Policy for the kernel modules, kernel image, and bootloader.
Install a kernel into the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Install a system.map into the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Read and write the bootloader temporary data in /tmp.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Delete a kernel from /boot.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Delete a system.map in the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Execute bootloader in the bootloader domain.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Do not audit attempts to get attributes of the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | Domain to not audit. | No |
Do not audit attempts to search the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Summary is missing!
Parameter: | Description: | Optional: |
---|---|---|
? | Parameter descriptions are missing! | No |
Get attributes of the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | Domain to not audit. | No |
Get the attributes of kernel module files.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
List the contents of the kernel module directories.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Create, read, write, and delete kernel module files.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Read the bootloader configuration file.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Read kernel module files.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Read system.map in the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Execute bootloader interactively and do a domain transition to the bootloader domain.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
role | The role to be allowed the bootloader domain. | No |
terminal | The type of the terminal allow the bootloader domain to use. | No |
Read and write symbolic links in the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Read and write the bootloader configuration file.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Read and write the bootloader temporary data in /tmp.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Search the /boot directory.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Search the contents of the kernel module directories.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |
Write kernel module files.
Parameter: | Description: | Optional: |
---|---|---|
domain | The type of the process performing this action. | No |