# # This file contains a listing of available modules. # To prevent a module from being used in policy # creation, set the module name to "off". # # For monolithic policies, modules set to "base" and "module" # will be built into the policy. # # For modular policies, modules set to "base" will be # included in the base module. "module" will be compiled # as individual loadable modules. # # Layer: admin # Module: acct # # Berkeley process accounting # acct = base # Layer: admin # Module: alsa # # Ainit ALSA configuration tool # alsa = base # Layer: apps # Module: ada # # ada executable # ada = module # Layer: modules # Module: awstats # # awstats executable # awstats = module # Layer: admin # Module: amanda # # Automated backup program. # amanda = module # Layer: services # Module: amavis # # Anti-virus # amavis = module # Layer: admin # Module: anaconda # # Policy for the Anaconda installer. # anaconda = base # Layer: services # Module: apache # # Apache web server # apache = module # Layer: services # Module: apm # # Advanced power management daemon # apm = base # Layer: system # Module: application # Required in base # # Defines attributs and interfaces for all user applications # application = base # Layer: services # Module: arpwatch # # Ethernet activity monitor. # arpwatch = module # Layer: services # Module: audioentropy # # Generate entropy from audio input # audioentropy = module # Layer: system # Module: authlogin # # Common policy for authentication and user login. # authlogin = base # Layer: services # Module: automount # # Filesystem automounter service. # automount = module # Layer: services # Module: avahi # # mDNS/DNS-SD daemon implementing Apple ZeroConf architecture # avahi = module # Layer: services # Module: bind # # Berkeley internet name domain DNS server. # bind = module # Layer: services # Module: dnsmasq # # A lightweight DHCP and caching DNS server. # dnsmasq = module # Layer: services # Module: bluetooth # # Bluetooth tools and system services. # bluetooth = module # Layer: kernel # Module: bootloader # # Policy for the kernel modules, kernel image, and bootloader. # bootloader = base # Layer: services # Module: canna # # Canna - kana-kanji conversion server # canna = module # Layer: services # Module: ccs # # policy for ccs # ccs = module # Layer: apps # Module: calamaris # # # Squid log analysis # calamaris = module # Layer: apps # Module: cdrecord # # Policy for cdrecord # cdrecord = module # Layer: admin # Module: certwatch # # Digital Certificate Tracking # certwatch = module # Layer: admin # Module: certmaster # # Digital Certificate Tracking # certmanager = module # Layer: services # Module: cipe # # Encrypted tunnel daemon # cipe = module # Layer: services # Module: comsat # # Comsat, a biff server. # comsat = module # Layer: services # Module: clamav # # ClamAV Virus Scanner # clamav = module # Layer: system # Module: clock # # Policy for reading and setting the hardware clock. # clock = base # Layer: services # Module: consolekit # # ConsoleKit is a system daemon for tracking what users are logged # consolekit = module # Layer: admin # Module: consoletype # # Determine of the console connected to the controlling terminal. # consoletype = base # Layer: kernel # Module: corecommands # Required in base # # Core policy for shells, and generic programs # in /bin, /sbin, /usr/bin, and /usr/sbin. # corecommands = base # Layer: kernel # Module: corenetwork # Required in base # # Policy controlling access to network objects # corenetwork = base # Layer: services # Module: cpucontrol # # Services for loading CPU microcode and CPU frequency scaling. # cpucontrol = base # Layer: services # Module: cron # # Periodic execution of scheduled commands. # cron = base # Layer: services # Module: cups # # Common UNIX printing system # cups = module # Layer: services # Module: cvs # # Concurrent versions system # cvs = module # Layer: services # Module: cyphesis # # cyphesis game server # cyphesis = module # Layer: services # Module: cyrus # # Cyrus is an IMAP service intended to be run on sealed servers # cyrus = module # Layer: system # Module: daemontools # # Collection of tools for managing UNIX services # daemontools = module # Layer: services # Module: dbskk # # Dictionary server for the SKK Japanese input method system. # dbskk = module # Layer: services # Module: dbus # # Desktop messaging bus # dbus = base # Layer: services # Module: dcc # # A distributed, collaborative, spam detection and filtering network. # dcc = module # Layer: admin # Module: ddcprobe # # ddcprobe retrieves monitor and graphics card information # ddcprobe = off # Layer: kernel # Module: devices # Required in base # # Device nodes and interfaces for many basic system devices. # devices = base # Layer: services # Module: dhcp # # Dynamic host configuration protocol (DHCP) server # dhcp = module # Layer: services # Module: dictd # # Dictionary daemon # dictd = module # Layer: services # Module: distcc # # Distributed compiler daemon # distcc = off # Layer: admin # Module: dmesg # # Policy for dmesg. # dmesg = base # Layer: admin # Module: dmidecode # # Decode DMI data for x86/ia64 bioses. # dmidecode = base # Layer: system # Module: domain # Required in base # # Core policy for domains. # domain = base # Layer: services # Module: dovecot # # Dovecot POP and IMAP mail server # dovecot = module # Layer: apps # Module: gpg # # Policy for GNU Privacy Guard and related programs. # gpg = off # Layer: services # Module: gpm # # General Purpose Mouse driver # gpm = module # Layer: apps # Module: ethereal # # Ethereal packet capture tool. # ethereal = module # Layer: services # Module: fail2ban # # daiemon that bans IP that makes too many password failures # fail2ban = module # Layer: services # Module: fetchmail # # Remote-mail retrieval and forwarding utility # fetchmail = module # Layer: kernel # Module: files # Required in base # # Basic filesystem types and interfaces. # files = base # Layer: kernel # Module: filesystem # Required in base # # Policy for filesystems. # filesystem = base # Layer: services # Module: finger # # Finger user information service. # finger = module # Layer: admin # Module: firstboot # # Final system configuration run during the first boot # after installation of Red Hat/Fedora systems. # firstboot = base # Layer: system # Module: fstools # # Tools for filesystem management, such as mkfs and fsck. # fstools = base # Layer: services # Module: ftp # # File transfer protocol service # ftp = module # Layer: apps # Module: games # # The Open Group Pegasus CIM/WBEM Server. # games = module # Layer: system # Module: getty # # Policy for getty. # getty = base # Layer: apps # Module: gnome # # gnome session and gconf # gnome = module # Layer: services # Module: gnomeclock # # gnomeclock used by dbus/polkit to set time # gnomeclock = module # Layer: services # Module: hal # # Hardware abstraction layer # hal = module # Layer: services # Module: polkit # # Hardware abstraction layer # polkit = module # Layer: system # Module: hostname # # Policy for changing the system host name. # hostname = base # Layer: system # Module: hotplug # # Policy for hotplug system, for supporting the # connection and disconnection of devices at runtime. # hotplug = base # Layer: services # Module: howl # # Port of Apple Rendezvous multicast DNS # howl = module # Layer: services # Module: inetd # # Internet services daemon. # inetd = base # Layer: system # Module: init # # System initialization programs (init and init scripts). # init = base # Layer: services # Module: inn # # Internet News NNTP server # inn = module # Layer: system # Module: iptables # # Policy for iptables. # iptables = base # Layer: system # Module: ipsec # # TCP/IP encryption # ipsec = module # Layer: apps # Module: irc # # IRC client policy # irc = module # Layer: services # Module: irqbalance # # IRQ balancing daemon # irqbalance = base # Layer: system # Module: iscsi # # Open-iSCSI daemon # iscsi = module # Layer: services # Module: i18n_input # # IIIMF htt server # i18n_input = off # Layer: apps # Module: java # # java executable # java = module # Layer: services # Module: kerberos # # MIT Kerberos admin and KDC # kerberos = module # Layer: kernel # Module: kernel # Required in base # # Policy for kernel threads, proc filesystem,and unlabeled processes and objects. # kernel = base # Layer: services # Module: ktalk # # KDE Talk daemon # ktalk = module # Layer: admin # Module: kudzu # # Hardware detection and configuration tools # kudzu = base # Layer: services # Module: ldap # # OpenLDAP directory server # ldap = module # Layer: system # Module: libraries # # Policy for system libraries. # libraries = base # Layer: apps # Module: loadkeys # # Load keyboard mappings. # loadkeys = base # Layer: system # Module: locallogin # # Policy for local logins. # locallogin = base # Layer: apps # Module: lockdev # # device locking policy for lockdev # lockdev = module # Layer: system # Module: logging # # Policy for the kernel message logger and system logging daemon. # logging = base # Layer: admin # Module: logrotate # # Rotate and archive system logs # logrotate = base # Layer: services # Module: logwatch # # logwatch executable # logwatch = base # Layer: services # Module: lpd # # Line printer daemon # lpd = module # Layer: system # Module: lvm # # Policy for logical volume management programs. # lvm = base # Layer: services # Module: mailman # # Mailman is for managing electronic mail discussion and e-newsletter lists # mailman = module # Layer: services # Module: mailscanner # # Anti-Virus and Anti-Spam Filter # mailscanner = module # Layer: kernel # Module: mcs # Required in base # # MultiCategory security policy # mcs = base # Layer: system # Module: miscfiles # # Miscelaneous files. # miscfiles = base # Layer: kernel # Module: mls # Required in base # # Multilevel security policy # mls = base # Layer: system # Module: modutils # # Policy for kernel module utilities # modutils = base # Layer: apps # Module: mono # # mono executable # mono = module # Layer: system # Module: mount # # Policy for mount. # mount = base # Layer: apps # Module: mozilla # # Policy for Mozilla and related web browsers # mozilla = module # Layer: apps # Module: nsplugin # # Policy for nspluginwrapper # nsplugin = module # Layer: apps # Module: mplayer # # Policy for Mozilla and related web browsers # mplayer = module # Layer: apps # Module: gpg # # Policy for Mozilla and related web browsers # gpg = module # Layer: admin # Module: mrtg # # Network traffic graphing # mrtg = module # Layer: services # Module: mta # # Policy common to all email tranfer agents. # mta = base # Layer: services # Module: mysql # # Policy for MySQL # mysql = module # Layer: services # Module: nagios # # policy for nagios Host/service/network monitoring program # nagios = module # Layer: admin # Module: netutils # # Network analysis utilities # netutils = base # Layer: services # Module: networkmanager # # Manager for dynamically switching between networks. # networkmanager = base # Layer: services # Module: nis # # Policy for NIS (YP) servers and clients # nis = module # Layer: services # Module: nscd # # Name service cache daemon # nscd = base # Layer: services # Module: ntp # # Network time protocol daemon # ntp = module # Layer: services # Module: nx # # NX Remote Desktop # nx = module # Layer: services # Module: oddjob # # policy for oddjob # oddjob = module # Layer: services # Module: openct # # Service for handling smart card readers. # openct = off # Layer: services # Module: openvpn # # Policy for OPENVPN full-featured SSL VPN solution # openvpn = module # Layer: service # Module: pcscd # # PC/SC Smart Card Daemon # pcscd = module # Layer: service # Module: openct # # Middleware framework for smart card terminals # openct = module # Layer: system # Module: pcmcia # # PCMCIA card management services # pcmcia = base # Layer: services # Module: pegasus # # The Open Group Pegasus CIM/WBEM Server. # pegasus = module # Layer: services # Module: postgresql # # PostgreSQL relational database # postgresql = module # Layer: services # Module: portmap # # RPC port mapping service. # portmap = module # Layer: services # Module: postfix # # Postfix email server # postfix = module o# Layer: services # Module: postgrey # # email scanner # postgrey = module # Layer: services # Module: ppp # # Point to Point Protocol daemon creates links in ppp networks # ppp = module # Layer: admin # Module: prelink # # Manage temporary directory sizes and file ages # prelink = base # Layer: services # Module: procmail # # Procmail mail delivery agent # procmail = module # Layer: services # Module: privoxy # # Privacy enhancing web proxy. # privoxy = module # Layer: services # Module: publicfile # # publicfile supplies files to the public through HTTP and FTP # publicfile = module # Layer: services # Module: pyzor # # Spam Blocker # pyzor = module # Layer: services # Module: qmail # # Policy for qmail # qmail = module # Layer: admin # Module: quota # # File system quota management # quota = base # Layer: system # Module: raid # # RAID array management tools # raid = base # Layer: services # Module: radius # # RADIUS authentication and accounting server. # radius = module # Layer: services # Module: radvd # # IPv6 router advertisement daemon # radvd = module # Layer: services # Module: razor # # A distributed, collaborative, spam detection and filtering network. # razor = module # Layer: admin # Module: readahead # # Readahead, read files into page cache for improved performance # readahead = base # Layer: services # Module: rhgb # # X windows login display manager # rhgb = module # Layer: services # Module: rdisc # # Network router discovery daemon # rdisc = module # Layer: services # Module: remotelogin # # Policy for rshd, rlogind, and telnetd. # remotelogin = module # Layer: services # Module: ricci # # policy for ricci # ricci = module # Layer: services # Module: rlogin # # Remote login daemon # rlogin = module # Layer: services # Module: roundup # # Roundup Issue Tracking System policy # roundup = module # Layer: services # Module: rpc # # Remote Procedure Call Daemon for managment of network based process communication # rpc = base # Layer: admin # Module: rpm # # Policy for the RPM package manager. # rpm = base # Layer: services # Module: rshd # # Remote shell service. # rshd = module # Layer: services # Module: rsync # # Fast incremental file transfer for synchronization # rsync = module # Layer: services # Module: rwho # # who is logged in on local machines # rwho = module # Layer: services # Module: sasl # # SASL authentication server # sasl = module # Layer: services # Module: sendmail # # Policy for sendmail. # sendmail = base # Layer: services # Module: samba # # SMB and CIFS client/server programs for UNIX and # name Service Switch daemon for resolving names # from Windows NT servers. # samba = module # Layer: apps # Module: screen # # GNU terminal multiplexer # screen = module # Layer: kernel # Module: selinux # Required in base # # Policy for kernel security interface, in particular, selinuxfs. # selinux = base # Layer: system # Module: selinuxutil # # Policy for SELinux policy and userland applications. # selinuxutil = base # Layer: system # Module: setrans # Required in base # # Policy for setrans # setrans = base # Layer: services # Module: setroubleshoot # # Policy for the SELinux troubleshooting utility # setroubleshoot = base # Layer: services # Module: slrnpull # # Service for downloading news feeds the slrn newsreader. # slrnpull = off # Layer: apps # Module: slocate # # Update database for mlocate # slocate = module # Layer: services # Module: smartmon # # Smart disk monitoring daemon policy # smartmon = module # Layer: services # Module: snmp # # Simple network management protocol services # snmp = module # Layer: services # Module: spamassassin # # Filter used for removing unsolicited email. # spamassassin = module # Layer: services # Module: squid # # Squid caching http proxy server # squid = module # Layer: services # Module: ssh # # Secure shell client and server policy. # ssh = base # Layer: kernel # Module: storage # # Policy controlling access to storage devices # storage = base # Layer: services # Module: stunnel # # SSL Tunneling Proxy # stunnel = module # Layer: admin # Module: su # # Run shells with substitute user and group # su = base # Layer: admin # Module: sudo # # Execute a command with a substitute user # sudo = base # Layer: system # Module: sysnetwork # # Policy for network configuration: ifconfig and dhcp client. # sysnetwork = base # Layer: services # Module: sysstat # # Policy for sysstat. Reports on various system states # sysstat = module # Layer: services # Module: tcpd # # Policy for TCP daemon. # tcpd = module # Layer: system # Module: udev # # Policy for udev. # udev = base # Layer: system # Module: userdomain # # Policy for user domains # userdomain = base # Layer: system # Module: unconfined # # The unconfined domain. # unconfined = module # Layer: apps # Module: wine # # wine executable # wine = module # Layer: admin # Module: tzdata # # Policy for tzdata-update # tzdata = base # Layer: apps # Module: userhelper # # A helper interface to pam. # userhelper = module # Layer: services # Module: tor # # TOR, the onion router # tor = module # Layer: apps # Module: tvtime # # tvtime - a high quality television application # tvtime = module # Layer: apps # Module: uml # # Policy for UML # uml = module # Layer: admin # Module: usbmodules # # List kernel modules of USB devices # usbmodules = module # Layer: apps # Module: usernetctl # # User network interface configuration helper # usernetctl = module # Layer: system # Module: xen # # virtualization software # xen = module # Layer: services # Module: virt # # Virtualization libraries # virt = module # Layer: apps # Module: qemu # # Virtualization emulator # qemu = module # Layer: system # Module: brctl # # Utilities for configuring the linux ethernet bridge # brctl = base # Layer: services # Module: telnet # # Telnet daemon # telnet = module # Layer: services # Module: timidity # # MIDI to WAV converter and player configured as a service # timidity = off # Layer: services # Module: tftp # # Trivial file transfer protocol daemon # tftp = module # Layer: services # Module: uucp # # Unix to Unix Copy # uucp = module # Layer: services # Module: vbetool # # run real-mode video BIOS code to alter hardware state # vbetool = base # Layer: apps # Module: webalizer # # Web server log analysis # webalizer = module # Layer: services # Module: xfs # # X Windows Font Server # xfs = module # Layer: services # Module: xserver # # X windows login display manager # xserver = base # Layer: services # Module: zebra # # Zebra border gateway protocol network routing service # zebra = module # Layer: admin # Module: usermanage # # Policy for managing user accounts. # usermanage = base # Layer: admin # Module: updfstab # # Red Hat utility to change /etc/fstab. # updfstab = base # Layer: admin # Module: vpn # # Virtual Private Networking client # vpn = module # Layer: admin # Module: vbetool # # run real-mode video BIOS code to alter hardware state # vbetool = base # Layer: kernel # Module: terminal # Required in base # # Policy for terminals. # terminal = base # Layer: admin # Module: tmpreaper # # Manage temporary directory sizes and file ages # tmpreaper = module # Layer: admin # Module: amtu # # Abstract Machine Test Utility (AMTU) # amtu = module # Layer: services # Module: zabbix # # Open-source monitoring solution for your IT infrastructure # zabbix = module # Layer: services # Module: apcupsd # # daemon for most APC’s UPS for Linux # apcupsd = module # Layer: services # Module: aide # # Policy for aide # aide = module # Layer: services # Module: w3c # # w3c # w3c = module # Layer: services # Module: portreserve # # reserve ports to prevent portmap mapping them # portreserve = module # Layer: services # Module: rpcbind # # universal addresses to RPC program number mapper # rpcbind = module # Layer: apps # Module: vmware # # VMWare Workstation virtual machines # vmware = module # Layer: role # Module: logadm # # Minimally prived root role for managing logging system # logadm = module # Layer: role # Module: webadm # # Minimally prived root role for managing apache # webadm = module # # Layer: services # Module: exim # # exim mail server # exim = module # Layer: services # Module: kismet # # Wireless sniffing and monitoring # kismet = module # Layer: services # Module: munin # # Munin # munin = module # Layer: services # Module: bitlbee # # An IRC to other chat networks gateway # bitlbee = module # Layer: services # Module: soundserver # # sound server for network audio server programs, nasd, yiff, etc # soundserver = module # Layer:role # Module: staff # # admin account # staff = module # Layer:role # Module: sysadm # # System Administrator # sysadm = base # Layer: role # Module: unprivuser # # Minimally privs guest account on tty logins # unprivuser = module # Layer: services # Module: prelude # prelude = module # Layer: services # Module: pads # pads = module # Layer: services # Module: kerneloops # # program to collect and submit kernel oopses to kerneloops.org # kerneloops = module # Layer: apps # Module: openoffice # # openoffice executable # openoffice = module # Layer: apps # Module: podsleuth # # Podsleuth probes, identifies, and exposes properties and metadata bound to iPods. # podsleuth = module # Layer: role # Module: guest # # Minimally privs guest account on tty logins # guest = module # Layer: role # Module: xguest # # Minimally privs guest account on X Windows logins # xguest = module # Layer: services # Module: courier # # IMAP and POP3 email servers # courier = module # Layer: apps # Module: livecd # # livecd creator # livecd = module # Layer: services # Module: snort # # Snort network intrusion detection system # snort = module # Layer: services # Module: memcached # # high-performance memory object caching system # memcached = module # Layer: system # Module: netlabel # # Basic netlabel types and interfaces. # netlabel = module # Layer: services # Module: zosremote # # policy for z/OS Remote-services Audit dispatcher plugin # zosremote = module