Layer: system

Module: userdomain

Interfaces Templates

Description:

Policy for user domains

Interfaces:

userdom_create_generic_user_home( domain , [ object_class ] )
Summary

Create objects in generic user home directories with automatic file type transition.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
object_class The class of the object to be created. If not specified, file is used. yes
userdom_create_generic_user_home_dir( domain )
Summary

Create generic user home directories with automatic file type transition.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_create_sysadm_home( domain , [ object_class ] )
Summary

Create objects in sysadm home directories with automatic file type transition.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
object_class The class of the object to be created. If not specified, file is used. yes
userdom_dbus_send_all_users( domain )
Summary

Send a dbus message to all user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_dontaudit_getattr_sysadm_home_dir( domain )
Summary

Do not audit attempts to get the attributes of the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_getattr_sysadm_tty( domain )
Summary

Do not audit attepts to get the attributes of sysadm ttys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_dontaudit_list_sysadm_home_dir( domain )
Summary

Do not audit attempts to list the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_search_all_users_home( domain )
Summary

Do not audit attempts to search all users home directories.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_search_staff_home_dir( domain )
Summary

Do not audit attempts to search the staff users home directory.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_search_sysadm_home_dir( domain )
Summary

Do not audit attempts to search the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_search_user_home_dirs( domain )
Summary

Don't audit search on the user home subdirectory.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_dontaudit_use_all_user_fd( domain )
Summary

Do not audit attempts to inherit the file descriptors from any user domains.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_use_sysadm_pty( domain )
Summary

Dont audit attempts to read and write sysadm ptys.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_use_sysadm_terms( domain )
Summary

Do not audit attempts to use sysadm ttys and ptys.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_use_sysadm_tty( domain )
Summary

Do not audit attempts to use sysadm ttys.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_use_unpriv_user_fd( domain )
Summary

Do not audit attempts to inherit the file descriptors from all user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_dontaudit_use_unpriv_user_pty( domain )
Summary

Do not audit attempts to use unprivileged user ptys.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_dontaudit_use_unpriv_user_tty( domain )
Summary

Do not audit attempts to use unprivileged user ttys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_getattr_all_userdomains( domain )
Summary

Get the attributes of all user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_getattr_sysadm_home_dir( domain )
Summary

Get the attributes of the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_list_sysadm_home_dir( domain )
Summary

List the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_list_unpriv_user_tmp( domain )
Summary

Read all unprivileged users temporary directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_all_user_dirs( domain )
Summary

Create, read, write, and delete all directories in all users home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_all_user_files( domain )
Summary

Create, read, write, and delete all files in all users home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_all_user_symlinks( domain )
Summary

Create, read, write, and delete all symlinks in all users home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_generic_user_home_dir( domain )
Summary

Create, read, write, and delete generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_generic_user_home_dirs( domain )
Summary

Create, read, write, and delete subdirectories of generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_generic_user_home_files( domain )
Summary

Create, read, write, and delete files in generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_generic_user_home_pipes( domain )
Summary

Create, read, write, and delete named pipes in generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_generic_user_home_sockets( domain )
Summary

Create, read, write, and delete named sockets in generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_manage_generic_user_home_symlinks( domain )
Summary

Create, read, write, and delete symbolic links in generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_priveleged_home_dir_manager( domain )
Summary

Make the specified domain a privileged home directory manager.

Description

Make the specified domain a privileged home directory manager. This domain will be able to manage the contents of all users general home directory content, and create files with the correct context.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_all_user_files( domain )
Summary

Read all files in all users home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_all_userdomains_state( domain )
Summary

Read the process state of all user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_staff_home_files( domain )
Summary

Read files in the staff users home directory.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_sysadm_home_files( domain )
Summary

Read files in the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_unpriv_user_home_files( domain )
Summary

Read all unprivileged users home directory files.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_unpriv_user_tmp_files( domain )
Summary

Read all unprivileged users temporary files.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_read_unpriv_user_tmp_symlinks( domain )
Summary

Read all unprivileged users temporary symbolic links.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_rw_sysadm_pipe( domain )
Summary

Read and write sysadm user unnamed pipes.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_search_all_users_home( domain )
Summary

Search all users home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_search_generic_user_home_dir( domain )
Summary

Search generic user home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_search_staff_home_dir( domain )
Summary

Search the staff users home directory.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_search_sysadm_home_dir( domain )
Summary

Search the sysadm users home directory.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_search_sysadm_home_subdirs( domain )
Summary

Search the sysadm users home sub directories.

Parameters
Parameter:Description:Optional:
domain Domain to not audit. No
userdom_search_unpriv_user_home_dirs( domain )
Summary

Search all unprivileged users home directories.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_setattr_unpriv_user_pty( domain )
Summary

Set the attributes of user ptys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_shell_domtrans_sysadm( domain )
Summary

Execute a shell in the sysadm domain.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_sigchld_all_users( domain )
Summary

Send a SIGCHLD signal to all user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_sigchld_sysadm( domain )
Summary

Send a SIGCHLD signal to sysadm users.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_signal_all_users( domain )
Summary

Send general signals to all user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_signal_unpriv_users( domain )
Summary

Send general signals to unprivileged user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_spec_domtrans_all_users( domain )
Summary

Execute a shell in all user domains. This is an explicit transition, requiring the caller to use setexeccon().

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_spec_domtrans_unpriv_users( domain )
Summary

Execute a shell in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon().

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_unconfined( domain )
Summary

Unconfined access to user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_all_user_fd( domain )
Summary

Inherit the file descriptors from all user domains

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_sysadm_fd( domain )
Summary

Inherit and use sysadm file descriptors

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_sysadm_pty( domain )
Summary

Read and write sysadm ptys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_sysadm_terms( domain )
Summary

Read and write sysadm ttys and ptys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_sysadm_tty( domain )
Summary

Read and write sysadm ttys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_unpriv_user_pty( domain )
Summary

Read and write unprivileged user ptys.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_use_unpriv_users_fd( domain )
Summary

Inherit the file descriptors from unprivileged user domains.

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
userdom_write_unpriv_user_tmp( domain )
Summary

Write all unprivileged users files in /tmp

Parameters
Parameter:Description:Optional:
domain Domain allowed access. No
Return

Templates:

admin_user_template( userdomain_prefix )
Summary

The template for creating an administrative user.

Description

This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.

The privileges given to administrative users are:

  • Raw disk access

  • Set all sysctls

  • All kernel ring buffer controls

  • Set SELinux enforcement mode (enforcing/permissive)

  • Set SELinux booleans

  • Relabel all files but shadow

  • Create, read, write, and delete all files but shadow

  • Manage source and binary format SELinux policy

  • Run insmod

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., sysadm is the prefix for sysadm_t). No
base_user_template( userdomain_prefix )
Summary

The template containing rules common to unprivileged users and administrative users.

Description

This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.

This generally should not be used, rather the unpriv_user_template or admin_user_template should be used.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
unpriv_user_template( userdomain_prefix )
Summary

The template for creating a unprivileged user.

Description

This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
userdom_create_user_home( userdomain_prefix , domain , [ object_class ] , [ private_type ] )
Summary

Description

Create, read, write, and delete named sockets in a user home subdirectory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
object_class The class of the object to be created. If not specified, file is used. yes
private_type The type of the object to create. If this is not specified, the regular home directory type is used. yes
userdom_exec_user_home_files( userdomain_prefix , domain )
Summary

Execute user home files.

Description

Execute user home files.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_home_file( userdomain_prefix , type )
Summary

Make the specified type usable in a user home directory.

Description

Make the specified type usable in a user home directory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
type Type to be used as a file in the user home directory. No
userdom_manage_user_home_subdir_files( userdomain_prefix , domain )
Summary

Create, read, write, and delete files in a user home subdirectory.

Description

Create, read, write, and delete files in a user home subdirectory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_home_subdir_pipes( userdomain_prefix , domain )
Summary

Create, read, write, and delete named pipes in a user home subdirectory.

Description

Create, read, write, and delete named pipes in a user home subdirectory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_home_subdir_sockets( userdomain_prefix , domain )
Summary

Create, read, write, and delete named sockets in a user home subdirectory.

Description

Create, read, write, and delete named sockets in a user home subdirectory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_home_subdir_symlinks( userdomain_prefix , domain )
Summary

Create, read, write, and delete symbolic links in a user home subdirectory.

Description

Create, read, write, and delete symbolic links in a user home subdirectory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_home_subdirs( userdomain_prefix , domain )
Summary

Create, read, write, and delete symbolic links in a user home subdirectory.

Description

Create, read, write, and delete symbolic links in a user home subdirectory.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_tmp_dirs( userdomain_prefix , domain )
Summary

Create, read, write, and delete user temporary directories.

Description

Create, read, write, and delete user temporary directories.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_tmp_files( userdomain_prefix , domain )
Summary

Create, read, write, and delete user temporary files.

Description

Create, read, write, and delete user temporary files.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_tmp_pipes( userdomain_prefix , domain )
Summary

Create, read, write, and delete user temporary named pipes.

Description

Create, read, write, and delete user temporary named pipes.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_tmp_sockets( userdomain_prefix , domain )
Summary

Create, read, write, and delete user temporary named sockets.

Description

Create, read, write, and delete user temporary named sockets.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_manage_user_tmp_symlinks( userdomain_prefix , domain )
Summary

Create, read, write, and delete user temporary symbolic links.

Description

Create, read, write, and delete user temporary symbolic links.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_read_user_home_files( userdomain_prefix , domain )
Summary

Read user home files.

Description

Read user home files.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_search_user_home( userdomain_prefix , domain )
Summary

Search user home directories.

Description

Search user home directories.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
userdom_use_user_terminals( userdomain_prefix , domain )
Summary

Read and write a user domain tty and pty.

Description

Read and write a user domain tty and pty.

This is a templated interface, and should only be called from a per-userdomain template.

Parameters
Parameter:Description:Optional:
userdomain_prefix The prefix of the user domain (e.g., user is the prefix for user_t). No
domain Domain allowed access. No
Return