<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_corecommands.html'> corecommands</a><br/> - <a href='system_domain.html'> domain</a><br/> - <a href='system_files.html'> files</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_pcmcia.html'> pcmcia</a><br/> - <a href='system_raid.html'> raid</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: system</h1><p/> <h2>Module: corecommands</h2><p/> <h3>Description:</h3> <p><p> Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin. </p></p> <p>This module is required to be included in all policies.</p> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_corecmd_bin_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_bin_domtrans</b>( domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a file in a bin directory in the specified domain. </p> <h5>Description</h5> <p> </p><p> Execute a file in a bin directory in the specified domain. This allows the specified domain to execute any file on these filesystems in the specified domain. This is not suggested. </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p><p> This interface was added to handle the ssh-agent policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> <tr><td> target_domain </td><td> The type of the new process. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_dontaudit_getattr_sbin_file"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_dontaudit_getattr_sbin_file</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_exec_bin"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_exec_bin</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_exec_chroot"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_exec_chroot</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_exec_ls"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_exec_ls</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_exec_sbin"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_exec_sbin</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_exec_shell"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_exec_shell</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_getattr_bin_file"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_getattr_bin_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of files in bin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_getattr_sbin_file"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_getattr_sbin_file</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_list_bin"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_list_bin</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_list_sbin"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_list_sbin</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_bin_file"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_bin_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in bin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_bin_pipe"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_bin_pipe</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read pipes in bin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_bin_socket"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_bin_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read named sockets in bin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_bin_symlink"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_bin_symlink</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in bin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_sbin_file"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_sbin_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in sbin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_sbin_pipe"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_sbin_pipe</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read named pipes in sbin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_sbin_socket"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_sbin_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read named sockets in sbin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_read_sbin_symlink"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_read_sbin_symlink</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in sbin directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_sbin_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_sbin_domtrans</b>( domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a file in a sbin directory in the specified domain. </p> <h5>Description</h5> <p> </p><p> Execute a file in a sbin directory in the specified domain. This allows the specified domain to execute any file on these filesystems in the specified domain. This is not suggested. </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p><p> This interface was added to handle the ssh-agent policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> <tr><td> target_domain </td><td> The type of the new process. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_search_bin"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_search_bin</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_search_sbin"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_search_sbin</b>( ? )<br> </div> <div id="description"> <h5>Summary</h5> <p> Summary is missing! </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> ? </td><td> Parameter descriptions are missing! </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_shell_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_shell_domtrans</b>( domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in the specified domain. </p> <h5>Description</h5> <p> </p><p> Execute a shell in the specified domain. </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> <tr><td> target_domain </td><td> The type of the shell process. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_shell_entry_type"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_shell_entry_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the shell an entrypoint for the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The domain for which the shell is an entrypoint. </td><td> No </td></tr> </table> </div> </div> <a name="link_corecmd_shell_spec_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>corecmd_shell_spec_domtrans</b>( domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in the target domain. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Description</h5> <p> </p><p> Execute a shell in the target domain. This is an explicit transition, requiring the caller to use setexeccon(). </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> The type of the process performing this action. </td><td> No </td></tr> <tr><td> target_domain </td><td> The type of the shell process. </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>