Layer: kernel

Module: terminal

Description:

Policy for terminals.

This module is required to be included in all policies.

Interfaces:

term_create_pty(
	
		domain
		
			,
		
		pty_type
		
	)

Summary

Create a pty in the /dev/pts directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process creating the pty.	No
pty_type	The type of the pty.	No

term_dontaudit_getattr_all_user_ptys(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of any user pty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_getattr_all_user_ttys(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of any user tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_getattr_pty_dir(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of the /dev/pts directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_dontaudit_getattr_unallocated_ttys(
	
		domain
		
	)

Summary

Do not audit attempts to get the attributes of all unallocated tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_ioctl_unallocated_ttys(
	
		domain
		
	)

Summary

Do not audit attempts to ioctl unallocated tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_list_ptys(
	
		domain
		
	)

Summary

Do not audit attempts to read the /dev/pts directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_dontaudit_manage_pty_dir(
	
		domain
		
	)

Summary

Do not audit attempts to create, read, write, or delete the /dev/pts directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_dontaudit_search_ptys(
	
		domain
		
	)

Summary

Do not audit attempts to search the contents of the /dev/pts directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_use_all_user_ptys(
	
		domain
		
	)

Summary

Do not audit attempts to read any user ptys.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_dontaudit_use_all_user_ttys(
	
		domain
		
	)

Summary

Do not audit attempts to read or write any user ttys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_use_console(
	
		domain
		
	)

Summary

Do not audit attemtps to read from or write to the console.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_dontaudit_use_generic_pty(
	
		domain
		
	)

Summary

Dot not audit attempts to read and write the generic pty type. This is generally only used in the targeted policy.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_dontaudit_use_ptmx(
	
		domain
		
	)

Summary

Do not audit attempts to read and write the pty multiplexor (/dev/ptmx).

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_dontaudit_use_unallocated_tty(
	
		domain
		
	)

Summary

Do not audit attempts to read or write unallocated ttys.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to not audit.	No

term_getattr_all_user_ptys(
	
		domain
		
	)

Summary

Get the attributes of all user pty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_getattr_all_user_ttys(
	
		domain
		
	)

Summary

Get the attributes of all user tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_getattr_unallocated_ttys(
	
		domain
		
	)

Summary

Get the attributes of all unallocated tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_ioctl_generic_pty(
	
		domain
		
	)

Summary

ioctl of generic pty types.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_list_ptys(
	
		domain
		
	)

Summary

Read the /dev/pts directory to list all ptys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_login_pty(
	
		pty_type
		
	)

Summary

Transform specified type into a pty type used by login programs, such as sshd.

Parameters

Parameter:	Description:	Optional:
pty_type	An object type that will applied to a pty.	No

term_pty(
	
		pty_type
		
	)

Summary

Transform specified type into a pty type.

Parameters

Parameter:	Description:	Optional:
pty_type	An object type that will applied to a pty.	No

term_read_console(
	
		domain
		
	)

Summary

Read from the console.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_relabel_all_user_ptys(
	
		domain
		
	)

Summary

Relabel from and to all user user pty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_relabel_all_user_ttys(
	
		domain
		
	)

Summary

Relabel from and to all user user tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_relabel_unallocated_ttys(
	
		domain
		
	)

Summary

Relabel from and to the unallocated tty type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_relabelto_all_user_ptys(
	
		domain
		
	)

Summary

Relabel to all user ptys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_reset_tty_labels(
	
		domain
		
	)

Summary

Relabel from all user tty types to the unallocated tty type.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_search_ptys(
	
		domain
		
	)

Summary

Search the contents of the /dev/pts directory.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_setattr_all_user_ptys(
	
		domain
		
	)

Summary

Set the attributes of all user pty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_setattr_all_user_ttys(
	
		domain
		
	)

Summary

Set the attributes of all user tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_setattr_console(
	
		domain
		
	)

Summary

Set the attributes of the console device node.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_setattr_unallocated_ttys(
	
		domain
		
	)

Summary

Set the attributes of all unallocated tty device nodes.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_tty(
	
		tty_type
		
	)

Summary

Transform specified type into a tty type.

Parameters

Parameter:	Description:	Optional:
tty_type	An object type that will applied to a tty.	No

term_use_all_terms(
	
		domain
		
	)

Summary

Read and write the console, all ttys and all ptys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_use_all_user_ptys(
	
		domain
		
	)

Summary

Read and write all user ptys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_use_all_user_ttys(
	
		domain
		
	)

Summary

Read and write all user to all user ttys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_use_console(
	
		domain
		
	)

Summary

Read from and write to the console.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_use_controlling_term(
	
		domain
		
	)

Summary

Read and write the controlling terminal (/dev/tty).

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_use_generic_pty(
	
		domain
		
	)

Summary

Read and write the generic pty type. This is generally only used in the targeted policy.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_use_ptmx(
	
		domain
		
	)

Summary

Read and write the pty multiplexor (/dev/ptmx).

Parameters

Parameter:	Description:	Optional:
domain	The type of the process to allow access.	No

term_use_unallocated_tty(
	
		domain
		
	)

Summary

Read and write unallocated ttys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_user_pty(
	
		userdomain
		
			,
		
		object_type
		
	)

Summary

Transform specified type into an user pty type. This allows it to be relabeled via type change by login programs such as ssh.

Parameters

Parameter:	Description:	Optional:
userdomain	The type of the user domain associated with this pty.	No
object_type	An object type that will applied to a pty.	No

term_write_all_user_ttys(
	
		domain
		
	)

Summary

Write to all user ttys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_write_console(
	
		domain
		
	)

Summary

Write to the console.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

term_write_unallocated_ttys(
	
		domain
		
	)

Summary

Write to unallocated ttys.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

Return