<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_pcmcia.html'> pcmcia</a><br/> - <a href='system_raid.html'> raid</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: system</h1><p/> <h2>Module: userdomain</h2><p/> <a href=#interfaces>Interfaces</a> <a href=#templates>Templates</a> <h3>Description:</h3> <p><p>Policy for user domains</p></p> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_userdom_create_generic_user_home"></a> <div id="interface"> <div id="codeblock"> <b>userdom_create_generic_user_home</b>( domain , [ object_class ] )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in generic user home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> <tr><td> object_class </td><td> The class of the object to be created. If not specified, file is used. </td><td> yes </td></tr> </table> </div> </div> <a name="link_userdom_create_generic_user_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_create_generic_user_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create generic user home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_create_sysadm_home"></a> <div id="interface"> <div id="codeblock"> <b>userdom_create_sysadm_home</b>( domain , [ object_class ] )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in sysadm home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> <tr><td> object_class </td><td> The class of the object to be created. If not specified, file is used. </td><td> yes </td></tr> </table> </div> </div> <a name="link_userdom_dbus_send_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dbus_send_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a dbus message to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_getattr_sysadm_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_getattr_sysadm_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_getattr_sysadm_tty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_getattr_sysadm_tty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attepts to get the attributes of sysadm ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_sysadm_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_list_sysadm_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_all_users_home"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_all_users_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_staff_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_staff_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_sysadm_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_sysadm_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Don't audit search on the user home subdirectory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_all_user_fd"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_all_user_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit the file descriptors from any user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_sysadm_pty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_sysadm_pty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dont audit attempts to read and write sysadm ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_sysadm_terms"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_sysadm_terms</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use sysadm ttys and ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_sysadm_tty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_sysadm_tty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use sysadm ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_unpriv_user_fd"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_unpriv_user_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit the file descriptors from all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_unpriv_user_pty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_unpriv_user_pty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use unprivileged user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_unpriv_user_tty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_unpriv_user_tty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use unprivileged user ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_getattr_all_userdomains"></a> <div id="interface"> <div id="codeblock"> <b>userdom_getattr_all_userdomains</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_getattr_sysadm_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_getattr_sysadm_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_sysadm_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_sysadm_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_unpriv_user_tmp"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_unpriv_user_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users temporary directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_all_user_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_all_user_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete all directories in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_all_user_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_all_user_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete all files in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_all_user_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_all_user_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete all symlinks in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete subdirectories of generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_pipes"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named pipes in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_sockets"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named sockets in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_priveleged_home_dir_manager"></a> <div id="interface"> <div id="codeblock"> <b>userdom_priveleged_home_dir_manager</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified domain a privileged home directory manager. </p> <h5>Description</h5> <p> </p><p> Make the specified domain a privileged home directory manager. This domain will be able to manage the contents of all users general home directory content, and create files with the correct context. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_user_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_user_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all files in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_userdomains_state"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_userdomains_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the process state of all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_staff_home_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_staff_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_sysadm_home_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_sysadm_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_unpriv_user_home_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_unpriv_user_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users home directory files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_unpriv_user_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_unpriv_user_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_unpriv_user_tmp_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_unpriv_user_tmp_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users temporary symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_rw_sysadm_pipe"></a> <div id="interface"> <div id="codeblock"> <b>userdom_rw_sysadm_pipe</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm user unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_all_users_home"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_all_users_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_generic_user_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_generic_user_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_staff_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_staff_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_sysadm_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_sysadm_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_sysadm_home_subdirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_sysadm_home_subdirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the sysadm users home sub directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain to not audit. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_unpriv_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_unpriv_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all unprivileged users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_setattr_unpriv_user_pty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_setattr_unpriv_user_pty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_shell_domtrans_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_shell_domtrans_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in the sysadm domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sigchld_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sigchld_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a SIGCHLD signal to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sigchld_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sigchld_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a SIGCHLD signal to sysadm users. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_signal_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_signal_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send general signals to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_signal_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_signal_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send general signals to unprivileged user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_spec_domtrans_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_spec_domtrans_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in all user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_spec_domtrans_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_spec_domtrans_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>userdom_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_all_user_fd"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_all_user_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit the file descriptors from all user domains </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_fd"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit and use sysadm file descriptors </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_pty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_pty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_terms"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_terms</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm ttys and ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_tty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_tty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_unpriv_user_pty"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_unpriv_user_pty</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unprivileged user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_unpriv_users_fd"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_unpriv_users_fd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit the file descriptors from unprivileged user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_write_unpriv_user_tmp"></a> <div id="interface"> <div id="codeblock"> <b>userdom_write_unpriv_user_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write all unprivileged users files in /tmp </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> <a name="templates"></a> <h3>Templates: </h3> <a name="link_admin_user_template"></a> <div id="template"> <div id="codeblock"> <b>admin_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating an administrative user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p><p> The privileges given to administrative users are: <ul><p> </p><li><p>Raw disk access</p></li><p> </p><li><p>Set all sysctls</p></li><p> </p><li><p>All kernel ring buffer controls</p></li><p> </p><li><p>Set SELinux enforcement mode (enforcing/permissive)</p></li><p> </p><li><p>Set SELinux booleans</p></li><p> </p><li><p>Relabel all files but shadow</p></li><p> </p><li><p>Create, read, write, and delete all files but shadow</p></li><p> </p><li><p>Manage source and binary format SELinux policy</p></li><p> </p><li><p>Run insmod</p></li><p> </p></ul> </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., sysadm is the prefix for sysadm_t). </td><td> No </td></tr> </table> </div> </div> <a name="link_base_user_template"></a> <div id="template"> <div id="codeblock"> <b>base_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template containing rules common to unprivileged users and administrative users. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p><p> This generally should not be used, rather the unpriv_user_template or admin_user_template should be used. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> </table> </div> </div> <a name="link_unpriv_user_template"></a> <div id="template"> <div id="codeblock"> <b>unpriv_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a unprivileged user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_create_user_home"></a> <div id="template"> <div id="codeblock"> <b>userdom_create_user_home</b>( userdomain_prefix , domain , [ object_class ] , [ private_type ] )<br> </div> <div id="description"> <h5>Summary</h5> <p> </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete named sockets in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> <tr><td> object_class </td><td> The class of the object to be created. If not specified, file is used. </td><td> yes </td></tr> <tr><td> private_type </td><td> The type of the object to create. If this is not specified, the regular home directory type is used. </td><td> yes </td></tr> </table> </div> </div> <a name="link_userdom_exec_user_home_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_exec_user_home_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute user home files. </p> <h5>Description</h5> <p> </p><p> Execute user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_home_file"></a> <div id="template"> <div id="codeblock"> <b>userdom_home_file</b>( userdomain_prefix , type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable in a user home directory. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable in a user home directory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> type </td><td> Type to be used as a file in the user home directory. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_subdir_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_subdir_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete files in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_subdir_pipes"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_subdir_pipes</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named pipes in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete named pipes in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_subdir_sockets"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_subdir_sockets</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named sockets in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete named sockets in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_subdir_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_subdir_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete symbolic links in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_subdirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_subdirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete symbolic links in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary directories. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary files. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_pipes"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_pipes</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary named pipes. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary named pipes. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_sockets"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_sockets</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary named sockets. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary named sockets. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary symbolic links. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary symbolic links. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_home_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_home_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user home files. </p> <h5>Description</h5> <p> </p><p> Read user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_user_home"></a> <div id="template"> <div id="codeblock"> <b>userdom_search_user_home</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search user home directories. </p> <h5>Description</h5> <p> </p><p> Search user home directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_user_terminals"></a> <div id="template"> <div id="codeblock"> <b>userdom_use_user_terminals</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write a user domain tty and pty. </p> <h5>Description</h5> <p> </p><p> Read and write a user domain tty and pty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> The prefix of the user domain (e.g., user is the prefix for user_t). </td><td> No </td></tr> <tr><td> domain </td><td> Domain allowed access. </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>