<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_bootloader.html'> bootloader</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: kernel</h1><p/> <h2>Module: terminal</h2><p/> <h3>Description:</h3> <p><p>Policy for terminals.</p></p> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_term_create_pty"></a> <div id="interface"> <div id="codeblock"> <b>term_create_pty</b>( domain , pty_type )<br> </div> <div id="description"> <h5>Description</h5> <p> Create a pty in the /dev/pts directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process creating the pty. </td><td> No </td></tr> <tr><td> pty_type </td><td> The type of the pty. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_getattr_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_getattr_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to get the attributes of any user pty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_getattr_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_getattr_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to get the attributes of any user tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_getattr_unallocated_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_getattr_unallocated_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to get the attributes of all unallocated tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_list_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_list_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to read the /dev/pts directory to. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_use_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_use_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to read any user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_use_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_use_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to read or write any user ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_use_console"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_use_console</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attemtps to read from or write to the console. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_use_generic_pty"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_use_generic_pty</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Dot not audit attempts to read and write the generic pty type. This is generally only used in the targeted policy. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_use_ptmx"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_use_ptmx</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to read and write the pty multiplexor (/dev/ptmx). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_dontaudit_use_unallocated_tty"></a> <div id="interface"> <div id="codeblock"> <b>term_dontaudit_use_unallocated_tty</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Do not audit attempts to read or write unallocated ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_getattr_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_getattr_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Get the attributes of all user pty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_getattr_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_getattr_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Get the attributes of all user tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_getattr_unallocated_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_getattr_unallocated_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Get the attributes of all unallocated tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_list_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_list_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read the /dev/pts directory to list all ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_login_pty"></a> <div id="interface"> <div id="codeblock"> <b>term_login_pty</b>( pty_type )<br> </div> <div id="description"> <h5>Description</h5> <p> Transform specified type into a pty type used by login programs, such as sshd. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> pty_type </td><td> An object type that will applied to a pty. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_pty"></a> <div id="interface"> <div id="codeblock"> <b>term_pty</b>( pty_type )<br> </div> <div id="description"> <h5>Description</h5> <p> Transform specified type into a pty type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> pty_type </td><td> An object type that will applied to a pty. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_relabel_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_relabel_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Relabel from and to all user user pty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_relabel_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_relabel_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Relabel from and to all user user tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_relabel_unallocated_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_relabel_unallocated_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Relabel from and to the unallocated tty type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_relabelto_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_relabelto_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to all user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_reset_tty_labels"></a> <div id="interface"> <div id="codeblock"> <b>term_reset_tty_labels</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Relabel from all user tty types to the unallocated tty type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_setattr_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_setattr_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of all user pty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_setattr_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_setattr_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Set the attributes of all user tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_setattr_console"></a> <div id="interface"> <div id="codeblock"> <b>term_setattr_console</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Set the attributes of the console device node. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_setattr_unallocated_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_setattr_unallocated_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Set the attributes of all unallocated tty device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_tty"></a> <div id="interface"> <div id="codeblock"> <b>term_tty</b>( tty_type )<br> </div> <div id="description"> <h5>Description</h5> <p> Transform specified type into a tty type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> tty_type </td><td> An object type that will applied to a tty. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_all_terms"></a> <div id="interface"> <div id="codeblock"> <b>term_use_all_terms</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write the console, all ttys and all ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_all_user_ptys"></a> <div id="interface"> <div id="codeblock"> <b>term_use_all_user_ptys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write all user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_use_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write all user to all user ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_console"></a> <div id="interface"> <div id="codeblock"> <b>term_use_console</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read from and write to the console. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_controlling_term"></a> <div id="interface"> <div id="codeblock"> <b>term_use_controlling_term</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write the controlling terminal (/dev/tty). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_generic_pty"></a> <div id="interface"> <div id="codeblock"> <b>term_use_generic_pty</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write the generic pty type. This is generally only used in the targeted policy. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_use_unallocated_tty"></a> <div id="interface"> <div id="codeblock"> <b>term_use_unallocated_tty</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Read and write unallocated ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_user_pty"></a> <div id="interface"> <div id="codeblock"> <b>term_user_pty</b>( userdomain , object_type )<br> </div> <div id="description"> <h5>Description</h5> <p> Transform specified type into an user pty type. This allows it to be relabeled via type change by login programs such as ssh. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain </td><td> The type of the user domain associated with this pty. </td><td> No </td></tr> <tr><td> object_type </td><td> An object type that will applied to a pty. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_write_all_user_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_write_all_user_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Write to all user ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_write_console"></a> <div id="interface"> <div id="codeblock"> <b>term_write_console</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Write to the console. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_term_write_unallocated_ttys"></a> <div id="interface"> <div id="codeblock"> <b>term_write_unallocated_ttys</b>( domain )<br> </div> <div id="description"> <h5>Description</h5> <p> Write to unallocated ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>