Layer: system

Module: files

Description:

This module contains basic filesystem types and interfaces. This includes:

The concept of different file types including basic files, mount points, tmp files, etc.

Access to groups of files and all files.

Types and interfaces for the basic filesystem layout (/, /etc, /tmp, /usr, etc.).

This module is required to be included in all policies.

Interfaces:

files_associate_tmp(
	
		file_type
		
	)

Summary

Allow the specified type to associate to a filesystem with the type of the temporary directory (/tmp).

Parameters

Parameter:	Description:	Optional:
file_type	Type of the file to associate.	No

files_create_boot_flag(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_etc_config(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_home_dirs(
	
		domain
		
			,
		
		home_type
		
	)

Summary

Create home directories

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No
home_type	The type of the home directory	No

files_create_lock(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_pid(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_root(
	
		domain
		
			,
		
			[
		
		private type
		
			]
		
			,
		
			[
		
		object
		
			]
		
	)

Summary

Create an object in the root directory, with a private type. If no object class is specified, the default is file.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No
private type	The type of the object to be created. If no type is specified, the type of the root directory will be used.	yes
object	The object class of the object being created. If no class is specified, file will be used.	yes

files_create_tmp_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_usr(
	
		domain
		
			,
		
		file_type
		
			,
		
			[
		
		object_class
		
			]
		
	)

Summary

Create objects in the /usr directory

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No
file_type	The type of the object to be created	No
object_class	The object class. If not specified, file is used.	yes

files_create_var(
	
		domain
		
			,
		
		file_type
		
			,
		
			[
		
		object_class
		
			]
		
	)

Summary

Create objects in the /var directory

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No
file_type	The type of the object to be created	No
object_class	The object class. If not specified, file is used.	yes

files_create_var_lib(
	
		domain
		
			,
		
		file_type
		
			,
		
			[
		
		object_class
		
			]
		
	)

Summary

Create objects in the /var/lib directory

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No
file_type	The type of the object to be created	No
object_class	The object class. If not specified, file is used.	yes

files_delete_all_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_all_pid_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_all_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_etc_files(
	
		domain
		
	)

Summary

Delete system configuration files in /etc.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_delete_root_dir_entry(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_getattr_all_dirs(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of all directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_all_files(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of all files.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_all_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of all named pipes.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_all_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of all named sockets.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_all_symlinks(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of all symbolic links.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_default_dir(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of directories with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_default_files(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of files with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_home_dir(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of the home directories root (/home).

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_non_security_blk_dev(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of non security block devices.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_non_security_chr_dev(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of non security character devices.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_non_security_files(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of non security files.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_non_security_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of non security named pipes.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_non_security_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of non security named sockets.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_non_security_symlinks(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of non security symbolic links.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_pid_dir(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of the /var/run directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_getattr_tmp_dir(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of the tmp directory (/tmp).

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_dontaudit_ioctl_all_pids(
	
		domain
		
	)

Summary

Do not audit attempts to ioctl daemon runtime data files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_dontaudit_list_default(
	
		domain
		
	)

Summary

Do not audit attempts to list contents of directories with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_list_non_security(
	
		domain
		
	)

Summary

Do not audit attempts to list all non security directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_read_default_files(
	
		domain
		
	)

Summary

Do not audit attempts to read files with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_read_etc_runtime_files(
	
		domain
		
	)

Summary

Do not audit attempts to read files in /etc that are dynamically created on boot, such as mtab.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_read_root_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_rw_root_chr_dev(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_rw_root_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_search_all_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_search_home(
	
		domain
		
	)

Summary

Do not audit attempts to search home directories root (/home).

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_search_isid_type_dir(
	
		domain
		
	)

Summary

Do not audit attempts to search directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_dontaudit_search_locks(
	
		domain
		
	)

Summary

Do not audit attempts to search the locks directory (/var/lock).

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_search_pids(
	
		domain
		
	)

Summary

Do not audit attempts to search the /var/run directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_search_src(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_search_var(
	
		domain
		
	)

Summary

Do not audit attempts to search the contents of /var.

Parameters

Parameter:	Description:	Optional:
domain	Domain to not audit.	No

files_dontaudit_write_all_pids(
	
		domain
		
	)

Summary

Do not audit attempts to write to daemon runtime data files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_exec_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_exec_usr_files(
	
		domain
		
	)

Summary

Execute generic programs in /usr in the caller domain.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_exec_usr_src_files(
	
		domain
		
	)

Summary

Execute programs in /usr/src in the caller domain.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_getattr_all_dirs(
	
		domain
		
	)

Summary

Get the attributes of all directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_getattr_all_files(
	
		domain
		
	)

Summary

Get the attributes of all files.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_getattr_all_pipes(
	
		domain
		
	)

Summary

Get the attributes of all named pipes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_getattr_all_sockets(
	
		domain
		
	)

Summary

Get the attributes of all named sockets.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_getattr_all_symlinks(
	
		domain
		
	)

Summary

Get the attributes of all symbolic links.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_getattr_generic_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_getattr_home_dir(
	
		domain
		
	)

Summary

Get the attributes of the home directories root (/home).

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_getattr_usr_files(
	
		domain
		
	)

Summary

Get the attributes of files in /usr.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_getattr_var_lib_dir(
	
		domain
		
	)

Summary

Get the attributes of the /var/lib directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_list_all_dirs(
	
		domain
		
	)

Summary

List the contents of all directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_list_all_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_default(
	
		domain
		
	)

Summary

List contents of directories with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_list_etc(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_home(
	
		domain
		
	)

Summary

Get listing of home directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_list_isid_type_dir(
	
		domain
		
	)

Summary

List the contents of directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_list_mnt(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_root(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_spool(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_usr(
	
		domain
		
	)

Summary

List the contents of generic directories in /usr.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_list_var(
	
		domain
		
	)

Summary

List the contents of /var.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_list_var_lib(
	
		domain
		
	)

Summary

List the contents of the /var/lib directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_list_world_readable(
	
		domain
		
	)

Summary

List world-readable directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_lock_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_all_files(
	
		domain
		
			,
		
			[
		
		exception_types
		
			]
		
	)

Summary

Manage all files on the filesystem, except the listed exceptions.

Parameters

Parameter:	Description:	Optional:
domain	The type of the domain perfoming this action.	No
exception_types	The types to be excluded. Each type or attribute must be negated by the caller.	yes

files_manage_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_etc_runtime_files(
	
		domain
		
	)

Summary

Create, read, write, and delete files in /etc that are dynamically created on boot, such as mtab.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_manage_generic_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_generic_spool_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_generic_spools(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_isid_type_blk_node(
	
		domain
		
	)

Summary

Create, read, write, and delete block device nodes on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_chr_node(
	
		domain
		
	)

Summary

Create, read, write, and delete character device nodes on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_dir(
	
		domain
		
	)

Summary

Create, read, write, and delete directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_file(
	
		domain
		
	)

Summary

Create, read, write, and delete files on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_symlink(
	
		domain
		
	)

Summary

Create, read, write, and delete symbolic links on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_lost_found(
	
		domain
		
	)

Summary

Create, read, write, and delete objects in lost+found directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_mnt_dirs(
	
		domain
		
	)

Summary

Create, read, write, and delete directories in /mnt.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_manage_mnt_files(
	
		domain
		
	)

Summary

Create, read, write, and delete files in /mnt.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_manage_mnt_symlinks(
	
		domain
		
	)

Summary

Create, read, write, and delete symbolic links in /mnt.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_manage_urandom_seed(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_var_dirs(
	
		domain
		
	)

Summary

Create, read, write, and delete directories in the /var directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_manage_var_files(
	
		domain
		
	)

Summary

Create, read, write, and delete files in the /var directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_manage_var_symlinks(
	
		domain
		
	)

Summary

Create, read, write, and delete symbolic links in the /var directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_mount_all_file_type_fs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_mounton_all_mountpoints(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_mounton_default(
	
		domain
		
	)

Summary

Mount a filesystem on a directory with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_mounton_isid_type_dir(
	
		domain
		
	)

Summary

Mount a filesystem on a directory on new filesystems that has not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_mounton_mnt(
	
		domain
		
	)

Summary

Mount a filesystem on /mnt.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_mountpoint(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_pid_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_poly(
	
		file_type
		
	)

Summary

Make the specified type a polyinstantiated directory.

Parameters

Parameter:	Description:	Optional:
file_type	Type of the file to be used as a polyinstantiated directory.	No

files_poly_member(
	
		file_type
		
	)

Summary

Make the specified type a polyinstantiation member directory.

Parameters

Parameter:	Description:	Optional:
file_type	Type of the file to be used as a member directory.	No

files_poly_member_tmp(
	
		domain
		
			,
		
		file_type
		
	)

Summary

Make the domain use the specified type of polyinstantiated directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain using the polyinstantiated directory.	No
file_type	Type of the file to be used as a member directory.	No

files_poly_parent(
	
		file_type
		
	)

Summary

Make the specified type a parent of a polyinstantiated directory.

Parameters

Parameter:	Description:	Optional:
file_type	Type of the file to be used as a parent directory.	No

files_purge_tmp(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_all_files(
	
		domain
		
	)

Summary

Read all files.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_all_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_all_symlinks(
	
		domain
		
	)

Summary

Read all symbolic links.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_default_files(
	
		domain
		
	)

Summary

Read files with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_default_pipes(
	
		domain
		
	)

Summary

Read named pipes with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_default_sockets(
	
		domain
		
	)

Summary

Read sockets with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_default_symlinks(
	
		domain
		
	)

Summary

Read symbolic links with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_etc_runtime_files(
	
		domain
		
	)

Summary

Read files in /etc that are dynamically created on boot, such as mtab.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_generic_spools(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_isid_type_file(
	
		domain
		
	)

Summary

Read files on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_read_usr_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_usr_src_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_usr_symlinks(
	
		domain
		
	)

Summary

Read symbolic links in /usr.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_var_files(
	
		domain
		
	)

Summary

Read files in the /var directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_read_var_lib_files(
	
		domain
		
	)

Summary

Read generic files in /var/lib.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_var_lib_symlinks(
	
		domain
		
	)

Summary

Read generic symbolic links in /var/lib

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_var_symlink(
	
		domain
		
	)

Summary

Read symbolic links in the /var directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_world_readable_files(
	
		domain
		
	)

Summary

Read world-readable files.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_world_readable_pipes(
	
		domain
		
	)

Summary

Read world-readable named pipes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_world_readable_sockets(
	
		domain
		
	)

Summary

Read world-readable sockets.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_read_world_readable_symlinks(
	
		domain
		
	)

Summary

Read world-readable symbolic links.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_relabel_all_files(
	
		domain
		
			,
		
			[
		
		exception_types
		
			]
		
	)

Summary

Relabel all files on the filesystem, except the listed exceptions.

Parameters

Parameter:	Description:	Optional:
domain	The type of the domain perfoming this action.	No
exception_types	The types to be excluded. Each type or attribute must be negated by the caller.	yes

files_relabelto_all_file_type_fs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_relabelto_usr_files(
	
		domain
		
	)

Summary

Relabel a file to the type used in /usr.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_rw_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_rw_etc_runtime_files(
	
		domain
		
	)

Summary

Read and write files in /etc that are dynamically created on boot, such as mtab.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_rw_generic_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_rw_isid_type_blk_node(
	
		domain
		
	)

Summary

Read and write block device nodes on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_rw_isid_type_dir(
	
		domain
		
	)

Summary

Read and write directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_rw_locks_dir(
	
		domain
		
	)

Summary

Add and remove entries in the /var/lock directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_search_all(
	
		domain
		
	)

Summary

Search all directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_search_all_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_default(
	
		domain
		
	)

Summary

Search the contents of directories with the default file type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_search_etc(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_home(
	
		domain
		
	)

Summary

Search home directories root (/home).

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_search_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_mnt(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_spool(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_tmp(
	
		domain
		
	)

Summary

Search the tmp directory (/tmp).

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_search_usr(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_var(
	
		domain
		
	)

Summary

Search the contents of /var.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_search_var_lib(
	
		domain
		
	)

Summary

Search the /var/lib directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_security_file(
	
		file_type
		
	)

Summary

Make the specified type a file that should not be dontaudited from browsing from user domains.

Parameters

Parameter:	Description:	Optional:
file_type	Type of the file to be used as a member directory.	No

files_setattr_all_tmp_dirs(
	
		domain
		
	)

Summary

Set the attributes of all tmp directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_setattr_etc_dir(
	
		domain
		
	)

Summary

Set the attributes of the /etc directories.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_tmp_file(
	
		file_type
		
	)

Summary

Make the specified type a file used for temporary files.

Parameters

Parameter:	Description:	Optional:
file_type	Type of the file to be used as a temporary file.	No

files_tmpfs_file(
	
		type
		
	)

Summary

Transform the type into a file, for use on a virtual memory filesystem (tmpfs).

Parameters

Parameter:	Description:	Optional:
type	The type to be transformed.	No

files_type(
	
		type
		
	)

Summary

Make the specified type usable for files in a filesystem.

Parameters

Parameter:	Description:	Optional:
type	Type to be used for files.	No

files_unconfined(
	
		domain
		
	)

Summary

Unconfined access to files.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_unmount_all_file_type_fs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_unmount_rootfs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

Return