# # This file contains a listing of available modules. # To prevent a module from being used in policy # creation, set the module name to "off". # # For monolithic policies, modules set to "base" and "module" # will be built into the policy. # # For modular policies, modules set to "base" will be # included in the base module. "module" will be compiled # as individual loadable modules. # # Layer: kernel # Module: terminal # Required in base # # Policy for terminals. # terminal = base # Layer: kernel # Module: kernel # Required in base # # Policy for kernel threads, proc filesystem,and unlabeled processes and objects. # kernel = base # Layer: kernel # Module: filesystem # Required in base # # Policy for filesystems. # filesystem = base # Layer: kernel # Module: devices # Required in base # # Device nodes and interfaces for many basic system devices. # devices = base # Layer: kernel # Module: corenetwork # Required in base # # Policy controlling access to network objects # corenetwork = base # Layer: kernel # Module: mls # Required in base # # Multilevel security policy # mls = base # Layer: kernel # Module: mcs # Required in base # # MultiCategory security policy # mcs = base # Layer: kernel # Module: selinux # Required in base # # Policy for kernel security interface, in particular, selinuxfs. # selinux = base # Layer: kernel # Module: files # Required in base # # Basic filesystem types and interfaces. # files = base # Layer: kernel # Module: domain # Required in base # # Core policy for domains. # domain = base # Layer: kernel # Module: corecommands # Required in base # # Core policy for shells, and generic programs # in /bin, /sbin, /usr/bin, and /usr/sbin. # corecommands = base # Layer: admin # Module: acct # # Berkeley process accounting # acct = base # Layer: admin # Module: usermanage # # Policy for managing user accounts. # usermanage = base # Layer: admin # Module: rpm # # Policy for the RPM package manager. # rpm = base # Layer: admin # Module: readahead # # Readahead, read files into page cache for improved performance # readahead = base # Layer: apps # Module: alsa # # alsa - Configure sound # alsa = base # Layer: admin # Module: kudzu # # Hardware detection and configuration tools # kudzu = base # Layer: admin # Module: updfstab # # Red Hat utility to change /etc/fstab. # updfstab = base # Layer: admin # Module: netutils # # Network analysis utilities # netutils = base # Layer: admin # Module: vpn # # Virtual Private Networking client # vpn = base # Layer: admin # Module: su # # Run shells with substitute user and group # su = base # Layer: admin # Module: dmesg # # Policy for dmesg. # dmesg = base # Layer: admin # Module: anaconda # # Policy for the Anaconda installer. # anaconda = base # Layer: admin # Module: amanda # # Automated backup program. # amanda = base # Layer: admin # Module: logrotate # # Rotate and archive system logs # logrotate = base # Layer: admin # Module: quota # # File system quota management # quota = base # Layer: admin # Module: consoletype # # Determine of the console connected to the controlling terminal. # consoletype = base # Layer: admin # Module: sudo # # Execute a command with a substitute user # sudo = base # Layer: admin # Module: firstboot # # Final system configuration run during the first boot # after installation of Red Hat/Fedora systems. # firstboot = base # Layer: admin # Module: certwatch # # Digital Certificate Tracking # certwatch = base # Layer: admin # Module: tmpreaper # # Manage temporary directory sizes and file ages # tmpreaper = base # Layer: admin # Module: dmidecode # # Decode DMI data for x86/ia64 bioses. # dmidecode = base # Layer: apps # Module: gpg # # Policy for GNU Privacy Guard and related programs. # gpg = base # Layer: apps # Module: loadkeys # # Load keyboard mappings. # loadkeys = base # Layer: apps # Module: webalizer # # Web server log analysis # webalizer = base # Layer: kernel # Module: bootloader # # Policy for the kernel modules, kernel image, and bootloader. # bootloader = base # Layer: kernel # Module: storage # # Policy controlling access to storage devices # storage = base # Layer: services # Module: nis # # Policy for NIS (YP) servers and clients # nis = base # Layer: services # Module: distcc # # Distributed compiler daemon # distcc = off # Layer: services # Module: rshd # # Remote shell service. # rshd = base # Layer: services # Module: cpucontrol # # Services for loading CPU microcode and CPU frequency scaling. # cpucontrol = base # Layer: services # Module: vbetool # # run real-mode video BIOS code to alter hardware state # vbetool = base # Layer: services # Module: bind # # Berkeley internet name domain DNS server. # bind = base # Layer: services # Module: canna # # Canna - kana-kanji conversion server # canna = base # Layer: services # Module: uucp # # Unix to Unix Copy # uucp = base # Layer: services # Module: sasl # # SASL authentication server # sasl = base # Layer: services # Module: pegasus # # The Open Group Pegasus CIM/WBEM Server. # pegasus = base # Layer: services # Module: cron # # Periodic execution of scheduled commands. # cron = base # Layer: services # Module: sendmail # # Policy for sendmail. # sendmail = base # Layer: services # Module: samba # # SMB and CIFS client/server programs for UNIX and # name Service Switch daemon for resolving names # from Windows NT servers. # samba = base # Layer: services # Module: dbus # # Desktop messaging bus # dbus = base # Layer: services # Module: howl # # Port of Apple Rendezvous multicast DNS # howl = base # Layer: services # Module: postgresql # # PostgreSQL relational database # postgresql = base # Layer: services # Module: snmp # # Simple network management protocol services # snmp = base # Layer: services # Module: remotelogin # # Policy for rshd, rlogind, and telnetd. # remotelogin = base # Layer: services # Module: telnet # # Telnet daemon # telnet = base # Layer: services # Module: irqbalance # # IRQ balancing daemon # irqbalance = base # Layer: services # Module: mailman # # Mailman is for managing electronic mail discussion and e-newsletter lists # mailman = base # Layer: services # Module: dbskk # # Dictionary server for the SKK Japanese input method system. # dbskk = base # Layer: services # Module: ldap # # OpenLDAP directory server # ldap = base # Layer: services # Module: tftp # # Trivial file transfer protocol daemon # tftp = base # Layer: services # Module: portmap # # RPC port mapping service. # portmap = base # Layer: services # Module: arpwatch # # Ethernet activity monitor. # arpwatch = base # Layer: services # Module: dovecot # # Dovecot POP and IMAP mail server # dovecot = base # Layer: services # Module: cups # # Common UNIX printing system # cups = base # Layer: services # Module: networkmanager # # Manager for dynamically switching between networks. # networkmanager = base # Layer: services # Module: inn # # Internet News NNTP server # inn = base # Layer: services # Module: sysstat # # Policy for sysstat. Reports on various system states # sysstat = base # Layer: services # Module: comsat # # Comsat, a biff server. # comsat = base # Layer: services # Module: squid # # Squid caching http proxy server # squid = base # Layer: services # Module: zebra # # Zebra border gateway protocol network routing service # zebra = base # Layer: services # Module: xfs # # X Windows Font Server # xfs = off # Layer: services # Module: ktalk # # KDE Talk daemon # ktalk = base # Layer: services # Module: procmail # # Procmail mail delivery agent # procmail = base # Layer: services # Module: lpd # # Line printer daemon # lpd = base # Layer: services # Module: cyrus # # Cyrus is an IMAP service intended to be run on sealed servers # cyrus = base # Layer: services # Module: rdisc # # Network router discovery daemon # rdisc = base # Layer: services # Module: xserver # # X windows login display manager # xserver = base # Layer: services # Module: nscd # # Name service cache daemon # nscd = base # Layer: services # Module: ppp # # Point to Point Protocol daemon creates links in ppp networks # ppp = base # Layer: services # Module: ftp # # File transfer protocol service # ftp = base # Layer: services # Module: gpm # # General Purpose Mouse driver # gpm = base # Layer: services # Module: mta # # Policy common to all email tranfer agents. # mta = base # Layer: services # Module: postfix # # Postfix email server # postfix = base # Layer: services # Module: fetchmail # # Remote-mail retrieval and forwarding utility # fetchmail = base # Layer: services # Module: ntp # # Network time protocol daemon # ntp = base # Layer: services # Module: bluetooth # # Bluetooth tools and system services. # bluetooth = base # Layer: services # Module: hal # # Hardware abstraction layer # hal = base # Layer: services # Module: avahi # # mDNS/DNS-SD daemon implementing Apple ZeroConf architecture # avahi = base # Layer: services # Module: rpc # # Remote Procedure Call Daemon for managment of network based process communication # rpc = base # Layer: services # Module: apache # # Apache web server # apache = base # Layer: services # Module: rsync # # Fast incremental file transfer for synchronization # rsync = base # Layer: services # Module: automount # # Filesystem automounter service. # automount = base # Layer: services # Module: kerberos # # MIT Kerberos admin and KDC # kerberos = base # Layer: services # Module: dhcp # # Dynamic host configuration protocol (DHCP) server # dhcp = base # Layer: services # Module: ssh # # Secure shell client and server policy. # ssh = base # Layer: services # Module: inetd # # Internet services daemon. # inetd = base # Layer: services # Module: mysql # # Policy for MySQL # mysql = base # Layer: services # Module: dictd # # Dictionary daemon # dictd = base # Layer: services # Module: finger # # Finger user information service. # finger = base # Layer: services # Module: radius # # RADIUS authentication and accounting server. # radius = base # Layer: services # Module: spamassassin # # Filter used for removing unsolicited email. # spamassassin = base # Layer: services # Module: radvd # # IPv6 router advertisement daemon # radvd = base # Layer: services # Module: apm # # Advanced power management daemon # apm = base # Layer: system # Module: application # Required in base # # Defines attributs and interfaces for all user applications # application = base # Layer: services # Module: tcpd # # Policy for TCP daemon. # tcpd = base # Layer: services # Module: stunnel # # SSL Tunneling Proxy # stunnel = base # Layer: services # Module: privoxy # # Privacy enhancing web proxy. # privoxy = base # Layer: services # Module: cvs # # Concurrent versions system # cvs = base # Layer: services # Module: rlogin # # Remote login daemon # rlogin = base # Layer: system # Module: application # Required in base # # Defines attributs and interfaces for all user applications # application = base # Layer: system # Module: fstools # # Tools for filesystem management, such as mkfs and fsck. # fstools = base # Layer: system # Module: logging # # Policy for the kernel message logger and system logging daemon. # logging = base # Layer: system # Module: hostname # # Policy for changing the system host name. # hostname = base # Layer: system # Module: getty # # Policy for getty. # getty = base # Layer: system # Module: lvm # # Policy for logical volume management programs. # lvm = base # Layer: system # Module: sysnetwork # # Policy for network configuration: ifconfig and dhcp client. # sysnetwork = base # Layer: system # Module: init # # System initialization programs (init and init scripts). # init = base # Layer: system # Module: selinuxutil # # Policy for SELinux policy and userland applications. # selinuxutil = base # Layer: system # Module: udev # # Policy for udev. # udev = base # Layer: system # Module: pcmcia # # PCMCIA card management services # pcmcia = base # Layer: system # Module: authlogin # # Common policy for authentication and user login. # authlogin = base # Layer: system # Module: libraries # # Policy for system libraries. # libraries = base # Layer: system # Module: raid # # RAID array management tools # raid = base # Layer: system # Module: userdomain # # Policy for user domains # userdomain = base # Layer: system # Module: modutils # # Policy for kernel module utilities # modutils = base # Layer: system # Module: hotplug # # Policy for hotplug system, for supporting the # connection and disconnection of devices at runtime. # hotplug = base # Layer: system # Module: clock # # Policy for reading and setting the hardware clock. # clock = base # Layer: system # Module: locallogin # # Policy for local logins. # locallogin = base # Layer: system # Module: iptables # # Policy for iptables. # iptables = base # Layer: system # Module: mount # # Policy for mount. # mount = base # Layer: system # Module: unconfined # # The unconfined domain. # unconfined = off # Layer: system # Module: miscfiles # # Miscelaneous files. # miscfiles = base # Layer: system # Module: ipsec # # TCP/IP encryption # ipsec = base # Layer: apps # Module: java # # java executable # java = module # Layer: services # Module: prelink # # prelink executable # prelink = base # Layer: apps # Module: slocate # # locate executable # slocate = base # Layer: services # Module: logwatch # # logwatch executable # logwatch = base # Layer: system # Module: setrans # Required in base # # Policy for setrans # setrans = base # Layer: services # Module: openvpn # # Policy for OPENVPN full-featured SSL VPN solution # openvpn = base # Layer: services # Module: smartmon # # Smart disk monitoring daemon policy # smartmon = base # Layer: system # Module: netlabel # Required in base # # Basic netlabel types and interfaces. # netlabel = base # Layer: services # Module: aide # # Policy for aide # aide = base # Layer: service # Module: pcscd # # PC/SC Smart Card Daemon # pcscd = module # Layer: service # Module: openct # # Middleware framework for smart card terminals # openct = module # Layer: system # Module: tzdata # # Policy for tzdata-update # tzdata = base # Layer: admin # Module: amtu # # Abstract Machine Test Utility (AMTU) # amtu = module # Layer: services # Module: prelude # # # prelude = module # Layer: role # Module: secadm # # Root role used to manage selinux # secadm = module # Layer: role # Module: auditadm # # Root role used to manage audit system # auditadm = module # Layer:role # Module: staff # # admin account # staff = base # Layer:role # Module: sysadm # # System Administrator # sysadm = base # Layer: role # Module: unprivuser # # user account # unprivuser = base # Layer: role # Module: guest # # Minimally privs guest account on tty logins # guest = module # Layer: role # Module: xguest # # Minimally privs guest account on X Windows logins # xguest = module # Layer: services # Module: courier # # IMAP and POP3 email servers # courier = module # Layer: services # Module: rpcbind # # universal addresses to RPC program number mapper # rpcbind = module # Layer: services # Module: xserver # # X windows login display manager # xserver = module # Layer: apps # Module: wm # # X windows window manager # wm = module