities</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>netutils_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute network utilities in the netutils domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_domtrans_ping</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute ping in the ping domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_domtrans_traceroute</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute traceroute in the traceroute domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute network utilities in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_exec_ping</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute ping in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_exec_traceroute</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute traceroute in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute network utilities in the netutils domain, and
allow the specified role the netutils domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the netutils domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the netutils domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_run_ping</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute ping in the ping domain, and
allow the specified role the ping domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the ping domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the ping domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>netutils_run_traceroute</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute traceroute in the traceroute domain, and
allow the specified role the traceroute domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the traceroute domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the traceroute domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

111
www/api-docs/admin_rpm.html
View File

@ -13,9 +13,18 @@
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
@ -24,6 +33,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -44,15 +59,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: admin</h1><p/>
<h2>Module: rpm</h2><p/>
<h3>Description:</h3>
<p>Policy for the RPM package manager.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -72,12 +95,12 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute rpm programs in the rpm domain.
Execute rpm programs in the rpm domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -86,7 +109,48 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>rpm_manage_db</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete the RPM package database.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -113,12 +177,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read RPM package database.
Read the RPM package database.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -127,7 +191,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -154,12 +218,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read from a RPM pipe.
Read from a RPM pipe.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -168,7 +232,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -211,12 +275,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute RPM programs in the RPM domain.
Execute RPM programs in the RPM domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -225,7 +289,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -235,7 +299,7 @@ No
role
</td><td>
The role to allow the RPM domain.
The role to allow the RPM domain.
</td><td>
No
@ -245,7 +309,7 @@ No
terminal
</td><td>
The type of the terminal allow the RPM domain to use.
The type of the terminal allow the RPM domain to use.
</td><td>
No
@ -272,12 +336,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Inherit and use file descriptors from RPM.
Inherit and use file descriptors from RPM.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -286,7 +350,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -297,6 +361,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

123
www/api-docs/admin_usermanage.html
View File

@ -13,9 +13,18 @@
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
@ -24,6 +33,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -44,15 +59,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: admin</h1><p/>
<h2>Module: usermanage</h2><p/>
<h3>Description:</h3>
<p>Policy for managing user accounts.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -75,7 +98,7 @@
<h5>Description</h5>
<p>
Execute chfn in the chfn domain.
Execute chfn in the chfn domain.
</p>
<h5>Parameters</h5>
@ -86,7 +109,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -116,7 +139,7 @@ No
<h5>Description</h5>
<p>
Execute groupadd in the groupadd domain.
Execute groupadd in the groupadd domain.
</p>
<h5>Parameters</h5>
@ -127,7 +150,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -157,7 +180,7 @@ No
<h5>Description</h5>
<p>
Execute passwd in the passwd domain.
Execute passwd in the passwd domain.
</p>
<h5>Parameters</h5>
@ -168,7 +191,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -198,7 +221,7 @@ No
<h5>Description</h5>
<p>
Execute useradd in the useradd domain.
Execute useradd in the useradd domain.
</p>
<h5>Parameters</h5>
@ -209,7 +232,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>usermanage_read_crack_db</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the crack database.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -255,8 +319,8 @@ No
<h5>Description</h5>
<p>
Execute chfn in the chfn domain, and
allow the specified role the chfn domain.
Execute chfn in the chfn domain, and
allow the specified role the chfn domain.
</p>
<h5>Parameters</h5>
@ -267,7 +331,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -277,7 +341,7 @@ No
role
</td><td>
The role to be allowed the chfn domain.
The role to be allowed the chfn domain.
</td><td>
No
@ -287,7 +351,7 @@ No
terminal
</td><td>
The type of the terminal allow the chfn domain to use.
The type of the terminal allow the chfn domain to use.
</td><td>
No
@ -333,8 +397,8 @@ No
<h5>Description</h5>
<p>
Execute groupadd in the groupadd domain, and
allow the specified role the groupadd domain.
Execute groupadd in the groupadd domain, and
allow the specified role the groupadd domain.
</p>
<h5>Parameters</h5>
@ -345,7 +409,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -355,7 +419,7 @@ No
role
</td><td>
The role to be allowed the groupadd domain.
The role to be allowed the groupadd domain.
</td><td>
No
@ -365,7 +429,7 @@ No
terminal
</td><td>
The type of the terminal allow the groupadd domain to use.
The type of the terminal allow the groupadd domain to use.
</td><td>
No
@ -411,8 +475,8 @@ No
<h5>Description</h5>
<p>
Execute passwd in the passwd domain, and
allow the specified role the passwd domain.
Execute passwd in the passwd domain, and
allow the specified role the passwd domain.
</p>
<h5>Parameters</h5>
@ -423,7 +487,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -433,7 +497,7 @@ No
role
</td><td>
The role to be allowed the passwd domain.
The role to be allowed the passwd domain.
</td><td>
No
@ -443,7 +507,7 @@ No
terminal
</td><td>
The type of the terminal allow the passwd domain to use.
The type of the terminal allow the passwd domain to use.
</td><td>
No
@ -489,8 +553,8 @@ No
<h5>Description</h5>
<p>
Execute useradd in the useradd domain, and
allow the specified role the useradd domain.
Execute useradd in the useradd domain, and
allow the specified role the useradd domain.
</p>
<h5>Parameters</h5>
@ -501,7 +565,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -511,7 +575,7 @@ No
role
</td><td>
The role to be allowed the useradd domain.
The role to be allowed the useradd domain.
</td><td>
No
@ -521,7 +585,7 @@ No
terminal
</td><td>
The type of the terminal allow the useradd domain to use.
The type of the terminal allow the useradd domain to use.
</td><td>
No
@ -532,6 +596,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

83
www/api-docs/apps.html Normal file
View File

@ -0,0 +1,83 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='apps_gpg.html'>
gpg</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<h1>Layer: apps</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
<tr><td>
<a href='apps_gpg.html'>
gpg</a></td>
<td><p>Policy for GNU Privacy Guard and related programs.</p></td>
</td></tr>
</td></tr>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

128
www/api-docs/apps_gpg.html Normal file
View File

@ -0,0 +1,128 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='apps_gpg.html'>
gpg</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: apps</h1><p/>
<h2>Module: gpg</h2><p/>
<h3>Description:</h3>
<p>Policy for GNU Privacy Guard and related programs.</p>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
<b>gpg_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The per user domain template for the gpg module.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates the types and rules for GPG,
GPG-agent, and GPG helper programs. This protects
the user keys and secrets, and runs the programs
in domains specific to the user type.
</p><p>
</p><p>
This is invoked automatically for each user and
generally does not need to be invoked directly
by policy writers.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

153
www/api-docs/index.html
View File

@ -13,9 +13,18 @@
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
@ -24,6 +33,15 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='apps_gpg.html'>
gpg</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -58,15 +76,30 @@
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
@ -88,6 +121,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -140,6 +176,8 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
@ -150,11 +188,28 @@
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
<tr><td>
<a href='admin_consoletype.html'>
consoletype</a></td>
<td><p>
Determine of the console connected to the controlling terminal.
</p></td>
<tr><td>
<a href='admin_dmesg.html'>
dmesg</a></td>
<td><p>Policy for dmesg.</p></td>
<tr><td>
<a href='admin_logrotate.html'>
logrotate</a></td>
<td><p>Rotate and archive system logs</p></td>
<tr><td>
<a href='admin_netutils.html'>
netutils</a></td>
<td><p>Network analysis utilities</p></td>
<tr><td>
<a href='admin_rpm.html'>
rpm</a></td>
@ -176,6 +231,9 @@
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
@ -185,6 +243,9 @@
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>
@ -246,7 +307,7 @@ Policy for kernel security interface, in particular, selinuxfs.
</table>
<p/><br/><br/>
<h1>Layer: services</h1><p/>
<h1>Layer: apps</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
@ -255,23 +316,16 @@ Policy for kernel security interface, in particular, selinuxfs.
</td></tr>
<tr><td>
<a href='apps_gpg.html'>
gpg</a></td>
<td><p>Policy for GNU Privacy Guard and related programs.</p></td>
</td></tr>
<tr><td>
<a href='services_mta.html'>
mta</a></td>
<td><p>Policy common to all email tranfer agents.</p></td>
</td></tr>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>
<td><p>Policy for rshd, rlogind, and telnetd.</p></td>
<tr><td>
<a href='services_sendmail.html'>
sendmail</a></td>
<td><p>Policy for sendmail.</p></td>
</td></tr>
@ -293,6 +347,9 @@ Policy for kernel security interface, in particular, selinuxfs.
</td></tr>
</td></tr>
</td></tr>
@ -326,6 +383,11 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.
Basic filesystem types and interfaces.
</p></td>
<tr><td>
<a href='system_fstools.html'>
fstools</a></td>
<td><p>Tools for filesystem management, such as mkfs and fsck.</p></td>
<tr><td>
<a href='system_getty.html'>
getty</a></td>
@ -414,6 +476,69 @@ connection and disconnection of devices at runtime.
</table>
<p/><br/><br/>
<h1>Layer: services</h1><p/>
<table border="1" cellspacing="0" cellpadding="3" width="75%">
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>
</td></tr>
<tr><td>
<a href='services_cron.html'>
cron</a></td>
<td><p>Periodic execution of scheduled commands.</p></td>
<tr><td>
<a href='services_inetd.html'>
inetd</a></td>
<td><p>Internet services daemon.</p></td>
<tr><td>
<a href='services_kerberos.html'>
kerberos</a></td>
<td><p>MIT Kerberos admin and KDC</p></td>
<tr><td>
<a href='services_mta.html'>
mta</a></td>
<td><p>Policy common to all email tranfer agents.</p></td>
<tr><td>
<a href='services_nis.html'>
nis</a></td>
<td><p>Policy for NIS (YP) servers and clients</p></td>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>
<td><p>Policy for rshd, rlogind, and telnetd.</p></td>
<tr><td>
<a href='services_sendmail.html'>
sendmail</a></td>
<td><p>Policy for sendmail.</p></td>
<tr><td>
<a href='services_ssh.html'>
ssh</a></td>
<td><p>Secure shell client and server policy.</p></td>
</td></tr>
</td></tr>
</table>
<p/><br/><br/>
</div>
</body>
</html>

11399
www/api-docs/interfaces.html
View File

File diff suppressed because it is too large Load Diff

11
www/api-docs/kernel.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -59,6 +65,8 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
@ -69,6 +77,9 @@
<tr><td class="title">Module:</td><td class="title">Description:</td></tr>
</td></tr>
</td></tr>

148
www/api-docs/kernel_bootloader.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -59,15 +65,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: bootloader</h2><p/>
<h3>Description:</h3>
<p>Policy for the kernel modules, kernel image, and bootloader.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -90,7 +104,7 @@
<h5>Description</h5>
<p>
Install a kernel into the /boot directory.
Install a kernel into the /boot directory.
</p>
<h5>Parameters</h5>
@ -101,7 +115,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -131,7 +145,7 @@ No
<h5>Description</h5>
<p>
Install a system.map into the /boot directory.
Install a system.map into the /boot directory.
</p>
<h5>Parameters</h5>
@ -142,7 +156,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>bootloader_create_modules</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -172,8 +227,8 @@ No
<h5>Description</h5>
<p>
Read and write the bootloader
temporary data in /tmp.
Read and write the bootloader
temporary data in /tmp.
</p>
<h5>Parameters</h5>
@ -184,7 +239,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -214,7 +269,7 @@ No
<h5>Description</h5>
<p>
Delete a kernel from /boot.
Delete a kernel from /boot.
</p>
<h5>Parameters</h5>
@ -225,7 +280,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -255,7 +310,7 @@ No
<h5>Description</h5>
<p>
Delete a system.map in the /boot directory.
Delete a system.map in the /boot directory.
</p>
<h5>Parameters</h5>
@ -266,7 +321,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -296,7 +351,7 @@ No
<h5>Description</h5>
<p>
Execute bootloader in the bootloader domain.
Execute bootloader in the bootloader domain.
</p>
<h5>Parameters</h5>
@ -307,7 +362,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -337,7 +392,7 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to search the /boot directory.
Do not audit attempts to search the /boot directory.
</p>
<h5>Parameters</h5>
@ -348,7 +403,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -378,7 +433,7 @@ No
<h5>Description</h5>
<p>
List the contents of the kernel module directories.
List the contents of the kernel module directories.
</p>
<h5>Parameters</h5>
@ -389,7 +444,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -419,8 +474,8 @@ No
<h5>Description</h5>
<p>
Create, read, write, and delete
kernel module files.
Create, read, write, and delete
kernel module files.
</p>
<h5>Parameters</h5>
@ -431,7 +486,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -461,7 +516,7 @@ No
<h5>Description</h5>
<p>
Read the bootloader configuration file.
Read the bootloader configuration file.
</p>
<h5>Parameters</h5>
@ -472,7 +527,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -502,7 +557,7 @@ No
<h5>Description</h5>
<p>
Read kernel module files.
Read kernel module files.
</p>
<h5>Parameters</h5>
@ -513,7 +568,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -543,7 +598,7 @@ No
<h5>Description</h5>
<p>
Read system.map in the /boot directory.
Read system.map in the /boot directory.
</p>
<h5>Parameters</h5>
@ -554,7 +609,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -600,8 +655,8 @@ No
<h5>Description</h5>
<p>
Execute bootloader interactively and do
a domain transition to the bootloader domain.
Execute bootloader interactively and do
a domain transition to the bootloader domain.
</p>
<h5>Parameters</h5>
@ -612,7 +667,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -622,7 +677,7 @@ No
role
</td><td>
The role to be allowed the bootloader domain.
The role to be allowed the bootloader domain.
</td><td>
No
@ -632,7 +687,7 @@ No
terminal
</td><td>
The type of the terminal allow the bootloader domain to use.
The type of the terminal allow the bootloader domain to use.
</td><td>
No
@ -662,8 +717,8 @@ No
<h5>Description</h5>
<p>
Read and write symbolic links
in the /boot directory.
Read and write symbolic links
in the /boot directory.
</p>
<h5>Parameters</h5>
@ -674,7 +729,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -704,8 +759,8 @@ No
<h5>Description</h5>
<p>
Read and write the bootloader
configuration file.
Read and write the bootloader
configuration file.
</p>
<h5>Parameters</h5>
@ -716,7 +771,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -746,8 +801,8 @@ No
<h5>Description</h5>
<p>
Read and write the bootloader
temporary data in /tmp.
Read and write the bootloader
temporary data in /tmp.
</p>
<h5>Parameters</h5>
@ -758,7 +813,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -773,7 +828,7 @@ No
<div id="codeblock">
<b>bootloader_search_boot_dir</b>(
<b>bootloader_search_boot</b>(
@ -788,7 +843,7 @@ No
<h5>Description</h5>
<p>
Search the /boot directory.
Search the /boot directory.
</p>
<h5>Parameters</h5>
@ -799,7 +854,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -829,7 +884,7 @@ No
<h5>Description</h5>
<p>
Write kernel module files.
Write kernel module files.
</p>
<h5>Parameters</h5>
@ -840,7 +895,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -851,6 +906,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

7621
www/api-docs/kernel_corenetwork.html
View File

File diff suppressed because it is too large Load Diff

1719
www/api-docs/kernel_devices.html
View File

File diff suppressed because it is too large Load Diff

1275
www/api-docs/kernel_filesystem.html
View File

File diff suppressed because it is too large Load Diff

372
www/api-docs/kernel_kernel.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -59,11 +65,17 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: kernel</h2><p/>
<h3>Description:</h3>
<p>
@ -71,6 +83,8 @@ Policy for kernel threads, proc filesystem,
and unlabeled processes and objects.
</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -90,12 +104,12 @@ and unlabeled processes and objects.
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Change the level of kernel messages logged to the console.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -104,7 +118,7 @@ and unlabeled processes and objects.
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -134,7 +148,7 @@ No
<h5>Description</h5>
<p>
Allows the caller to clear the ring buffer.
Allows the caller to clear the ring buffer.
</p>
<h5>Parameters</h5>
@ -145,7 +159,7 @@ No
domain
</td><td>
The process type clearing the buffer.
The process type clearing the buffer.
</td><td>
No
@ -175,8 +189,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to get the attributes of
core kernel interfaces.
Do not audit attempts to get the attributes of
core kernel interfaces.
</p>
<h5>Parameters</h5>
@ -187,7 +201,7 @@ No
domain
</td><td>
The process type to not audit.
The process type to not audit.
</td><td>
No
@ -217,8 +231,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts by caller to get the attributes of kernel
message interfaces.
Do not audit attempts by caller to get the attributes of kernel
message interfaces.
</p>
<h5>Parameters</h5>
@ -229,7 +243,7 @@ No
domain
</td><td>
The process type not to audit.
The process type not to audit.
</td><td>
No
@ -259,8 +273,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts by caller to get attributes for
unlabeled block devices.
Do not audit attempts by caller to get attributes for
unlabeled block devices.
</p>
<h5>Parameters</h5>
@ -271,7 +285,7 @@ No
domain
</td><td>
The process type not to audit.
The process type not to audit.
</td><td>
No
@ -301,7 +315,7 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read the ring buffer.
Do not audit attempts to read the ring buffer.
</p>
<h5>Parameters</h5>
@ -312,7 +326,7 @@ No
domain
</td><td>
The domain to not audit.
The domain to not audit.
</td><td>
No
@ -342,8 +356,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts by caller to
read system state information.
Do not audit attempts by caller to
read system state information.
</p>
<h5>Parameters</h5>
@ -354,7 +368,7 @@ No
domain
</td><td>
The process type not to audit.
The process type not to audit.
</td><td>
No
@ -384,7 +398,7 @@ No
<h5>Description</h5>
<p>
Do not audit attempts by caller to search sysctl network directories.
Do not audit attempts by caller to search sysctl network directories.
</p>
<h5>Parameters</h5>
@ -395,7 +409,7 @@ No
domain
</td><td>
The process type not to audit.
The process type not to audit.
</td><td>
No
@ -425,7 +439,7 @@ No
<h5>Description</h5>
<p>
Do not audit attempts by caller to search the sysctl directory.
Do not audit attempts by caller to search the sysctl directory.
</p>
<h5>Parameters</h5>
@ -436,7 +450,7 @@ No
domain
</td><td>
The process type not to audit.
The process type not to audit.
</td><td>
No
@ -466,9 +480,9 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to use
kernel file descriptors.
</p>
Do not audit attempts to use
kernel file descriptors.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -478,7 +492,7 @@ No
domain
</td><td>
The type of process not to audit.
The type of process not to audit.
</td><td>
No
@ -508,7 +522,7 @@ No
<h5>Description</h5>
<p>
Get information on all System V IPC objects.
Get information on all System V IPC objects.
</p>
<h5>Parameters</h5>
@ -549,7 +563,7 @@ No
<h5>Description</h5>
<p>
Allows caller to get attribues of core kernel interface.
Allows caller to get attribues of core kernel interface.
</p>
<h5>Parameters</h5>
@ -560,7 +574,7 @@ No
domain
</td><td>
The process type getting the attibutes.
The process type getting the attibutes.
</td><td>
No
@ -590,8 +604,8 @@ No
<h5>Description</h5>
<p>
Allow caller to get the attributes of kernel message
interface (/proc/kmsg).
Allow caller to get the attributes of kernel message
interface (/proc/kmsg).
</p>
<h5>Parameters</h5>
@ -602,7 +616,7 @@ No
domain
</td><td>
The process type getting the attributes.
The process type getting the attributes.
</td><td>
No
@ -632,7 +646,7 @@ No
<h5>Description</h5>
<p>
Send a kill signal to unlabeled processes.
Send a kill signal to unlabeled processes.
</p>
<h5>Parameters</h5>
@ -643,7 +657,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -673,7 +687,7 @@ No
<h5>Description</h5>
<p>
Allows caller to load kernel modules
Allows caller to load kernel modules
</p>
<h5>Parameters</h5>
@ -684,7 +698,7 @@ No
domain
</td><td>
The process type to allow to load kernel modules.
The process type to allow to load kernel modules.
</td><td>
No
@ -714,7 +728,7 @@ No
<h5>Description</h5>
<p>
Allow caller to read all sysctls.
Allow caller to read all sysctls.
</p>
<h5>Parameters</h5>
@ -725,7 +739,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -755,7 +769,7 @@ No
<h5>Description</h5>
<p>
Allow caller to read the device sysctls.
Allow caller to read the device sysctls.
</p>
<h5>Parameters</h5>
@ -766,7 +780,7 @@ No
domain
</td><td>
The process type to allow to read the device sysctls.
The process type to allow to read the device sysctls.
</td><td>
No
@ -796,7 +810,7 @@ No
<h5>Description</h5>
<p>
Read filesystem sysctls.
Read filesystem sysctls.
</p>
<h5>Parameters</h5>
@ -807,7 +821,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -837,7 +851,7 @@ No
<h5>Description</h5>
<p>
Read the hotplug sysctl.
Read the hotplug sysctl.
</p>
<h5>Parameters</h5>
@ -848,7 +862,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -878,7 +892,7 @@ No
<h5>Description</h5>
<p>
Read IRQ sysctls.
Read IRQ sysctls.
</p>
<h5>Parameters</h5>
@ -889,7 +903,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -919,7 +933,7 @@ No
<h5>Description</h5>
<p>
Read generic kernel sysctls.
Read generic kernel sysctls.
</p>
<h5>Parameters</h5>
@ -930,7 +944,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -960,8 +974,8 @@ No
<h5>Description</h5>
<p>
Allow caller to read kernel messages
using the /proc/kmsg interface.
Allow caller to read kernel messages
using the /proc/kmsg interface.
</p>
<h5>Parameters</h5>
@ -972,7 +986,7 @@ No
domain
</td><td>
The process type reading the messages.
The process type reading the messages.
</td><td>
No
@ -1002,7 +1016,7 @@ No
<h5>Description</h5>
<p>
Read the modprobe sysctl.
Read the modprobe sysctl.
</p>
<h5>Parameters</h5>
@ -1013,7 +1027,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1043,7 +1057,7 @@ No
<h5>Description</h5>
<p>
Allow caller to read network sysctls.
Allow caller to read network sysctls.
</p>
<h5>Parameters</h5>
@ -1054,7 +1068,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1084,7 +1098,7 @@ No
<h5>Description</h5>
<p>
Allow caller to read the network state information.
Allow caller to read the network state information.
</p>
<h5>Parameters</h5>
@ -1095,7 +1109,7 @@ No
domain
</td><td>
The process type reading the state.
The process type reading the state.
</td><td>
No
@ -1125,7 +1139,7 @@ No
<h5>Description</h5>
<p>
Allows caller to read the ring buffer.
Allows caller to read the ring buffer.
</p>
<h5>Parameters</h5>
@ -1136,7 +1150,48 @@ No
domain
</td><td>
The process type allowed to read the ring buffer.
The process type allowed to read the ring buffer.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>kernel_read_rpc_sysctl</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -1166,7 +1221,7 @@ No
<h5>Description</h5>
<p>
Allow caller to read the state information for software raid.
Allow caller to read the state information for software raid.
</p>
<h5>Parameters</h5>
@ -1177,7 +1232,7 @@ No
domain
</td><td>
The process type reading software raid state.
The process type reading software raid state.
</td><td>
No
@ -1207,7 +1262,7 @@ No
<h5>Description</h5>
<p>
Allows caller to read system state information.
Allows caller to read system state information.
</p>
<h5>Parameters</h5>
@ -1218,7 +1273,7 @@ No
domain
</td><td>
The process type reading the system state information.
The process type reading the system state information.
</td><td>
No
@ -1248,8 +1303,8 @@ No
<h5>Description</h5>
<p>
Allow caller to read unix domain
socket sysctls.
Allow caller to read unix domain
socket sysctls.
</p>
<h5>Parameters</h5>
@ -1260,7 +1315,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1290,7 +1345,7 @@ No
<h5>Description</h5>
<p>
Allow caller to read virtual memory sysctls.
Allow caller to read virtual memory sysctls.
</p>
<h5>Parameters</h5>
@ -1301,7 +1356,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1331,7 +1386,7 @@ No
<h5>Description</h5>
<p>
Allow caller to relabel unlabeled objects.
Allow caller to relabel unlabeled objects.
</p>
<h5>Parameters</h5>
@ -1342,7 +1397,7 @@ No
domain
</td><td>
The process type relabeling the objects.
The process type relabeling the objects.
</td><td>
No
@ -1372,8 +1427,8 @@ No
<h5>Description</h5>
<p>
Allows the kernel to mount filesystems on
the specified directory type.
Allows the kernel to mount filesystems on
the specified directory type.
</p>
<h5>Parameters</h5>
@ -1384,7 +1439,7 @@ No
directory_type
</td><td>
The type of the directory to use as a mountpoint.
The type of the directory to use as a mountpoint.
</td><td>
No
@ -1414,7 +1469,7 @@ No
<h5>Description</h5>
<p>
Read and write all sysctls.
Read and write all sysctls.
</p>
<h5>Parameters</h5>
@ -1425,7 +1480,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1455,7 +1510,7 @@ No
<h5>Description</h5>
<p>
Read and write device sysctls.
Read and write device sysctls.
</p>
<h5>Parameters</h5>
@ -1466,7 +1521,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1496,7 +1551,7 @@ No
<h5>Description</h5>
<p>
Read and write fileystem sysctls.
Read and write fileystem sysctls.
</p>
<h5>Parameters</h5>
@ -1507,7 +1562,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1537,7 +1592,7 @@ No
<h5>Description</h5>
<p>
Read and write the hotplug sysctl.
Read and write the hotplug sysctl.
</p>
<h5>Parameters</h5>
@ -1548,7 +1603,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1578,7 +1633,7 @@ No
<h5>Description</h5>
<p>
Read and write IRQ sysctls.
Read and write IRQ sysctls.
</p>
<h5>Parameters</h5>
@ -1589,7 +1644,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1619,7 +1674,7 @@ No
<h5>Description</h5>
<p>
Read and write generic kernel sysctls.
Read and write generic kernel sysctls.
</p>
<h5>Parameters</h5>
@ -1630,7 +1685,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1660,7 +1715,7 @@ No
<h5>Description</h5>
<p>
Read and write the modprobe sysctl.
Read and write the modprobe sysctl.
</p>
<h5>Parameters</h5>
@ -1671,7 +1726,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1701,7 +1756,7 @@ No
<h5>Description</h5>
<p>
Allow caller to modiry contents of sysctl network files.
Allow caller to modiry contents of sysctl network files.
</p>
<h5>Parameters</h5>
@ -1712,7 +1767,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>kernel_rw_rpc_sysctl</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -1742,8 +1838,8 @@ No
<h5>Description</h5>
<p>
Read and write unix domain
socket sysctls.
Read and write unix domain
socket sysctls.
</p>
<h5>Parameters</h5>
@ -1754,7 +1850,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1784,7 +1880,7 @@ No
<h5>Description</h5>
<p>
Read and write virtual memory sysctls.
Read and write virtual memory sysctls.
</p>
<h5>Parameters</h5>
@ -1795,7 +1891,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1825,9 +1921,9 @@ No
<h5>Description</h5>
<p>
Allows the kernel to share state information with
the caller.
</p>
Allows the kernel to share state information with
the caller.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -1837,7 +1933,48 @@ No
domain
</td><td>
The type of the process with which to share state information.
The type of the process with which to share state information.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>kernel_sigchld</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Send a SIGCHLD signal to kernel threads.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process sending the signal.
</td><td>
No
@ -1867,7 +2004,7 @@ No
<h5>Description</h5>
<p>
Send a child terminated signal to unlabeled processes.
Send a child terminated signal to unlabeled processes.
</p>
<h5>Parameters</h5>
@ -1878,7 +2015,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1908,7 +2045,7 @@ No
<h5>Description</h5>
<p>
Send general signals to unlabeled processes.
Send general signals to unlabeled processes.
</p>
<h5>Parameters</h5>
@ -1919,7 +2056,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1949,7 +2086,7 @@ No
<h5>Description</h5>
<p>
Send a null signal to unlabeled processes.
Send a null signal to unlabeled processes.
</p>
<h5>Parameters</h5>
@ -1960,7 +2097,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1990,7 +2127,7 @@ No
<h5>Description</h5>
<p>
Send a stop signal to unlabeled processes.
Send a stop signal to unlabeled processes.
</p>
<h5>Parameters</h5>
@ -2001,7 +2138,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -2031,8 +2168,8 @@ No
<h5>Description</h5>
<p>
Permits caller to use kernel file descriptors.
</p>
Permits caller to use kernel file descriptors.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -2042,7 +2179,7 @@ No
domain
</td><td>
The type of the process using the descriptors.
The type of the process using the descriptors.
</td><td>
No
@ -2080,9 +2217,9 @@ No
<h5>Description</h5>
<p>
Allows to start userland processes
by transitioning to the specified domain.
</p>
Allows to start userland processes
by transitioning to the specified domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -2092,7 +2229,7 @@ No
domain
</td><td>
The process type entered by kernel.
The process type entered by kernel.
</td><td>
No
@ -2102,7 +2239,7 @@ No
entrypoint
</td><td>
The executable type for the entrypoint.
The executable type for the entrypoint.
</td><td>
No
@ -2113,6 +2250,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

63
www/api-docs/kernel_selinux.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -59,17 +65,25 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: selinux</h2><p/>
<h3>Description:</h3>
<p>
Policy for kernel security interface, in particular, selinuxfs.
</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -92,7 +106,7 @@ Policy for kernel security interface, in particular, selinuxfs.
<h5>Description</h5>
<p>
Allows caller to compute an access vector.
Allows caller to compute an access vector.
</p>
<h5>Parameters</h5>
@ -103,7 +117,7 @@ Policy for kernel security interface, in particular, selinuxfs.
domain
</td><td>
The process type allowed to compute an access vector.
The process type allowed to compute an access vector.
</td><td>
No
@ -185,7 +199,7 @@ No
domain
</td><td>
The process type to
The process type to
</td><td>
No
@ -215,7 +229,7 @@ No
<h5>Description</h5>
<p>
Allows caller to compute possible contexts for a user.
Allows caller to compute possible contexts for a user.
</p>
<h5>Parameters</h5>
@ -226,7 +240,7 @@ No
domain
</td><td>
The process type allowed to compute user contexts.
The process type allowed to compute user contexts.
</td><td>
No
@ -256,8 +270,8 @@ No
<h5>Description</h5>
<p>
Allows the caller to get the mode of policy enforcement
(enforcing or permissive mode).
Allows the caller to get the mode of policy enforcement
(enforcing or permissive mode).
</p>
<h5>Parameters</h5>
@ -268,7 +282,7 @@ No
domain
</td><td>
The process type to allow to get the enforcing mode.
The process type to allow to get the enforcing mode.
</td><td>
No
@ -298,7 +312,7 @@ No
<h5>Description</h5>
<p>
Gets the caller the mountpoint of the selinuxfs filesystem.
Gets the caller the mountpoint of the selinuxfs filesystem.
</p>
<h5>Parameters</h5>
@ -309,7 +323,7 @@ No
domain
</td><td>
The process type requesting the selinuxfs mountpoint.
The process type requesting the selinuxfs mountpoint.
</td><td>
No
@ -339,7 +353,7 @@ No
<h5>Description</h5>
<p>
Allow caller to load the policy into the kernel.
Allow caller to load the policy into the kernel.
</p>
<h5>Parameters</h5>
@ -350,7 +364,7 @@ No
domain
</td><td>
The process type that will load the policy.
The process type that will load the policy.
</td><td>
No
@ -392,8 +406,8 @@ No
<h5>Description</h5>
<p>
Allow caller to set the state of Booleans to
enable or disable conditional portions of the policy.
Allow caller to set the state of Booleans to
enable or disable conditional portions of the policy.
</p>
<h5>Parameters</h5>
@ -404,7 +418,7 @@ No
domain
</td><td>
The process type allowed to set the Boolean.
The process type allowed to set the Boolean.
</td><td>
No
@ -414,7 +428,7 @@ No
booltype
</td><td>
The type of Booleans the caller is allowed to set.
The type of Booleans the caller is allowed to set.
</td><td>
yes
@ -444,8 +458,8 @@ yes
<h5>Description</h5>
<p>
Allow caller to set the mode of policy enforcement
(enforcing or permissive mode).
Allow caller to set the mode of policy enforcement
(enforcing or permissive mode).
</p>
<h5>Parameters</h5>
@ -456,7 +470,7 @@ yes
domain
</td><td>
The process type to allow to set the enforcement mode.
The process type to allow to set the enforcement mode.
</td><td>
No
@ -486,7 +500,7 @@ No
<h5>Description</h5>
<p>
Allow caller to set selinux security parameters.
Allow caller to set selinux security parameters.
</p>
<h5>Parameters</h5>
@ -497,7 +511,7 @@ No
domain
</td><td>
The process type to allow to set security parameters.
The process type to allow to set security parameters.
</td><td>
No
@ -527,7 +541,7 @@ No
<h5>Description</h5>
<p>
Allows caller to validate security contexts.
Allows caller to validate security contexts.
</p>
<h5>Parameters</h5>
@ -538,7 +552,7 @@ No
domain
</td><td>
The process type permitted to validate contexts.
The process type permitted to validate contexts.
</td><td>
No
@ -549,6 +563,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

439
www/api-docs/kernel_storage.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -59,15 +65,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: storage</h2><p/>
<h3>Description:</h3>
<p>Policy controlling access to storage devices</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -90,7 +104,7 @@
<h5>Description</h5>
<p>
Create block devices in /dev with the fixed disk type.
Create block devices in /dev with the fixed disk type.
</p>
<h5>Parameters</h5>
@ -101,7 +115,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -131,8 +145,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts made by the caller to get
the attributes of fixed disk device nodes.
Do not audit attempts made by the caller to get
the attributes of fixed disk device nodes.
</p>
<h5>Parameters</h5>
@ -143,7 +157,7 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
@ -173,8 +187,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts made by the caller to get
the attributes of removable devices device nodes.
Do not audit attempts made by the caller to get
the attributes of removable devices device nodes.
</p>
<h5>Parameters</h5>
@ -185,7 +199,91 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_setattr_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Do not audit attempts made by the caller to set
the attributes of fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to not audit.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_setattr_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Do not audit attempts made by the caller to set
the attributes of removable devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to not audit.
</td><td>
No
@ -215,8 +313,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to get the attributes of fixed disk
device nodes.
Allow the caller to get the attributes of fixed disk
device nodes.
</p>
<h5>Parameters</h5>
@ -227,7 +325,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -257,8 +355,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to get the attributes of removable
devices device nodes.
Allow the caller to get the attributes of removable
devices device nodes.
</p>
<h5>Parameters</h5>
@ -269,7 +367,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -299,8 +397,8 @@ No
<h5>Description</h5>
<p>
Get attributes of the device nodes
for the SCSI generic inerface.
Allow the caller to get the attributes of
the generic SCSI interface device nodes.
</p>
<h5>Parameters</h5>
@ -311,7 +409,49 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>storage_getattr_scsi_generic</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Get attributes of the device nodes
for the SCSI generic inerface.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -341,8 +481,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to get the attributes
of device nodes of tape devices.
Allow the caller to get the attributes
of device nodes of tape devices.
</p>
<h5>Parameters</h5>
@ -353,7 +493,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -380,12 +520,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Create, read, write, and delete fixed disk device nodes.
Create, read, write, and delete fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -394,7 +534,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -424,10 +564,10 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read from a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly read from a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -438,7 +578,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -468,10 +608,10 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read from a logical volume.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly read from a logical volume.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -482,7 +622,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -512,11 +652,11 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read from
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly read from
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -527,7 +667,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -557,10 +697,10 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly write to a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly write to a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -571,7 +711,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -601,10 +741,10 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read from a logical volume.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly read from a logical volume.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -615,7 +755,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -645,11 +785,11 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly write to
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly write to
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -660,7 +800,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -690,11 +830,11 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly read, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -705,7 +845,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -735,8 +875,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read
a tape device.
Allow the caller to directly read
a tape device.
</p>
<h5>Parameters</h5>
@ -747,7 +887,90 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>storage_relabel_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>storage_set_scsi_generic_attributes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Set attributes of the device nodes
for the SCSI generic inerface.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -777,8 +1000,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to set the attributes of fixed disk
device nodes.
Allow the caller to set the attributes of fixed disk
device nodes.
</p>
<h5>Parameters</h5>
@ -789,7 +1012,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -819,8 +1042,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to set the attributes of removable
devices device nodes.
Allow the caller to set the attributes of removable
devices device nodes.
</p>
<h5>Parameters</h5>
@ -831,7 +1054,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -861,8 +1084,8 @@ No
<h5>Description</h5>
<p>
Set attributes of the device nodes
for the SCSI generic inerface.
Allow the caller to set the attributes of
the generic SCSI interface device nodes.
</p>
<h5>Parameters</h5>
@ -873,7 +1096,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -903,8 +1126,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to set the attributes
of device nodes of tape devices.
Allow the caller to set the attributes
of device nodes of tape devices.
</p>
<h5>Parameters</h5>
@ -915,7 +1138,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>storage_swapon_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Enable a fixed disk device as swap space
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -945,11 +1209,11 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly write, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Allow the caller to directly write, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
@ -960,7 +1224,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -990,8 +1254,8 @@ No
<h5>Description</h5>
<p>
Allow the caller to directly read
a tape device.
Allow the caller to directly read
a tape device.
</p>
<h5>Parameters</h5>
@ -1002,7 +1266,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1013,6 +1277,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

287
www/api-docs/kernel_terminal.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -59,15 +65,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: terminal</h2><p/>
<h3>Description:</h3>
<p>Policy for terminals.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -98,7 +112,7 @@
<h5>Description</h5>
<p>
Create a pty in the /dev/pts directory.
Create a pty in the /dev/pts directory.
</p>
<h5>Parameters</h5>
@ -109,7 +123,7 @@
domain
</td><td>
The type of the process creating the pty.
The type of the process creating the pty.
</td><td>
No
@ -119,7 +133,7 @@ No
pty_type
</td><td>
The type of the pty.
The type of the pty.
</td><td>
No
@ -149,9 +163,9 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to get the
attributes of any user tty
device nodes.
Do not audit attempts to get the
attributes of any user tty
device nodes.
</p>
<h5>Parameters</h5>
@ -162,7 +176,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -192,8 +206,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read the
/dev/pts directory to.
Do not audit attempts to read the
/dev/pts directory to.
</p>
<h5>Parameters</h5>
@ -204,7 +218,7 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
@ -234,8 +248,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read any
user ptys.
Do not audit attempts to read any
user ptys.
</p>
<h5>Parameters</h5>
@ -246,7 +260,7 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
@ -276,8 +290,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read or write
any user ttys.
Do not audit attempts to read or write
any user ttys.
</p>
<h5>Parameters</h5>
@ -288,7 +302,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -318,8 +332,8 @@ No
<h5>Description</h5>
<p>
Do not audit attemtps to read from
or write to the console.
Do not audit attemtps to read from
or write to the console.
</p>
<h5>Parameters</h5>
@ -330,7 +344,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -360,9 +374,9 @@ No
<h5>Description</h5>
<p>
Dot not audit attempts to read and
write the generic pty type. This is
generally only used in the targeted policy.
Dot not audit attempts to read and
write the generic pty type. This is
generally only used in the targeted policy.
</p>
<h5>Parameters</h5>
@ -373,7 +387,7 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
@ -403,8 +417,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read and
write the pty multiplexor (/dev/ptmx).
Do not audit attempts to read and
write the pty multiplexor (/dev/ptmx).
</p>
<h5>Parameters</h5>
@ -415,7 +429,7 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
@ -445,8 +459,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read or
write unallocated ttys.
Do not audit attempts to read or
write unallocated ttys.
</p>
<h5>Parameters</h5>
@ -457,7 +471,7 @@ No
domain
</td><td>
The type of the process to not audit.
The type of the process to not audit.
</td><td>
No
@ -487,8 +501,8 @@ No
<h5>Description</h5>
<p>
Get the attributes of all user
pty device nodes.
Get the attributes of all user
pty device nodes.
</p>
<h5>Parameters</h5>
@ -499,7 +513,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -529,8 +543,8 @@ No
<h5>Description</h5>
<p>
Get the attributes of all user tty
device nodes.
Get the attributes of all user tty
device nodes.
</p>
<h5>Parameters</h5>
@ -541,7 +555,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -571,8 +585,8 @@ No
<h5>Description</h5>
<p>
Get the attributes of all unallocated
tty device nodes.
Get the attributes of all unallocated
tty device nodes.
</p>
<h5>Parameters</h5>
@ -583,7 +597,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -613,8 +627,8 @@ No
<h5>Description</h5>
<p>
Read the /dev/pts directory to
list all ptys.
Read the /dev/pts directory to
list all ptys.
</p>
<h5>Parameters</h5>
@ -625,7 +639,49 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>term_login_pty</b>(
pty_type
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Transform specified type into a pty type
used by login programs, such as sshd.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
pty_type
</td><td>
An object type that will applied to a pty.
</td><td>
No
@ -655,7 +711,7 @@ No
<h5>Description</h5>
<p>
Transform specified type into a pty type.
Transform specified type into a pty type.
</p>
<h5>Parameters</h5>
@ -666,7 +722,49 @@ No
pty_type
</td><td>
An object type that will applied to a pty.
An object type that will applied to a pty.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>term_relabel_all_user_ptys</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Relabel from and to all user
user pty device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -696,8 +794,8 @@ No
<h5>Description</h5>
<p>
Relabel from and to all user
user tty device nodes.
Relabel from and to all user
user tty device nodes.
</p>
<h5>Parameters</h5>
@ -708,7 +806,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -738,8 +836,8 @@ No
<h5>Description</h5>
<p>
Relabel from and to the unallocated
tty type.
Relabel from and to the unallocated
tty type.
</p>
<h5>Parameters</h5>
@ -750,7 +848,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -780,8 +878,8 @@ No
<h5>Description</h5>
<p>
Relabel from all user tty types to
the unallocated tty type.
Relabel from all user tty types to
the unallocated tty type.
</p>
<h5>Parameters</h5>
@ -792,7 +890,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -822,8 +920,8 @@ No
<h5>Description</h5>
<p>
Set the attributes of all user tty
device nodes.
Set the attributes of all user tty
device nodes.
</p>
<h5>Parameters</h5>
@ -834,7 +932,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -864,8 +962,8 @@ No
<h5>Description</h5>
<p>
Set the attributes of the console
device node.
Set the attributes of the console
device node.
</p>
<h5>Parameters</h5>
@ -876,7 +974,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -906,8 +1004,8 @@ No
<h5>Description</h5>
<p>
Set the attributes of all unallocated
tty device nodes.
Set the attributes of all unallocated
tty device nodes.
</p>
<h5>Parameters</h5>
@ -918,7 +1016,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -948,7 +1046,7 @@ No
<h5>Description</h5>
<p>
Transform specified type into a tty type.
Transform specified type into a tty type.
</p>
<h5>Parameters</h5>
@ -959,7 +1057,7 @@ No
tty_type
</td><td>
An object type that will applied to a tty.
An object type that will applied to a tty.
</td><td>
No
@ -989,8 +1087,8 @@ No
<h5>Description</h5>
<p>
Read and write the console, all
ttys and all ptys.
Read and write the console, all
ttys and all ptys.
</p>
<h5>Parameters</h5>
@ -1001,7 +1099,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1031,7 +1129,7 @@ No
<h5>Description</h5>
<p>
Read and write all user ptys.
Read and write all user ptys.
</p>
<h5>Parameters</h5>
@ -1042,7 +1140,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1072,7 +1170,7 @@ No
<h5>Description</h5>
<p>
Read and write all user to all user ttys.
Read and write all user to all user ttys.
</p>
<h5>Parameters</h5>
@ -1083,7 +1181,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1113,7 +1211,7 @@ No
<h5>Description</h5>
<p>
Read from and write to the console.
Read from and write to the console.
</p>
<h5>Parameters</h5>
@ -1124,7 +1222,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1154,8 +1252,8 @@ No
<h5>Description</h5>
<p>
Read and write the controlling
terminal (/dev/tty).
Read and write the controlling
terminal (/dev/tty).
</p>
<h5>Parameters</h5>
@ -1166,7 +1264,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1196,9 +1294,9 @@ No
<h5>Description</h5>
<p>
Read and write the generic pty
type. This is generally only used in
the targeted policy.
Read and write the generic pty
type. This is generally only used in
the targeted policy.
</p>
<h5>Parameters</h5>
@ -1209,7 +1307,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1239,7 +1337,7 @@ No
<h5>Description</h5>
<p>
Read and write unallocated ttys.
Read and write unallocated ttys.
</p>
<h5>Parameters</h5>
@ -1250,7 +1348,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1288,9 +1386,9 @@ No
<h5>Description</h5>
<p>
Transform specified type into an user
pty type. This allows it to be relabeled via
type change by login programs such as ssh.
Transform specified type into an user
pty type. This allows it to be relabeled via
type change by login programs such as ssh.
</p>
<h5>Parameters</h5>
@ -1301,8 +1399,8 @@ No
userdomain
</td><td>
The type of the user domain associated with
this pty.
The type of the user domain associated with
this pty.
</td><td>
No
@ -1312,7 +1410,7 @@ No
object_type
</td><td>
An object type that will applied to a pty.
An object type that will applied to a pty.
</td><td>
No
@ -1342,7 +1440,7 @@ No
<h5>Description</h5>
<p>
Write to all user ttys.
Write to all user ttys.
</p>
<h5>Parameters</h5>
@ -1353,7 +1451,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1383,7 +1481,7 @@ No
<h5>Description</h5>
<p>
Write to the console.
Write to the console.
</p>
<h5>Parameters</h5>
@ -1394,7 +1492,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1424,7 +1522,7 @@ No
<h5>Description</h5>
<p>
Write to unallocated ttys.
Write to unallocated ttys.
</p>
<h5>Parameters</h5>
@ -1435,7 +1533,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -1446,6 +1544,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

51
www/api-docs/services.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -25,15 +31,30 @@
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
@ -44,6 +65,8 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
@ -60,11 +83,34 @@
</td></tr>
</td></tr>
<tr><td>
<a href='services_cron.html'>
cron</a></td>
<td><p>Periodic execution of scheduled commands.</p></td>
<tr><td>
<a href='services_inetd.html'>
inetd</a></td>
<td><p>Internet services daemon.</p></td>
<tr><td>
<a href='services_kerberos.html'>
kerberos</a></td>
<td><p>MIT Kerberos admin and KDC</p></td>
<tr><td>
<a href='services_mta.html'>
mta</a></td>
<td><p>Policy common to all email tranfer agents.</p></td>
<tr><td>
<a href='services_nis.html'>
nis</a></td>
<td><p>Policy for NIS (YP) servers and clients</p></td>
<tr><td>
<a href='services_remotelogin.html'>
remotelogin</a></td>
@ -75,6 +121,11 @@
sendmail</a></td>
<td><p>Policy for sendmail.</p></td>
<tr><td>
<a href='services_ssh.html'>
ssh</a></td>
<td><p>Secure shell client and server policy.</p></td>
</td></tr>

392
www/api-docs/services_cron.html Normal file
View File

@ -0,0 +1,392 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: cron</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p>Periodic execution of scheduled commands.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>cron_read_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read a cron daemon unnamed pipe
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>cron_rw_log</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the cron daemon log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>cron_search_spool</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the directory containing user cron tables.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>cron_system_entry</b>(
domain
,
entrypoint
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified program domain accessable
from the system cron jobs.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process to transition to.
</td><td>
No
</td></tr>
<tr><td>
entrypoint
</td><td>
The type of the file used as an entrypoint to this domain.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
<b>cron_admin_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The administrative functions template for the cron module.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates rules for administrating the cron service,
allowing the specified user to manage other user crontabs.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="template">
<div id="codeblock">
<b>cron_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The per user domain template for the cron module.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a derived domains which are used
for running programs on behalf of the user, from cron.
A type for the user crontab is also created.
</p><p>
</p><p>
This template is invoked automatically for each user, and
generally does not need to be invoked directly
by policy writers.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

339
www/api-docs/services_inetd.html Normal file
View File

@ -0,0 +1,339 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: inetd</h2><p/>
<h3>Description:</h3>
<p>Internet services daemon.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>inetd_core_service_domain</b>(
domain
,
entrypoint
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Define the specified domain as a inetd service.
</p>
<h5>Description</h5>
<p>
Define the specified domain as a inetd service. The
inetd_service_domain(), inetd_tcp_service_domain(),
or inetd_udp_service_domain() interfaces should be used
instead of this interface, as this interface only provides
the common rules to these three interfaces.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type associated with the inetd service process.
</td><td>
No
</td></tr>
<tr><td>
entrypoint
</td><td>
The type associated with the process program.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>inetd_service_domain</b>(
domain
,
entrypoint
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Define the specified domain as a TCP and UDP inetd service.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type associated with the inetd service process.
</td><td>
No
</td></tr>
<tr><td>
entrypoint
</td><td>
The type associated with the process program.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>inetd_tcp_service_domain</b>(
domain
,
entrypoint
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Define the specified domain as a TCP inetd service.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type associated with the inetd service process.
</td><td>
No
</td></tr>
<tr><td>
entrypoint
</td><td>
The type associated with the process program.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>inetd_udp_service_domain</b>(
domain
,
entrypoint
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Define the specified domain as a UDP inetd service.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type associated with the inetd service process.
</td><td>
No
</td></tr>
<tr><td>
entrypoint
</td><td>
The type associated with the process program.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

186
www/api-docs/services_kerberos.html Normal file
View File

@ -0,0 +1,186 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: kerberos</h2><p/>
<h3>Description:</h3>
<p>
</p><p>
This policy supports:
</p><p>
</p><p>
Servers:
</p><ul><li>kadmind</li><li>krb5kdc</li></ul><p>
</p><p>
Clients:
</p><ul><li>kinit</li><li>kdestroy</li><li>klist</li><li>ksu (incomplete)</li></ul><p>
</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>kerberos_read_conf</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the kerberos configuration file (/etc/krb5.conf).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>kerberos_use</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Use kerberos services
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

455
www/api-docs/services_mta.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -25,15 +31,30 @@
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
@ -44,20 +65,236 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: mta</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p>Policy common to all email tranfer agents.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>mta_exec</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_getattr_spool</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_mailserver</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_manage_queue</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_manage_spool</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_read_aliases</b>(
@ -75,7 +312,7 @@
<h5>Description</h5>
<p>
Read mail address aliases.
Read mail address aliases.
</p>
<h5>Parameters</h5>
@ -86,7 +323,171 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_rw_aliases</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_rw_spool</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_send_mail</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>mta_sendmail_mailserver</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -97,6 +498,56 @@ No
</div>
<a href=#top>Return</a>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
<b>mta_per_userdomain_template</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>

217
www/api-docs/services_nis.html Normal file
View File

@ -0,0 +1,217 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: nis</h2><p/>
<h3>Description:</h3>
<p>Policy for NIS (YP) servers and clients</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>nis_list_var_yp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send UDP network traffic to NIS clients.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>nis_udp_sendto_ypbind</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send UDP network traffic to NIS clients.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>nis_use_ypbind</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Use the ypbind service to access NIS services.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

36
www/api-docs/services_remotelogin.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -25,15 +31,30 @@
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
@ -44,15 +65,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: remotelogin</h2><p/>
<h3>Description:</h3>
<p>Policy for rshd, rlogind, and telnetd.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -75,7 +104,7 @@
<h5>Description</h5>
<p>
Domain transition to the remote login domain.
Domain transition to the remote login domain.
</p>
<h5>Parameters</h5>
@ -86,7 +115,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -97,6 +126,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

36
www/api-docs/services_sendmail.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -25,15 +31,30 @@
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
@ -44,15 +65,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: sendmail</h2><p/>
<h3>Description:</h3>
<p>Policy for sendmail.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -75,7 +104,7 @@
<h5>Description</h5>
<p>
Domain transition to sendmail.
Domain transition to sendmail.
</p>
<h5>Parameters</h5>
@ -86,7 +115,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -97,6 +126,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

251
www/api-docs/services_ssh.html Normal file
View File

@ -0,0 +1,251 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: services</h1><p/>
<h2>Module: ssh</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p>Secure shell client and server policy.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>ssh_dontaudit_read_server_keys</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>Read ssh server keys</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
<b>ssh_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The per user domain template for the ssh module.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a derived domains which are used
for ssh client sessions and user ssh agents. A derived
type is also created to protect the user ssh keys.
</p><p>
</p><p>
This template is invoked automatically for each user, and
generally does not need to be invoked directly
by policy writers.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="template">
<div id="codeblock">
<b>ssh_server_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The template to define a ssh server.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a domains to be used for
creating a ssh server. This is typically done
to have multiple ssh servers of different sensitivities,
such as for an internal network-facing ssh server, and
a external network-facing ssh server.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the server domain (e.g., sshd
is the prefix for sshd_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

24
www/api-docs/style.css
View File

@ -124,6 +124,30 @@ a:hover {background-color:#eee;}
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
}
#Template {
margin:5px 0px 25px 5px;
padding:5px 0px 5px 5px;
border-style:solid;
border-color:black;
border-width:1px 1px 1px 1px;
background-color:#fafafa;
font-size:14px;
font-weight:400;
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
}
#Templatesmall {
margin:0px 0px 5px 0px;
padding:5px 0px 0px 5px;
border-style:solid;
border-color:black;
border-width:1px 1px 1px 1px;
background-color:#fafafa;
font-size:14px;
font-weight:400;
text-decoration:none;
font-family:verdana, arial, helvetica, sans-serif;
}
#Description {
margin:0px 0px 0px 5px;
padding:0px 0px 0px 5px;

19
www/api-docs/system.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,6 +107,8 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
@ -114,6 +125,9 @@
</td></tr>
</td></tr>
</td></tr>
@ -147,6 +161,11 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.
Basic filesystem types and interfaces.
</p></td>
<tr><td>
<a href='system_fstools.html'>
fstools</a></td>
<td><p>Tools for filesystem management, such as mkfs and fsck.</p></td>
<tr><td>
<a href='system_getty.html'>
getty</a></td>

576
www/api-docs/system_authlogin.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,26 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: authlogin</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p>Common policy for authentication and user login.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +149,7 @@
<h5>Description</h5>
<p>
Delete pam PID files.
</p>
<h5>Parameters</h5>
@ -140,7 +160,7 @@
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -170,7 +190,7 @@ No
<h5>Description</h5>
<p>
Run unix_chkpwd to check a password.
</p>
<h5>Parameters</h5>
@ -181,7 +201,7 @@ No
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -219,7 +239,7 @@ No
<h5>Description</h5>
<p>
Execute a login_program in the target domain.
Execute a login_program in the target domain.
</p>
<h5>Parameters</h5>
@ -230,7 +250,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -240,7 +260,7 @@ No
target_domain
</td><td>
The type of the login_program process.
The type of the login_program process.
</td><td>
No
@ -270,7 +290,7 @@ No
<h5>Description</h5>
<p>
Execute pam programs in the pam domain.
Execute pam programs in the pam domain.
</p>
<h5>Parameters</h5>
@ -281,7 +301,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_domtrans_pam_console</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -311,7 +372,7 @@ No
<h5>Description</h5>
<p>
Execute utempter programs in the utempter domain.
Execute utempter programs in the utempter domain.
</p>
<h5>Parameters</h5>
@ -322,7 +383,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -363,7 +424,7 @@ No
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -393,7 +454,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read the shadow
password file (/etc/shadow).
</p>
<h5>Parameters</h5>
@ -404,7 +466,7 @@ No
domain
</td><td>
The type of the domain to not audit.
</td><td>
No
@ -424,28 +486,28 @@ No
domain
?
)<br>
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -475,7 +537,7 @@ No
<h5>Description</h5>
<p>
Execute the pam program.
</p>
<h5>Parameters</h5>
@ -486,7 +548,7 @@ No
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -506,28 +568,28 @@ No
domain
?
)<br>
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -557,7 +619,7 @@ No
<h5>Description</h5>
<p>
Use the login program as an entry point program.
</p>
<h5>Parameters</h5>
@ -568,7 +630,7 @@ No
domain
</td><td>
The type of process using the login program as entry point.
</td><td>
No
@ -610,8 +672,8 @@ No
<h5>Description</h5>
<p>
Manage all files on the filesystem, except
the shadow passwords and listed exceptions.
Manage all files on the filesystem, except
the shadow passwords and listed exceptions.
</p>
<h5>Parameters</h5>
@ -622,7 +684,7 @@ No
domain
</td><td>
The type of the domain perfoming this action.
The type of the domain perfoming this action.
</td><td>
No
@ -632,8 +694,8 @@ No
exception_types
</td><td>
The types to be excluded. Each type or attribute
must be negated by the caller.
The types to be excluded. Each type or attribute
must be negated by the caller.
</td><td>
yes
@ -646,6 +708,129 @@ yes
<div id="interface">
<div id="codeblock">
<b>auth_manage_login_records</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_manage_pam_console_data</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_manage_shadow</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_read_login_records</b>(
@ -653,28 +838,110 @@ yes
domain
?
)<br>
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_read_pam_console_data</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_read_pam_pid</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -704,7 +971,7 @@ No
<h5>Description</h5>
<p>
Read the shadow passwords file (/etc/shadow)
</p>
<h5>Parameters</h5>
@ -715,7 +982,7 @@ No
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -757,8 +1024,8 @@ No
<h5>Description</h5>
<p>
Relabel all files on the filesystem, except
the shadow passwords and listed exceptions.
Relabel all files on the filesystem, except
the shadow passwords and listed exceptions.
</p>
<h5>Parameters</h5>
@ -769,7 +1036,7 @@ No
domain
</td><td>
The type of the domain perfoming this action.
The type of the domain perfoming this action.
</td><td>
No
@ -779,8 +1046,8 @@ No
exception_types
</td><td>
The types to be excluded. Each type or attribute
must be negated by the caller.
The types to be excluded. Each type or attribute
must be negated by the caller.
</td><td>
yes
@ -793,6 +1060,47 @@ yes
<div id="interface">
<div id="codeblock">
<b>auth_relabelto_shadow</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_run_pam</b>(
@ -826,7 +1134,7 @@ yes
<h5>Description</h5>
<p>
Execute pam programs in the PAM domain.
Execute pam programs in the PAM domain.
</p>
<h5>Parameters</h5>
@ -837,7 +1145,7 @@ yes
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -847,7 +1155,7 @@ No
role
</td><td>
The role to allow the PAM domain.
The role to allow the PAM domain.
</td><td>
No
@ -857,7 +1165,7 @@ No
terminal
</td><td>
The type of the terminal allow the PAM domain to use.
The type of the terminal allow the PAM domain to use.
</td><td>
No
@ -903,7 +1211,7 @@ No
<h5>Description</h5>
<p>
Execute utempter programs in the utempter domain.
Execute utempter programs in the utempter domain.
</p>
<h5>Parameters</h5>
@ -914,7 +1222,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -924,7 +1232,7 @@ No
role
</td><td>
The role to allow the utempter domain.
The role to allow the utempter domain.
</td><td>
No
@ -934,7 +1242,130 @@ No
terminal
</td><td>
The type of the terminal allow the utempter domain to use.
The type of the terminal allow the utempter domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_rw_faillog</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_rw_lastlog</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_rw_login_records</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -964,7 +1395,7 @@ No
<h5>Description</h5>
<p>
Read and write the shadow password file (/etc/shadow).
</p>
<h5>Parameters</h5>
@ -975,7 +1406,7 @@ No
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -985,7 +1416,14 @@ No
</div>
</div>
<div id="interface">
<a href=#top>Return</a>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
@ -1002,10 +1440,25 @@ No
</div>
<div id="description">
<h5>Summary</h5>
<p>
The per user domain template for the authlogin module.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a derived domain which is allowed
to authenticate users by using PAM unix_chkpwd support.
This domain will be used by any programs running in the
user domain which use PAM to authenticate.
</p><p>
</p><p>
This template is invoked automatically for each user, and
generally does not need to be invoked directly
by policy writers.
</p><p>
</p>
<h5>Parameters</h5>
@ -1016,7 +1469,8 @@ No
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
@ -1027,6 +1481,8 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

36
www/api-docs/system_clock.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: clock</h2><p/>
<h3>Description:</h3>
<p>Policy for reading and setting the hardware clock.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +146,7 @@
<h5>Description</h5>
<p>
Execute hwclock in the clock domain.
Execute hwclock in the clock domain.
</p>
<h5>Parameters</h5>
@ -140,7 +157,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -170,7 +187,7 @@ No
<h5>Description</h5>
<p>
Execute hwclock
Execute hwclock in the caller domain.
</p>
<h5>Parameters</h5>
@ -227,8 +244,8 @@ No
<h5>Description</h5>
<p>
Execute hwclock in the clock domain, and
allow the specified role the hwclock domain.
Execute hwclock in the clock domain, and
allow the specified role the hwclock domain.
</p>
<h5>Parameters</h5>
@ -239,7 +256,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -249,7 +266,7 @@ No
role
</td><td>
The role to be allowed the clock domain.
The role to be allowed the clock domain.
</td><td>
No
@ -259,7 +276,7 @@ No
terminal
</td><td>
The type of the terminal allow the clock domain to use.
The type of the terminal allow the clock domain to use.
</td><td>
No
@ -311,6 +328,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

651
www/api-docs/system_corecommands.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,11 +107,17 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: corecommands</h2><p/>
<h3>Description:</h3>
<p>
@ -110,11 +125,54 @@ Core policy for shells, and generic programs
in /bin, /sbin, /usr/bin, and /usr/sbin.
</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>corecmd_chroot_exec_chroot</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_domtrans_shell</b>(
@ -140,7 +198,7 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.
<h5>Description</h5>
<p>
Execute a shell in the target domain.
Execute a shell in the target domain.
</p>
<h5>Parameters</h5>
@ -151,7 +209,7 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -161,7 +219,581 @@ No
target_domain
</td><td>
The type of the shell process.
The type of the shell process.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_dontaudit_getattr_sbin_file</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_exec_bin</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_exec_ls</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_exec_sbin</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_exec_shell</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_getattr_bin_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of files in bin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_getattr_sbin_file</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_list_bin</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_list_sbin</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_bin_symlink</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in bin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_read_sbin_symlink</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in sbin directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_search_bin</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_search_sbin</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>corecmd_shell_entry_type</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the shell an entrypoint for the specified domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain for which the shell is an entrypoint.
</td><td>
No
@ -199,9 +831,9 @@ No
<h5>Description</h5>
<p>
Execute a shell in the target domain. This
is an explicit transition, requiring the
caller to use setexeccon().
Execute a shell in the target domain. This
is an explicit transition, requiring the
caller to use setexeccon().
</p>
<h5>Parameters</h5>
@ -212,7 +844,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -222,7 +854,7 @@ No
target_domain
</td><td>
The type of the shell process.
The type of the shell process.
</td><td>
No
@ -233,6 +865,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

639
www/api-docs/system_domain.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,20 +107,72 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: domain</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p>Core policy for domains.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>domain_base_domain_type</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_getattr_all_tcp_sockets</b>(
@ -129,8 +190,8 @@
<h5>Description</h5>
<p>
Do not audit attempts to get the attributes
of all domains TCP sockets.
Do not audit attempts to get the attributes
of all domains TCP sockets.
</p>
<h5>Parameters</h5>
@ -141,7 +202,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -171,8 +232,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to get the attributes
of all domains UDP sockets.
Do not audit attempts to get the attributes
of all domains UDP sockets.
</p>
<h5>Parameters</h5>
@ -183,7 +244,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -213,8 +274,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to get the attributes
of all domains unix datagram sockets.
Do not audit attempts to get the attributes
of all domains unix datagram sockets.
</p>
<h5>Parameters</h5>
@ -225,7 +286,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -255,8 +316,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to get the attributes
of all domains unnamed pipes.
Do not audit attempts to get the attributes
of all domains unnamed pipes.
</p>
<h5>Parameters</h5>
@ -267,7 +328,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -297,8 +358,8 @@ No
<h5>Description</h5>
<p>
Do not audit attempts to read the process state
directories of all domains.
Do not audit attempts to read the process state
directories of all domains.
</p>
<h5>Parameters</h5>
@ -309,7 +370,171 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dontaudit_use_wide_inherit_fd</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_dyntrans_type</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_entry_file</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_exec_all_entry_files</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -339,7 +564,7 @@ No
<h5>Description</h5>
<p>
Get the session ID of all domains.
Get the session ID of all domains.
</p>
<h5>Parameters</h5>
@ -350,7 +575,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -380,7 +605,7 @@ No
<h5>Description</h5>
<p>
Send a kill signal to all domains.
Send a kill signal to all domains.
</p>
<h5>Parameters</h5>
@ -391,7 +616,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -421,8 +646,8 @@ No
<h5>Description</h5>
<p>
Makes caller an exception to the constraint preventing
changing the user identity in object contexts.
Makes caller an exception to the constraint preventing
changing the user identity in object contexts.
</p>
<h5>Parameters</h5>
@ -433,7 +658,7 @@ No
domain
</td><td>
The process type to make an exception to the constraint.
The process type to make an exception to the constraint.
</td><td>
No
@ -463,7 +688,7 @@ No
<h5>Description</h5>
<p>
Read the process state (/proc/pid) of all domains.
Read the process state (/proc/pid) of all domains.
</p>
<h5>Parameters</h5>
@ -474,7 +699,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_read_all_entry_files</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -504,8 +770,8 @@ No
<h5>Description</h5>
<p>
Makes caller an exception to the constraint preventing
changing of role.
Makes caller an exception to the constraint preventing
changing of role.
</p>
<h5>Parameters</h5>
@ -516,7 +782,48 @@ No
domain
</td><td>
The process type to make an exception to the constraint.
The process type to make an exception to the constraint.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_setpriority_all_domains</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -546,7 +853,7 @@ No
<h5>Description</h5>
<p>
Send a child terminated signal to all domains.
Send a child terminated signal to all domains.
</p>
<h5>Parameters</h5>
@ -557,7 +864,49 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_sigchld_wide_inherit_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a SIGCHLD signal to domains whose file
discriptors are widely inheritable.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
@ -587,7 +936,7 @@ No
<h5>Description</h5>
<p>
Send general signals to all domains.
Send general signals to all domains.
</p>
<h5>Parameters</h5>
@ -598,7 +947,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -628,7 +977,7 @@ No
<h5>Description</h5>
<p>
Send a null signal to all domains.
Send a null signal to all domains.
</p>
<h5>Parameters</h5>
@ -639,7 +988,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -669,7 +1018,7 @@ No
<h5>Description</h5>
<p>
Send a stop signal to all domains.
Send a stop signal to all domains.
</p>
<h5>Parameters</h5>
@ -680,7 +1029,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -710,8 +1059,8 @@ No
<h5>Description</h5>
<p>
Makes caller an exception to the constraint preventing
changing of user identity.
Makes caller an exception to the constraint preventing
changing of user identity.
</p>
<h5>Parameters</h5>
@ -722,7 +1071,130 @@ No
domain
</td><td>
The process type to make an exception to the constraint.
The process type to make an exception to the constraint.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_type</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_use_wide_inherit_fd</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>domain_wide_inherit_fd</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -733,6 +1205,97 @@ No
</div>
<a href=#top>Return</a>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
<b>domain_auto_trans</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="template">
<div id="codeblock">
<b>domain_trans</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>

2934
www/api-docs/system_files.html
View File

File diff suppressed because it is too large Load Diff

296
www/api-docs/system_fstools.html Normal file
View File

@ -0,0 +1,296 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: fstools</h2><p/>
<h3>Description:</h3>
<p>Tools for filesystem management, such as mkfs and fsck.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>fstools_domtrans</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Execute fs tools in the fstools domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>fstools_exec</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Execute fsadm in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>fstools_run</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description</h5>
<p>
Execute fs tools in the fstools domain, and
allow the specified role the fs tools domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to be allowed the fs tools domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the fs tools domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>

20
www/api-docs/system_getty.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: getty</h2><p/>
<h3>Description:</h3>
<p>Policy for getty.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -274,6 +291,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

38
www/api-docs/system_hostname.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: hostname</h2><p/>
<h3>Description:</h3>
<p>Policy for changing the system host name.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +146,7 @@
<h5>Description</h5>
<p>
Execute hostname in the hostname domain.
Execute hostname in the hostname domain.
</p>
<h5>Parameters</h5>
@ -140,8 +157,8 @@
domain
</td><td>
The type of the process performing this action.
Has a sigchld signal backchannel.
The type of the process performing this action.
Has a sigchld signal backchannel.
</td><td>
No
@ -229,9 +246,9 @@ No
<h5>Description</h5>
<p>
Execute hostname in the hostname domain, and
allow the specified role the hostname domain.
Has a sigchld signal backchannel.
Execute hostname in the hostname domain, and
allow the specified role the hostname domain.
Has a sigchld signal backchannel.
</p>
<h5>Parameters</h5>
@ -242,7 +259,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -252,7 +269,7 @@ No
role
</td><td>
The role to be allowed the hostname domain.
The role to be allowed the hostname domain.
</td><td>
No
@ -262,7 +279,7 @@ No
terminal
</td><td>
The type of the terminal allow the hostname domain to use.
The type of the terminal allow the hostname domain to use.
</td><td>
No
@ -273,6 +290,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

229
www/api-docs/system_hotplug.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,11 +107,17 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: hotplug</h2><p/>
<h3>Description:</h3>
<p>
@ -110,11 +125,177 @@ Policy for hotplug system, for supporting the
connection and disconnection of devices at runtime.
</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>hotplug_domtrans</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hotplug_dontaudit_search_config</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hotplug_dontaudit_use_fd</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hotplug_exec</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hotplug_read_config</b>(
@ -132,7 +313,7 @@ connection and disconnection of devices at runtime.
<h5>Description</h5>
<p>
Read the configuration files for hotplug.
Read the configuration files for hotplug.
</p>
<h5>Parameters</h5>
@ -143,7 +324,48 @@ connection and disconnection of devices at runtime.
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>hotplug_use_fd</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -154,6 +376,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

1102
www/api-docs/system_init.html
View File

File diff suppressed because it is too large Load Diff

38
www/api-docs/system_iptables.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: iptables</h2><p/>
<h3>Description:</h3>
<p>Policy for iptables.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +146,7 @@
<h5>Description</h5>
<p>
Execute iptables in the iptables domain.
Execute iptables in the iptables domain.
</p>
<h5>Parameters</h5>
@ -140,7 +157,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -170,7 +187,7 @@ No
<h5>Description</h5>
<p>
Execute iptables in the caller domain.
Execute iptables in the caller domain.
</p>
<h5>Parameters</h5>
@ -181,7 +198,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -227,8 +244,8 @@ No
<h5>Description</h5>
<p>
Execute iptables in the iptables domain, and
allow the specified role the iptables domain.
Execute iptables in the iptables domain, and
allow the specified role the iptables domain.
</p>
<h5>Parameters</h5>
@ -239,7 +256,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -249,7 +266,7 @@ No
role
</td><td>
The role to be allowed the iptables domain.
The role to be allowed the iptables domain.
</td><td>
No
@ -259,7 +276,7 @@ No
terminal
</td><td>
The type of the terminal allow the iptables domain to use.
The type of the terminal allow the iptables domain to use.
</td><td>
No
@ -270,6 +287,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

160
www/api-docs/system_libraries.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: libraries</h2><p/>
<h3>Description:</h3>
<p>Policy for system libraries.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -126,12 +143,12 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute ldconfig in the ldconfig domain.
Execute ldconfig in the ldconfig domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -140,7 +157,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -167,17 +184,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute the dynamic link/loader in the caller's
domain. This is commonly needed for the
/usr/bin/ldd program. Note: this can be used
to execute any binary that the caller can
read, even if the caller does not have execute
permissions.
Execute the dynamic link/loader in the caller's domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -186,7 +198,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -213,12 +225,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute library scripts in the caller domain.
Execute library scripts in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -227,7 +239,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -254,13 +266,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Use the dynamic link/loader for automatic loading
of shared libraries with legacy support.
Use the dynamic link/loader for automatic loading
of shared libraries with legacy support.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -269,7 +281,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -296,13 +308,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Load and execute functions from shared libraries,
with legacy support.
Load and execute functions from shared libraries,
with legacy support.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -311,7 +323,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -338,13 +350,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read files in the library directories, such
as static libraries.
Read files in the library directories, such
as static libraries.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -353,7 +365,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -396,12 +408,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute ldconfig in the ldconfig domain.
Execute ldconfig in the ldconfig domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -410,7 +422,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -420,7 +432,7 @@ No
role
</td><td>
The role to allow the ldconfig domain.
The role to allow the ldconfig domain.
</td><td>
No
@ -430,7 +442,7 @@ No
terminal
</td><td>
The type of the terminal allow the ldconfig domain to use.
The type of the terminal allow the ldconfig domain to use.
</td><td>
No
@ -457,13 +469,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Modify the dynamic link/loader's cached listing
of shared libraries.
Modify the dynamic link/loader's cached listing
of shared libraries.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -472,7 +484,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>libs_search_lib</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search lib directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -499,13 +552,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Use the dynamic link/loader for automatic loading
of shared libraries.
Use the dynamic link/loader for automatic loading
of shared libraries.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -514,7 +567,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -541,12 +594,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Load and execute functions from shared libraries.
Load and execute functions from shared libraries.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -555,7 +608,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -566,6 +619,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

81
www/api-docs/system_locallogin.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: locallogin</h2><p/>
<h3>Description:</h3>
<p>Policy for local logins.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -126,11 +143,11 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute local logins in the locallogin domain.
</p>
Execute local logins in the local login domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -140,7 +157,48 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>locallogin_signull</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a null signal to local login processes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
Domain allowed access.
</td><td>
No
@ -167,11 +225,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow processes to inherit local login file descriptors
</p>
Allow processes to inherit local login file descriptors
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -181,7 +239,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -192,6 +250,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

520
www/api-docs/system_logging.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,20 +107,438 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: logging</h2><p/>
<h3>Description:</h3>
<p>Policy for the kernel message logger and system logging daemon.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>logging_append_all_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_create_log</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_getattr_all_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_exec_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute all log files in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_log_file</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_manage_all_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_read_all_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_read_generic_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_rw_generic_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_rw_log_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the generic log directory (/var/log).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_search_logs</b>(
@ -129,9 +556,9 @@
<h5>Description</h5>
<p>
Allows the domain to open a file in the
log directory, but does not allow the listing
of the contents of the log directory.
Allows the domain to open a file in the
log directory, but does not allow the listing
of the contents of the log directory.
</p>
<h5>Parameters</h5>
@ -142,7 +569,89 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_send_syslog_msg</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>logging_write_generic_logs</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
@ -153,6 +662,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

36
www/api-docs/system_lvm.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: lvm</h2><p/>
<h3>Description:</h3>
<p>Policy for logical volume management programs.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +146,7 @@
<h5>Description</h5>
<p>
Execute lvm programs in the lvm domain.
Execute lvm programs in the lvm domain.
</p>
<h5>Parameters</h5>
@ -140,7 +157,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -170,7 +187,7 @@ No
<h5>Description</h5>
<p>
Read LVM configuration files.
Read LVM configuration files.
</p>
<h5>Parameters</h5>
@ -181,7 +198,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -227,7 +244,7 @@ No
<h5>Description</h5>
<p>
Execute lvm programs in the lvm domain.
Execute lvm programs in the lvm domain.
</p>
<h5>Parameters</h5>
@ -238,7 +255,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -248,7 +265,7 @@ No
role
</td><td>
The role to allow the LVM domain.
The role to allow the LVM domain.
</td><td>
No
@ -258,7 +275,7 @@ No
terminal
</td><td>
The type of the terminal allow the LVM domain to use.
The type of the terminal allow the LVM domain to use.
</td><td>
No
@ -269,6 +286,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

20
www/api-docs/system_miscfiles.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: miscfiles</h2><p/>
<h3>Description:</h3>
<p>Miscelaneous files.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -316,6 +333,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

198
www/api-docs/system_modutils.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: modutils</h2><p/>
<h3>Description:</h3>
<p>Policy for kernel module utilities</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +146,7 @@
<h5>Description</h5>
<p>
Execute depmod in the depmod domain.
Execute depmod in the depmod domain.
</p>
<h5>Parameters</h5>
@ -140,7 +157,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -170,8 +187,7 @@ No
<h5>Description</h5>
<p>
Execute insmod in the insmod domain. Has a
sigchld backchannel.
Execute insmod in the insmod domain.
</p>
<h5>Parameters</h5>
@ -182,7 +198,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -212,7 +228,7 @@ No
<h5>Description</h5>
<p>
Execute depmod in the depmod domain.
Execute depmod in the depmod domain.
</p>
<h5>Parameters</h5>
@ -223,7 +239,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -238,7 +254,130 @@ No
<div id="codeblock">
<b>modutils_read_kernel_module_dependencies</b>(
<b>modutils_exec_depmod</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_exec_insmod</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_exec_update_mods</b>(
?
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Summary is missing!
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
?
</td><td>
Parameter descriptions are missing!
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>modutils_read_mods_deps</b>(
@ -253,7 +392,7 @@ No
<h5>Description</h5>
<p>
Read the dependencies of kernel modules.
Read the dependencies of kernel modules.
</p>
<h5>Parameters</h5>
@ -264,7 +403,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -294,8 +433,8 @@ No
<h5>Description</h5>
<p>
Read the configuration options used when
loading modules.
Read the configuration options used when
loading modules.
</p>
<h5>Parameters</h5>
@ -306,7 +445,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -352,7 +491,7 @@ No
<h5>Description</h5>
<p>
Execute depmod in the depmod domain.
Execute depmod in the depmod domain.
</p>
<h5>Parameters</h5>
@ -363,7 +502,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -373,7 +512,7 @@ No
role
</td><td>
The role to be allowed the depmod domain.
The role to be allowed the depmod domain.
</td><td>
No
@ -383,7 +522,7 @@ No
terminal
</td><td>
The type of the terminal allow the depmod domain to use.
The type of the terminal allow the depmod domain to use.
</td><td>
No
@ -429,10 +568,10 @@ No
<h5>Description</h5>
<p>
Execute insmod in the insmod domain, and
allow the specified role the insmod domain,
and use the caller's terminal. Has a sigchld
backchannel.
Execute insmod in the insmod domain, and
allow the specified role the insmod domain,
and use the caller's terminal. Has a sigchld
backchannel.
</p>
<h5>Parameters</h5>
@ -443,7 +582,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -453,7 +592,7 @@ No
role
</td><td>
The role to be allowed the insmod domain.
The role to be allowed the insmod domain.
</td><td>
No
@ -463,7 +602,7 @@ No
terminal
</td><td>
The type of the terminal allow the insmod domain to use.
The type of the terminal allow the insmod domain to use.
</td><td>
No
@ -509,7 +648,7 @@ No
<h5>Description</h5>
<p>
Execute update_modules in the update_modules domain.
Execute update_modules in the update_modules domain.
</p>
<h5>Parameters</h5>
@ -520,7 +659,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -530,7 +669,7 @@ No
role
</td><td>
The role to be allowed the update_modules domain.
The role to be allowed the update_modules domain.
</td><td>
No
@ -540,7 +679,7 @@ No
terminal
</td><td>
The type of the terminal allow the update_modules domain to use.
The type of the terminal allow the update_modules domain to use.
</td><td>
No
@ -551,6 +690,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

36
www/api-docs/system_mount.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: mount</h2><p/>
<h3>Description:</h3>
<p>Policy for mount.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -129,7 +146,7 @@
<h5>Description</h5>
<p>
Execute mount in the mount domain.
Execute mount in the mount domain.
</p>
<h5>Parameters</h5>
@ -140,7 +157,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -186,9 +203,9 @@ No
<h5>Description</h5>
<p>
Execute mount in the mount domain, and
allow the specified role the mount domain,
and use the caller's terminal.
Execute mount in the mount domain, and
allow the specified role the mount domain,
and use the caller's terminal.
</p>
<h5>Parameters</h5>
@ -199,7 +216,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -209,7 +226,7 @@ No
role
</td><td>
The role to be allowed the mount domain.
The role to be allowed the mount domain.
</td><td>
No
@ -219,7 +236,7 @@ No
terminal
</td><td>
The type of the terminal allow the mount domain to use.
The type of the terminal allow the mount domain to use.
</td><td>
No
@ -313,6 +330,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

870
www/api-docs/system_selinuxutil.html
View File

File diff suppressed because it is too large Load Diff

374
www/api-docs/system_sysnetwork.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: sysnetwork</h2><p/>
<h3>Description:</h3>
<p>Policy for network configuration: ifconfig and dhcp client.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -170,7 +187,7 @@ No
<h5>Description</h5>
<p>
Execute ifconfig in the ifconfig domain.
Execute ifconfig in the ifconfig domain.
</p>
<h5>Parameters</h5>
@ -181,7 +198,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_kill_dhcpc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a kill signal to the dhcp client.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain sending the SIGKILL.
</td><td>
No
@ -208,11 +266,11 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Allow network init to read network config files.
</p>
Allow network init to read network config files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
@ -222,7 +280,89 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_read_dhcpc_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the dhcp client pid file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_read_dhcpc_state</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read dhcp client state files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain allowed access.
</td><td>
No
@ -268,9 +408,9 @@ No
<h5>Description</h5>
<p>
Execute ifconfig in the ifconfig domain, and
allow the specified role the ifconfig domain,
and use the caller's terminal.
Execute ifconfig in the ifconfig domain, and
allow the specified role the ifconfig domain,
and use the caller's terminal.
</p>
<h5>Parameters</h5>
@ -281,7 +421,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -291,7 +431,7 @@ No
role
</td><td>
The role to be allowed the ifconfig domain.
The role to be allowed the ifconfig domain.
</td><td>
No
@ -301,7 +441,212 @@ No
terminal
</td><td>
The type of the terminal allow the ifconfig domain to use.
The type of the terminal allow the ifconfig domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_rw_dhcp_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write dhcp configuration files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain allowed access.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_sigchld_dhcpc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a SIGCHLD signal to the dhcp client.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain sending the SIGCHLD.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_signal_dhcpc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a generic signal to the dhcp client.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain sending the signal.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_signull_dhcpc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a null signal to the dhcp client.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain sending the null signal.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>sysnet_sigstop_dhcpc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send a SIGSTOP signal to the dhcp client.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The domain sending the SIGSTOP.
</td><td>
No
@ -312,6 +657,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

20
www/api-docs/system_udev.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,23 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: udev</h2><p/>
<h3>Description:</h3>
<p>Policy for udev.</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -233,6 +250,9 @@ No
</div>
<a href=#top>Return</a>
</div>
</body>

690
www/api-docs/system_userdomain.html
View File

@ -15,6 +15,12 @@
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
@ -46,6 +52,9 @@
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
@ -98,15 +107,26 @@
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: userdomain</h2><p/>
<a href=#interfaces>Interfaces</a>
<a href=#templates>Templates</a>
<h3>Description:</h3>
<p>Policy for user domains</p>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<div id="interface">
@ -126,12 +146,12 @@
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Do not audit attempts to use admin ttys and ptys.
Do not audit attempts to use admin ttys and ptys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -140,7 +160,7 @@
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -167,13 +187,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Do not audit attempts to inherit the
file descriptors from all user domains.
Do not audit attempts to inherit the
file descriptors from all user domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -182,7 +202,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -197,7 +217,7 @@ No
<div id="codeblock">
<b>userdom_read_all_user_data</b>(
<b>userdom_dontaudit_use_unpriv_user_tty</b>(
@ -209,12 +229,13 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read all files in all users home directories.
Do not audit attempts to use unprivileged
user ttys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -223,7 +244,171 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_read_all_user_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all files in all users home directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_read_staff_home_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in the staff users home directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_read_sysadm_home_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in the sysadm users home directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_rw_sysadm_pipe</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write sysadm user unnamed pipes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -250,12 +435,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Search all users home directories.
Search all users home directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -264,7 +449,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -291,12 +476,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute a shell in the sysadm domain.
Execute a shell in the sysadm domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -305,7 +490,7 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
@ -332,12 +517,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Send general signals to all user domains.
Send general signals to all user domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -346,7 +531,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_signal_unpriv_users</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send general signals to unprivileged user domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -373,14 +599,14 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Execute a shell in all user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
Execute a shell in all user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -389,7 +615,50 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_spec_domtrans_unpriv_users</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute a shell in all unprivileged user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -416,12 +685,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Inherit the file descriptors from all user domains
Inherit the file descriptors from all user domains
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -430,7 +699,89 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_use_sysadm_fd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Inherit and use sysadm file descriptors
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_use_sysadm_pty</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write sysadm ptys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -457,13 +808,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Read and write administrative users
physical and pseudo terminals.
Read and write sysadm ttys and ptys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -472,7 +822,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_use_sysadm_tty</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write sysadm ttys.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -499,12 +890,12 @@ No
</div>
<div id="description">
<h5>Description</h5>
<h5>Summary</h5>
<p>
Inherit the file descriptors from all user domains.
Inherit the file descriptors from unprivileged user domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
@ -513,7 +904,48 @@ No
domain
</td><td>
The type of the process performing this action.
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>userdom_write_unpriv_user_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write all unprivileged users files in /tmp
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
@ -524,6 +956,174 @@ No
</div>
<a href=#top>Return</a>
<a name="templates"></a>
<h3>Templates: </h3>
<div id="template">
<div id="codeblock">
<b>admin_user_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The template for creating an administrative user.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a user domain, types, and
rules for the user's tty, pty, home directories,
tmp, and tmpfs files.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., sysadm
is the prefix for sysadm_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="template">
<div id="codeblock">
<b>base_user_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The template containing rules common to unprivileged
users and administrative users.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a user domain, types, and
rules for the user's tty, pty, home directories,
tmp, and tmpfs files.
</p><p>
</p><p>
This generally should not be used, rather the
unpriv_user_template or admin_user_template should
be used.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<div id="template">
<div id="codeblock">
<b>unpriv_user_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
The template for creating a unprivileged user.
</p>
<h5>Description</h5>
<p>
</p><p>
This template creates a user domain, types, and
rules for the user's tty, pty, home directories,
tmp, and tmpfs files.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
The prefix of the user domain (e.g., user
is the prefix for user_t).
</td><td>
No
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>

503
www/api-docs/templates.html Normal file
View File

@ -0,0 +1,503 @@
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_consoletype.html'>
consoletype</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_dmesg.html'>
dmesg</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_logrotate.html'>
logrotate</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_netutils.html'>
netutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_rpm.html'>
rpm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='admin_usermanage.html'>
usermanage</a><br/>
</div>
<a href="apps.html">+&nbsp;
apps</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='apps_gpg.html'>
gpg</a><br/>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_bootloader.html'>
bootloader</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_corenetwork.html'>
corenetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_devices.html'>
devices</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_filesystem.html'>
filesystem</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_kernel.html'>
kernel</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_selinux.html'>
selinux</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_storage.html'>
storage</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='kernel_terminal.html'>
terminal</a><br/>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_cron.html'>
cron</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_inetd.html'>
inetd</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_kerberos.html'>
kerberos</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_mta.html'>
mta</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_nis.html'>
nis</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_remotelogin.html'>
remotelogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_sendmail.html'>
sendmail</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='services_ssh.html'>
ssh</a><br/>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_fstools.html'>
fstools</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
<br/><p/>
<a href="templates.html">*&nbsp;Template Index</a>
</div>
<div id="Content">
<h3>Master template index:</h3>
<div id="templatesmall">
Module: <a href='system_userdomain.html'>
userdomain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
<div id="codeblock">
<b>admin_user_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The template for creating an administrative user.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='system_authlogin.html'>
authlogin</a><p/>
Layer: <a href='system.html'>
system</a><p/>
<div id="codeblock">
<b>authlogin_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The per user domain template for the authlogin module.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='system_userdomain.html'>
userdomain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
<div id="codeblock">
<b>base_user_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The template containing rules common to unprivileged
users and administrative users.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='services_cron.html'>
cron</a><p/>
Layer: <a href='services.html'>
services</a><p/>
<div id="codeblock">
<b>cron_admin_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The administrative functions template for the cron module.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='services_cron.html'>
cron</a><p/>
Layer: <a href='services.html'>
services</a><p/>
<div id="codeblock">
<b>cron_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The per user domain template for the cron module.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='system_domain.html'>
domain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
<div id="codeblock">
<b>domain_auto_trans</b>(
?
)<br>
</div>
<div id="description">
<p>
Summary is missing!
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='system_domain.html'>
domain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
<div id="codeblock">
<b>domain_trans</b>(
?
)<br>
</div>
<div id="description">
<p>
Summary is missing!
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='apps_gpg.html'>
gpg</a><p/>
Layer: <a href='apps.html'>
apps</a><p/>
<div id="codeblock">
<b>gpg_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The per user domain template for the gpg module.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='services_mta.html'>
mta</a><p/>
Layer: <a href='services.html'>
services</a><p/>
<div id="codeblock">
<b>mta_per_userdomain_template</b>(
?
)<br>
</div>
<div id="description">
<p>
Summary is missing!
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='services_ssh.html'>
ssh</a><p/>
Layer: <a href='services.html'>
services</a><p/>
<div id="codeblock">
<b>ssh_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The per user domain template for the ssh module.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='services_ssh.html'>
ssh</a><p/>
Layer: <a href='services.html'>
services</a><p/>
<div id="codeblock">
<b>ssh_server_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The template to define a ssh server.
</p>
</div>
</div>
<div id="templatesmall">
Module: <a href='system_userdomain.html'>
userdomain</a><p/>
Layer: <a href='system.html'>
system</a><p/>
<div id="codeblock">
<b>unpriv_user_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<p>
The template for creating a unprivileged user.
</p>
</div>
</div>
</div>
</body>
</html>