Layer: system

Module: files

Description:

This module contains basic filesystem types and interfaces. This includes:

The concept of different file types including basic files, mount points, tmp files, etc.
Access to groups of files and all files.
Types and interfaces for the basic filesystem layout (/, /etc, /tmp, /usr, etc.).

This module is required to be included in all policies.

Interfaces:

files_create_boot_flag(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_etc_config(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_home_dirs(
	
		domain
		
			,
		
		home_type
		
	)

Summary

Create home directories

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No
home_type	The type of the home directory	No

files_create_lock(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_pid(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_create_root(
	
		domain
		
			,
		
			[
		
		private type
		
			]
		
			,
		
			[
		
		object
		
			]
		
	)

Description

Create an object in the root directory, with a private type. If no object class is specified, the default is file.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No
private type	The type of the object to be created. If no type is specified, the type of the root directory will be used.	yes
object	The object class of the object being created. If no class is specified, file will be used.	yes

files_create_tmp_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_all_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_all_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_all_tmp_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_delete_etc_files(
	
		domain
		
	)

Description

Delete system configuration files in /etc.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_delete_root_dir_entry(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_ioctl_all_pids(
	
		domain
		
	)

Description

Do not audit attempts to ioctl daemon runtime data files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_dontaudit_read_root_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_rw_root_chr_dev(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_rw_root_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_search_all_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_search_isid_type_dir(
	
		domain
		
	)

Summary

Do not audit attempts to search directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_dontaudit_search_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_search_var(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_dontaudit_write_all_pids(
	
		domain
		
	)

Description

Do not audit attempts to write to daemon runtime data files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_exec_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_exec_usr_files(
	
		domain
		
	)

Description

Execute programs in /usr/src in the caller domain.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_getattr_all_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_getattr_generic_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_all_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_etc(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_home(
	
		domain
		
	)

Summary

Get listing of home directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_list_mnt(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_root(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_list_spool(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_lock_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_all_files(
	
		domain
		
			,
		
			[
		
		exception_types
		
			]
		
	)

Description

Manage all files on the filesystem, except the listed exceptions.

Parameters

Parameter:	Description:	Optional:
domain	The type of the domain perfoming this action.	No
exception_types	The types to be excluded. Each type or attribute must be negated by the caller.	yes

files_manage_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_etc_runtime_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_generic_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_generic_spool_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_generic_spools(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_manage_isid_type_blk_node(
	
		domain
		
	)

Summary

Create, read, write, and delete block device nodes on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_chr_node(
	
		domain
		
	)

Summary

Create, read, write, and delete character device nodes on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_dir(
	
		domain
		
	)

Summary

Create, read, write, and delete directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_file(
	
		domain
		
	)

Summary

Create, read, write, and delete files on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_isid_type_symlink(
	
		domain
		
	)

Summary

Create, read, write, and delete symbolic links on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_lost_found(
	
		domain
		
	)

Summary

Create, read, write, and delete objects in lost+found directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_manage_urandom_seed(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_mount_all_file_type_fs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_mounton_all_mountpoints(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_mountpoint(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_pid_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_all_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_etc_runtime_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_generic_spools(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_usr_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_usr_src_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_read_var_files(
	
		domain
		
	)

Summary

Read files in the /var directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_relabel_all_files(
	
		domain
		
			,
		
			[
		
		exception_types
		
			]
		
	)

Description

Relabel all files on the filesystem, except the listed exceptions.

Parameters

Parameter:	Description:	Optional:
domain	The type of the domain perfoming this action.	No
exception_types	The types to be excluded. Each type or attribute must be negated by the caller.	yes

files_relabelto_all_file_type_fs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_rw_etc_files(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_rw_generic_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_rw_isid_type_blk_node(
	
		domain
		
	)

Summary

Read and write block device nodes on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_rw_isid_type_dir(
	
		domain
		
	)

Summary

Read and write directories on new filesystems that have not yet been labeled.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_search_all_dirs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_etc(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_generic_locks(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_home(
	
		domain
		
	)

Summary

Search home directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_search_mnt(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_pids(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_spool(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_tmp(
	
		domain
		
	)

Summary

Search the tmp directory (/tmp)

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_search_usr(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_var(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_search_var_lib(
	
		domain
		
	)

Description

Search the /var/lib directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

files_tmp_file(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_tmpfs_file(
	
		type
		
	)

Description

Transform the type into a file, for use on a virtual memory filesystem (tmpfs).

Parameters

Parameter:	Description:	Optional:
type	The type to be transformed.	No

files_type(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_unconfined(
	
		domain
		
	)

Summary

Unconfined access to files.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

files_unmount_all_file_type_fs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

files_unmount_rootfs(
	
		?
		
	)

Summary

Summary is missing!

Parameters

Parameter:	Description:	Optional:
?	Parameter descriptions are missing!	No

Return