<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> - <a href='admin_consoletype.html'> consoletype</a><br/> - <a href='admin_dmesg.html'> dmesg</a><br/> - <a href='admin_logrotate.html'> logrotate</a><br/> - <a href='admin_netutils.html'> netutils</a><br/> - <a href='admin_rpm.html'> rpm</a><br/> - <a href='admin_usermanage.html'> usermanage</a><br/> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> - <a href='apps_gpg.html'> gpg</a><br/> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_bootloader.html'> bootloader</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> - <a href='services_cron.html'> cron</a><br/> - <a href='services_inetd.html'> inetd</a><br/> - <a href='services_kerberos.html'> kerberos</a><br/> - <a href='services_mta.html'> mta</a><br/> - <a href='services_nis.html'> nis</a><br/> - <a href='services_nscd.html'> nscd</a><br/> - <a href='services_remotelogin.html'> remotelogin</a><br/> - <a href='services_sendmail.html'> sendmail</a><br/> - <a href='services_ssh.html'> ssh</a><br/> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_corecommands.html'> corecommands</a><br/> - <a href='system_domain.html'> domain</a><br/> - <a href='system_files.html'> files</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_pcmcia.html'> pcmcia</a><br/> - <a href='system_raid.html'> raid</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <h1>Layer: admin</h1><p/> <p><p> Policy modules for administrative functions, such as package management. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> <tr><td> <a href='admin_consoletype.html'> consoletype</a></td> <td><p> Determine of the console connected to the controlling terminal. </p></td> <tr><td> <a href='admin_dmesg.html'> dmesg</a></td> <td><p>Policy for dmesg.</p></td> <tr><td> <a href='admin_logrotate.html'> logrotate</a></td> <td><p>Rotate and archive system logs</p></td> <tr><td> <a href='admin_netutils.html'> netutils</a></td> <td><p>Network analysis utilities</p></td> <tr><td> <a href='admin_rpm.html'> rpm</a></td> <td><p>Policy for the RPM package manager.</p></td> <tr><td> <a href='admin_usermanage.html'> usermanage</a></td> <td><p>Policy for managing user accounts.</p></td> </td></tr> </td></tr> </td></tr> </td></tr> </td></tr> </table> <p/><br/><br/> <h1>Layer: kernel</h1><p/> <p><p> Policy for kernel threads, proc filesystem,and unlabeled processes and objects. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> </td></tr> <tr><td> <a href='kernel_bootloader.html'> bootloader</a></td> <td><p>Policy for the kernel modules, kernel image, and bootloader.</p></td> <tr><td> <a href='kernel_corenetwork.html'> corenetwork</a></td> <td><p>Policy controlling access to network objects</p></td> <tr><td> <a href='kernel_devices.html'> devices</a></td> <td><p> Device nodes and interfaces for many basic system devices. </p></td> <tr><td> <a href='kernel_filesystem.html'> filesystem</a></td> <td><p>Policy for filesystems.</p></td> <tr><td> <a href='kernel_kernel.html'> kernel</a></td> <td><p> Policy for kernel threads, proc filesystem,and unlabeled processes and objects. </p></td> <tr><td> <a href='kernel_selinux.html'> selinux</a></td> <td><p> Policy for kernel security interface, in particular, selinuxfs. </p></td> <tr><td> <a href='kernel_storage.html'> storage</a></td> <td><p>Policy controlling access to storage devices</p></td> <tr><td> <a href='kernel_terminal.html'> terminal</a></td> <td><p>Policy for terminals.</p></td> </td></tr> </td></tr> </td></tr> </table> <p/><br/><br/> <h1>Layer: apps</h1><p/> <p><p>Policy modules for applications</p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> <tr><td> <a href='apps_gpg.html'> gpg</a></td> <td><p>Policy for GNU Privacy Guard and related programs.</p></td> </td></tr> </td></tr> </td></tr> </td></tr> </table> <p/><br/><br/> <h1>Layer: system</h1><p/> <p><p> Policy modules for system functions from init to multi-user login. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> </td></tr> </td></tr> </td></tr> <tr><td> <a href='system_authlogin.html'> authlogin</a></td> <td><p>Common policy for authentication and user login.</p></td> <tr><td> <a href='system_clock.html'> clock</a></td> <td><p>Policy for reading and setting the hardware clock.</p></td> <tr><td> <a href='system_corecommands.html'> corecommands</a></td> <td><p> Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin. </p></td> <tr><td> <a href='system_domain.html'> domain</a></td> <td><p>Core policy for domains.</p></td> <tr><td> <a href='system_files.html'> files</a></td> <td><p> Basic filesystem types and interfaces. </p></td> <tr><td> <a href='system_fstools.html'> fstools</a></td> <td><p>Tools for filesystem management, such as mkfs and fsck.</p></td> <tr><td> <a href='system_getty.html'> getty</a></td> <td><p>Policy for getty.</p></td> <tr><td> <a href='system_hostname.html'> hostname</a></td> <td><p>Policy for changing the system host name.</p></td> <tr><td> <a href='system_hotplug.html'> hotplug</a></td> <td><p> Policy for hotplug system, for supporting the connection and disconnection of devices at runtime. </p></td> <tr><td> <a href='system_init.html'> init</a></td> <td><p>System initialization programs (init and init scripts).</p></td> <tr><td> <a href='system_ipsec.html'> ipsec</a></td> <td><p>TCP/IP encryption</p></td> <tr><td> <a href='system_iptables.html'> iptables</a></td> <td><p>Policy for iptables.</p></td> <tr><td> <a href='system_libraries.html'> libraries</a></td> <td><p>Policy for system libraries.</p></td> <tr><td> <a href='system_locallogin.html'> locallogin</a></td> <td><p>Policy for local logins.</p></td> <tr><td> <a href='system_logging.html'> logging</a></td> <td><p>Policy for the kernel message logger and system logging daemon.</p></td> <tr><td> <a href='system_lvm.html'> lvm</a></td> <td><p>Policy for logical volume management programs.</p></td> <tr><td> <a href='system_miscfiles.html'> miscfiles</a></td> <td><p>Miscelaneous files.</p></td> <tr><td> <a href='system_modutils.html'> modutils</a></td> <td><p>Policy for kernel module utilities</p></td> <tr><td> <a href='system_mount.html'> mount</a></td> <td><p>Policy for mount.</p></td> <tr><td> <a href='system_pcmcia.html'> pcmcia</a></td> <td><p>PCMCIA card management services</p></td> <tr><td> <a href='system_raid.html'> raid</a></td> <td><p>RAID array management tools</p></td> <tr><td> <a href='system_selinuxutil.html'> selinuxutil</a></td> <td><p>Policy for SELinux policy and userland applications.</p></td> <tr><td> <a href='system_sysnetwork.html'> sysnetwork</a></td> <td><p>Policy for network configuration: ifconfig and dhcp client.</p></td> <tr><td> <a href='system_udev.html'> udev</a></td> <td><p>Policy for udev.</p></td> <tr><td> <a href='system_unconfined.html'> unconfined</a></td> <td><p>The unconfined domain.</p></td> <tr><td> <a href='system_userdomain.html'> userdomain</a></td> <td><p>Policy for user domains</p></td> </td></tr> </table> <p/><br/><br/> <h1>Layer: services</h1><p/> <p><p> Policy modules for system services, like cron, and network services, like sshd. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> </td></tr> </td></tr> <tr><td> <a href='services_cron.html'> cron</a></td> <td><p>Periodic execution of scheduled commands.</p></td> <tr><td> <a href='services_inetd.html'> inetd</a></td> <td><p>Internet services daemon.</p></td> <tr><td> <a href='services_kerberos.html'> kerberos</a></td> <td><p>MIT Kerberos admin and KDC</p></td> <tr><td> <a href='services_mta.html'> mta</a></td> <td><p>Policy common to all email tranfer agents.</p></td> <tr><td> <a href='services_nis.html'> nis</a></td> <td><p>Policy for NIS (YP) servers and clients</p></td> <tr><td> <a href='services_nscd.html'> nscd</a></td> <td><p>Name service cache daemon</p></td> <tr><td> <a href='services_remotelogin.html'> remotelogin</a></td> <td><p>Policy for rshd, rlogind, and telnetd.</p></td> <tr><td> <a href='services_sendmail.html'> sendmail</a></td> <td><p>Policy for sendmail.</p></td> <tr><td> <a href='services_ssh.html'> ssh</a></td> <td><p>Secure shell client and server policy.</p></td> </td></tr> </td></tr> </table> <p/><br/><br/> </div> </body> </html>