Master interface index:
Module:
acct
Layer:
admin
acct_domtrans(
domain
)
Transition to the accounting management domain.
Module:
acct
Layer:
admin
acct_exec(
domain
)
Execute accounting management tools in the caller domain.
Module:
acct
Layer:
admin
acct_exec_data(
domain
)
Execute accounting management data in the caller domain.
Module:
acct
Layer:
admin
acct_manage_data(
domain
)
Create, read, write, and delete process accounting data.
Module:
alsa
Layer:
admin
alsa_domtrans(
domain
)
Domain transition to alsa
Module:
alsa
Layer:
admin
alsa_rw_semaphores(
domain
)
Allow read and write access to alsa semaphores.
Module:
alsa
Layer:
admin
alsa_rw_shared_mem(
domain
)
Allow read and write access to alsa shared memory.
Module:
amanda
Layer:
admin
amanda_append_log_files(
domain
)
Allow read/writing amanda logs
Module:
amanda
Layer:
admin
amanda_domtrans_recover(
domain
)
Execute amrecover in the amanda_recover domain.
Module:
amanda
Layer:
admin
amanda_dontaudit_read_dumpdates(
domain
)
Do not audit attempts to read /etc/dumpdates.
Module:
amanda
Layer:
admin
amanda_run_recover(
domain
,
role
,
terminal
)
Execute amrecover in the amanda_recover domain, and
allow the specified role the amanda_recover domain.
Module:
amanda
Layer:
admin
amanda_rw_dumpdates_files(
domain
)
Allow read/writing /etc/dumpdates.
Module:
amanda
Layer:
admin
amanda_search_lib(
domain
)
Search amanda library directories.
Module:
apache
Layer:
services
apache_append_squirrelmail_data(
domain
)
Allow the specified domain to append
apache squirrelmail data.
Module:
apache
Layer:
services
apache_domtrans_all_scripts(
domain
)
Execute all user scripts in the user
script domain.
Module:
apache
Layer:
services
apache_domtrans_helper(
domain
)
Execute the Apache helper program with
a domain transition.
Module:
apache
Layer:
services
apache_domtrans_sys_script(
domain
)
Execute all web scripts in the system
script domain.
Module:
apache
Layer:
services
apache_dontaudit_append_log(
domain
)
Do not audit attempts to append to the
Apache logs.
Module:
apache
Layer:
services
apache_dontaudit_rw_stream_sockets(
domain
)
Do not audit attempts to read and write Apache
unix domain stream sockets.
Module:
apache
Layer:
services
apache_dontaudit_rw_sys_script_stream_sockets(
domain
)
Do not audit attempts to read and write Apache
system script unix domain stream sockets.
Module:
apache
Layer:
services
apache_dontaudit_rw_tcp_sockets(
domain
)
Do not audit attempts to read and write Apache
TCP sockets.
Module:
apache
Layer:
services
apache_dontaudit_search_modules(
domain
)
Do not audit attempts to search Apache
module directories.
Module:
apache
Layer:
services
apache_exec_modules(
domain
)
Allow the specified domain to execute
apache modules.
Module:
apache
Layer:
services
apache_list_modules(
domain
)
Allow the specified domain to list
the contents of the apache modules
directory.
Module:
apache
Layer:
services
apache_manage_sys_content(
domain
)
Allow the specified domain to manage
apache system content files.
Module:
apache
Layer:
services
apache_read_config(
domain
)
Allow the specified domain to read
apache configuration files.
Module:
apache
Layer:
services
apache_read_log(
domain
)
Allow the specified domain to read
apache log files.
Module:
apache
Layer:
services
apache_read_squirrelmail_data(
domain
)
Allow the specified domain to read
apache squirrelmail data.
Module:
apache
Layer:
services
apache_read_sys_content(
domain
)
Read apache system content
Module:
apache
Layer:
services
apache_run_all_scripts(
domain
,
role
)
Execute all user scripts in the user
script domain. Add user script domains
to the specified role.
Module:
apache
Layer:
services
apache_run_helper(
domain
,
role
,
terminal
)
Execute the Apache helper program with
a domain transition, and allow the
specified role the dmidecode domain.
Module:
apache
Layer:
services
apache_search_sys_script_state(
domain
)
Search system script state directory.
Module:
apache
Layer:
services
apache_sigchld(
domain
)
Send a SIGCHLD signal to apache.
Module:
apache
Layer:
services
apache_signull(
domain
)
Send a null signal to apache.
Module:
apache
Layer:
services
apache_use_fds(
domain
)
Inherit and use file descriptors from Apache.
Module:
apm
Layer:
services
apm_append_log(
domain
)
Append to apm's log file.
Module:
apm
Layer:
services
apm_domtrans_client(
domain
)
Execute APM in the apm domain.
Module:
apm
Layer:
services
apm_rw_stream_sockets(
domain
)
Read and write to an apm unix stream socket.
Module:
apm
Layer:
services
apm_stream_connect(
domain
)
Connect to apmd over an unix stream socket.
Module:
apm
Layer:
services
apm_use_fds(
domain
)
Use file descriptors for apmd.
Module:
apm
Layer:
services
apm_write_pipes(
domain
)
Write to apmd unnamed pipes.
Module:
arpwatch
Layer:
services
arpwatch_dontaudit_rw_packet_sockets(
domain
)
Do not audit attempts to read and write
arpwatch packet sockets.
Module:
arpwatch
Layer:
services
arpwatch_manage_data_files(
domain
)
Create arpwatch data files.
Module:
arpwatch
Layer:
services
arpwatch_manage_tmp_files(
domain
)
Read and write arpwatch temporary files.
Module:
arpwatch
Layer:
services
arpwatch_rw_tmp_files(
domain
)
Read and write arpwatch temporary files.
Module:
arpwatch
Layer:
services
arpwatch_search_data(
domain
)
Search arpwatch's data file directories.
Module:
authlogin
Layer:
system
auth_append_faillog(
domain
)
Append to the login failure log.
Module:
authlogin
Layer:
system
auth_append_lastlog(
domain
)
Append only to the last logins log.
Module:
authlogin
Layer:
system
auth_append_login_records(
domain
)
Append to login records (wtmp).
Module:
authlogin
Layer:
system
auth_domtrans_chk_passwd(
domain
)
Run unix_chkpwd to check a password.
Module:
authlogin
Layer:
system
auth_domtrans_login_program(
domain
,
target_domain
)
Execute a login_program in the target domain.
Module:
authlogin
Layer:
system
auth_domtrans_pam(
domain
)
Execute pam programs in the pam domain.
Module:
authlogin
Layer:
system
auth_domtrans_utempter(
domain
)
Execute utempter programs in the utempter domain.
Module:
authlogin
Layer:
system
auth_dontaudit_exec_utempter(
domain
)
Do not audit attemps to execute utempter executable.
Module:
authlogin
Layer:
system
auth_dontaudit_getattr_shadow(
domain
)
Do not audit attempts to get the attributes
of the shadow passwords file.
Module:
authlogin
Layer:
system
auth_dontaudit_read_pam_pid(
domain
)
Do not audit attemps to read PAM pid files.
Module:
authlogin
Layer:
system
auth_dontaudit_read_shadow(
domain
)
Do not audit attempts to read the shadow
password file (/etc/shadow).
Module:
authlogin
Layer:
system
auth_getattr_shadow(
domain
)
Get the attributes of the shadow passwords file.
Module:
authlogin
Layer:
system
auth_login_entry_type(
domain
)
Use the login program as an entry point program.
Module:
authlogin
Layer:
system
auth_manage_all_files_except_shadow(
domain
,
exception_types
)
Manage all files on the filesystem, except
the shadow passwords and listed exceptions.
Module:
authlogin
Layer:
system
auth_manage_var_auth(
domain
)
Manage var auth files. Used by various other applications
and pam applets etc.
Module:
authlogin
Layer:
system
auth_read_all_dirs_except_shadow(
domain
,
exception_types
)
Read all directories on the filesystem, except
the shadow passwords and listed exceptions.
Module:
authlogin
Layer:
system
auth_read_all_files_except_shadow(
domain
,
exception_types
)
Read all files on the filesystem, except
the shadow passwords and listed exceptions.
Module:
authlogin
Layer:
system
auth_read_all_symlinks_except_shadow(
domain
,
exception_types
)
Read all symbolic links on the filesystem, except
the shadow passwords and listed exceptions.
Module:
authlogin
Layer:
system
auth_read_lastlog(
domain
)
Read the last logins log.
Module:
authlogin
Layer:
system
auth_read_shadow(
domain
)
Read the shadow passwords file (/etc/shadow)
Module:
authlogin
Layer:
system
auth_relabel_all_files_except_shadow(
domain
,
exception_types
)
Relabel all files on the filesystem, except
the shadow passwords and listed exceptions.
Module:
authlogin
Layer:
system
auth_relabel_shadow(
domain
)
Relabel from and to the shadow
password file type.
Module:
authlogin
Layer:
system
auth_relabelto_shadow(
domain
)
Relabel to the shadow
password file type.
Module:
authlogin
Layer:
system
auth_run_pam(
domain
,
role
,
terminal
)
Execute pam programs in the PAM domain.
Module:
authlogin
Layer:
system
auth_run_utempter(
domain
,
role
,
terminal
)
Execute utempter programs in the utempter domain.
Module:
authlogin
Layer:
system
auth_rw_lastlog(
domain
)
Read and write to the last logins log.
Module:
authlogin
Layer:
system
auth_rw_shadow(
domain
)
Read and write the shadow password file (/etc/shadow).
Module:
authlogin
Layer:
system
auth_search_pam_console_data(
domain
)
Search the contents of the
pam_console data directory.
Module:
authlogin
Layer:
system
auth_unconfined(
domain
)
Unconfined access to the authlogin module.
Module:
authlogin
Layer:
system
auth_use_nsswitch(
domain
)
Use nsswitch to look up uid-username mappings.
Module:
authlogin
Layer:
system
auth_write_login_records(
domain
)
Write to login records (wtmp).
Module:
automount
Layer:
services
automount_domtrans(
domain
)
Execute automount in the automount domain.
Module:
automount
Layer:
services
automount_dontaudit_getattr_tmp_dirs(
domain
)
Do not audit attempts to get the attributes
of automount temporary directories.
Module:
automount
Layer:
services
automount_exec_config(
domain
)
Execute automount in the caller domain.
Module:
avahi
Layer:
services
avahi_dbus_chat(
domain
)
Send and receive messages from
avahi over dbus.
Module:
bind
Layer:
services
bind_domtrans(
domain
)
Execute bind in the named domain.
Module:
bind
Layer:
services
bind_domtrans_ndc(
domain
)
Execute ndc in the ndc domain.
Module:
bind
Layer:
services
bind_manage_cache(
domain
)
Create, read, write, and delete
BIND cache files.
Module:
bind
Layer:
services
bind_manage_config_dirs(
domain
)
Create, read, write, and delete
BIND configuration directories.
Module:
bind
Layer:
services
bind_read_config(
domain
)
Read BIND named configuration files.
Module:
bind
Layer:
services
bind_read_dnssec_keys(
domain
)
Module:
bind
Layer:
services
bind_run_ndc(
domain
,
role
,
terminal
)
Execute ndc in the ndc domain, and
allow the specified role the ndc domain.
Module:
bind
Layer:
services
bind_search_cache(
domain
)
Search the BIND cache directory.
Module:
bind
Layer:
services
bind_setattr_pid_dirs(
domain
)
Do not audit attempts to set the attributes
of the BIND pid directory.
Module:
bind
Layer:
services
bind_signal(
domain
)
Send generic signals to BIND.
Module:
bind
Layer:
services
bind_write_config(
domain
)
Write BIND named configuration files.
Module:
bluetooth
Layer:
services
bluetooth_dbus_chat(
domain
)
Send and receive messages from
bluetooth over dbus.
Module:
bluetooth
Layer:
services
bluetooth_domtrans_helper(
domain
)
Execute bluetooth_helper in the bluetooth_helper domain.
Module:
bluetooth
Layer:
services
bluetooth_dontaudit_read_helper_files(
domain
)
Read bluetooth helper files.
Module:
bluetooth
Layer:
services
bluetooth_read_config(
domain
)
Read bluetooth daemon configuration.
Module:
bluetooth
Layer:
services
bluetooth_run_helper(
domain
,
role
,
terminal
)
Execute bluetooth_helper in the bluetooth_helper domain, and
allow the specified role the bluetooth_helper domain.
Module:
bootloader
Layer:
admin
bootloader_create_runtime_file(
domain
)
Read and write the bootloader
temporary data in /tmp.
Module:
bootloader
Layer:
admin
bootloader_domtrans(
domain
)
Execute bootloader in the bootloader domain.
Module:
bootloader
Layer:
admin
bootloader_read_config(
domain
)
Read the bootloader configuration file.
Module:
bootloader
Layer:
admin
bootloader_run(
domain
,
role
,
terminal
)
Execute bootloader interactively and do
a domain transition to the bootloader domain.
Module:
bootloader
Layer:
admin
bootloader_rw_config(
domain
)
Read and write the bootloader
configuration file.
Module:
bootloader
Layer:
admin
bootloader_rw_tmp_files(
domain
)
Read and write the bootloader
temporary data in /tmp.
Module:
canna
Layer:
services
canna_stream_connect(
domain
)
Connect to Canna using a unix domain stream socket.
Module:
certwatch
Layer:
admin
certwatach_run(
domain
,
role
,
terminal
)
Execute certwatch in the certwatch domain, and
allow the specified role the certwatch domain,
and use the caller's terminal. Has a sigchld
backchannel.
Module:
certwatch
Layer:
admin
certwatch_domtrans(
domain
)
Domain transition to certwatch.
Module:
clock
Layer:
system
clock_domtrans(
domain
)
Execute hwclock in the clock domain.
Module:
clock
Layer:
system
clock_exec(
domain
)
Execute hwclock in the caller domain.
Module:
clock
Layer:
system
clock_run(
domain
,
role
,
terminal
)
Execute hwclock in the clock domain, and
allow the specified role the hwclock domain.
Module:
clock
Layer:
system
clock_rw_adjtime(
domain
)
Allow executing domain to modify clock drift
Module:
consoletype
Layer:
admin
consoletype_domtrans(
domain
)
Execute consoletype in the consoletype domain.
Module:
consoletype
Layer:
admin
consoletype_exec(
domain
)
Execute consoletype in the caller domain.
Module:
consoletype
Layer:
admin
consoletype_run(
domain
,
role
,
terminal
)
Execute consoletype in the consoletype domain, and
allow the specified role the consoletype domain.
Module:
corecommands
Layer:
kernel
corecmd_bin_alias(
domain
)
Create a aliased type to generic bin files.
Module:
corecommands
Layer:
kernel
corecmd_bin_domtrans(
domain
,
target_domain
)
Execute a file in a bin directory
in the specified domain.
Module:
corecommands
Layer:
kernel
corecmd_bin_spec_domtrans(
domain
,
target_domain
)
Execute a file in a bin directory
in the specified domain but do not
do it automatically. This is an explicit
transition, requiring the caller to use setexeccon().
Module:
corecommands
Layer:
kernel
corecmd_check_exec_shell(
domain
)
Check if a shell is executable (DAC-wise).
Module:
corecommands
Layer:
kernel
corecmd_dontaudit_search_sbin(
domain
)
Do not audit attempts to search
sbin directories.
Module:
corecommands
Layer:
kernel
corecmd_getattr_bin_files(
domain
)
Get the attributes of files in bin directories.
Module:
corecommands
Layer:
kernel
corecmd_manage_bin_files(
domain
)
Create, read, write, and delete bin files.
Module:
corecommands
Layer:
kernel
corecmd_manage_sbin_files(
domain
)
Create, read, write, and delete sbin files.
Module:
corecommands
Layer:
kernel
corecmd_mmap_bin_files(
domain
)
Mmap a bin file as executable.
Module:
corecommands
Layer:
kernel
corecmd_mmap_sbin_files(
domain
)
Mmap a sbin file as executable.
Module:
corecommands
Layer:
kernel
corecmd_read_bin_files(
domain
)
Read files in bin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_bin_pipes(
domain
)
Read pipes in bin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_bin_sockets(
domain
)
Read named sockets in bin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_bin_symlinks(
domain
)
Read symbolic links in bin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_sbin_files(
domain
)
Read files in sbin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_sbin_pipes(
domain
)
Read named pipes in sbin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_sbin_sockets(
domain
)
Read named sockets in sbin directories.
Module:
corecommands
Layer:
kernel
corecmd_read_sbin_symlinks(
domain
)
Read symbolic links in sbin directories.
Module:
corecommands
Layer:
kernel
corecmd_relabel_bin_files(
domain
)
Relabel to and from the bin type.
Module:
corecommands
Layer:
kernel
corecmd_relabel_sbin_files(
domain
)
Relabel to and from the sbin type.
Module:
corecommands
Layer:
kernel
corecmd_sbin_domtrans(
domain
,
target_domain
)
Execute a file in a sbin directory
in the specified domain.
Module:
corecommands
Layer:
kernel
corecmd_sbin_spec_domtrans(
domain
,
target_domain
)
Execute a file in a sbin directory
in the specified domain but do not
do it automatically. This is an explicit
transition, requiring the caller to use setexeccon().
Module:
corecommands
Layer:
kernel
corecmd_shell_domtrans(
domain
,
target_domain
)
Execute a shell in the specified domain.
Module:
corecommands
Layer:
kernel
corecmd_shell_entry_type(
domain
)
Make the shell an entrypoint for the specified domain.
Module:
corecommands
Layer:
kernel
corecmd_shell_spec_domtrans(
domain
,
target_domain
)
Execute a shell in the target domain. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
corenetwork
Layer:
kernel
corenet_dontaudit_tcp_bind_all_ports(
domain
)
Do not audit attepts to bind TCP sockets to any ports.
Module:
corenetwork
Layer:
kernel
corenet_dontaudit_tcp_bind_all_reserved_ports(
domain
)
Do not audit attempts to bind TCP sockets to all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_dontaudit_tcp_connect_all_reserved_ports(
domain
)
Do not audit attempts to connect TCP sockets
all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_dontaudit_udp_bind_all_reserved_ports(
domain
)
Do not audit attempts to bind UDP sockets to all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_non_ipsec_sendrecv(
domain
)
Send and receive messages on a
non-encrypted (no IPSEC) network
session.
Module:
corenetwork
Layer:
kernel
corenet_raw_bind_all_nodes(
domain
)
Bind raw sockets to all nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_all_if(
domain
)
Receive raw IP packets on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_all_nodes(
domain
)
Receive raw IP packets on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_compat_ipv4_node(
domain
)
Receive raw IP packets on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_generic_if(
domain
)
Receive raw IP packets on generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_generic_node(
domain
)
Receive raw IP packets on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_inaddr_any_node(
domain
)
Receive raw IP packets on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_link_local_node(
domain
)
Receive raw IP packets on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_lo_if(
domain
)
Receive raw IP packets on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_lo_node(
domain
)
Receive raw IP packets on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_mapped_ipv4_node(
domain
)
Receive raw IP packets on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_multicast_node(
domain
)
Receive raw IP packets on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_site_local_node(
domain
)
Receive raw IP packets on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_raw_receive_unspec_node(
domain
)
Receive raw IP packets on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_all_if(
domain
)
Send raw IP packets on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_all_nodes(
domain
)
Send raw IP packets on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_compat_ipv4_node(
domain
)
Send raw IP packets on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_generic_if(
domain
)
Send raw IP packets on generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_generic_node(
domain
)
Send raw IP packets on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_inaddr_any_node(
domain
)
Send raw IP packets on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_link_local_node(
domain
)
Send raw IP packets on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_lo_if(
domain
)
Send raw IP packets on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_lo_node(
domain
)
Send raw IP packets on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_mapped_ipv4_node(
domain
)
Send raw IP packets on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_multicast_node(
domain
)
Send raw IP packets on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_site_local_node(
domain
)
Send raw IP packets on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_raw_send_unspec_node(
domain
)
Send raw IP packets on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_all_if(
domain
)
Send and receive raw IP packets on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_all_nodes(
domain
)
Send and receive raw IP packets on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_compat_ipv4_node(
domain
)
Send and receive raw IP packets on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_generic_if(
domain
)
Send and receive raw IP packets on generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_generic_node(
domain
)
Send and receive raw IP packets on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_inaddr_any_node(
domain
)
Send and receive raw IP packets on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_link_local_node(
domain
)
Send and receive raw IP packets on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_lo_if(
domain
)
Send and receive raw IP packets on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_lo_node(
domain
)
Send and receive raw IP packets on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_mapped_ipv4_node(
domain
)
Send and receive raw IP packets on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_multicast_node(
domain
)
Send and receive raw IP packets on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_site_local_node(
domain
)
Send and receive raw IP packets on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_raw_sendrecv_unspec_node(
domain
)
Send and receive raw IP packets on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_rw_ppp_dev(
domain
)
Read and write the point-to-point device.
Module:
corenetwork
Layer:
kernel
corenet_rw_tun_tap_dev(
domain
)
Read and write the TUN/TAP virtual network device.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_afs_bos_port(
domain
)
Bind TCP sockets to the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_afs_fs_port(
domain
)
Bind TCP sockets to the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_afs_ka_port(
domain
)
Bind TCP sockets to the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_afs_pt_port(
domain
)
Bind TCP sockets to the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_afs_vl_port(
domain
)
Bind TCP sockets to the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_all_nodes(
domain
)
Bind TCP sockets to all nodes.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_all_ports(
domain
)
Bind TCP sockets to all ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_all_reserved_ports(
domain
)
Bind TCP sockets to all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_amanda_port(
domain
)
Bind TCP sockets to the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_amavisd_recv_port(
domain
)
Bind TCP sockets to the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_amavisd_send_port(
domain
)
Bind TCP sockets to the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_asterisk_port(
domain
)
Bind TCP sockets to the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_auth_port(
domain
)
Bind TCP sockets to the auth port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_bgp_port(
domain
)
Bind TCP sockets to the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_clamd_port(
domain
)
Bind TCP sockets to the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_clockspeed_port(
domain
)
Bind TCP sockets to the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_compat_ipv4_node(
domain
)
Bind TCP sockets to node compat_ipv4.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_comsat_port(
domain
)
Bind TCP sockets to the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_cvs_port(
domain
)
Bind TCP sockets to the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_dbskkd_port(
domain
)
Bind TCP sockets to the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_dcc_port(
domain
)
Bind TCP sockets to the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_dhcpc_port(
domain
)
Bind TCP sockets to the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_dhcpd_port(
domain
)
Bind TCP sockets to the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_dict_port(
domain
)
Bind TCP sockets to the dict port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_distccd_port(
domain
)
Bind TCP sockets to the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_dns_port(
domain
)
Bind TCP sockets to the dns port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_fingerd_port(
domain
)
Bind TCP sockets to the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ftp_data_port(
domain
)
Bind TCP sockets to the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ftp_port(
domain
)
Bind TCP sockets to the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_gatekeeper_port(
domain
)
Bind TCP sockets to the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_generic_node(
domain
)
Bind TCP sockets to generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_generic_port(
domain
)
Bind TCP sockets to generic ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_giftd_port(
domain
)
Bind TCP sockets to the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_gopher_port(
domain
)
Bind TCP sockets to the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_howl_port(
domain
)
Bind TCP sockets to the howl port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_hplip_port(
domain
)
Bind TCP sockets to the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_http_cache_port(
domain
)
Bind TCP sockets to the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_http_port(
domain
)
Bind TCP sockets to the http port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_i18n_input_port(
domain
)
Bind TCP sockets to the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_imaze_port(
domain
)
Bind TCP sockets to the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_inaddr_any_node(
domain
)
Bind TCP sockets to node inaddr_any.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_inetd_child_port(
domain
)
Bind TCP sockets to the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_innd_port(
domain
)
Bind TCP sockets to the innd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ipp_port(
domain
)
Bind TCP sockets to the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ircd_port(
domain
)
Bind TCP sockets to the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_isakmp_port(
domain
)
Bind TCP sockets to the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_jabber_client_port(
domain
)
Bind TCP sockets to the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_jabber_interserver_port(
domain
)
Bind TCP sockets to the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_kerberos_admin_port(
domain
)
Bind TCP sockets to the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_kerberos_master_port(
domain
)
Bind TCP sockets to the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_kerberos_port(
domain
)
Bind TCP sockets to the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ktalkd_port(
domain
)
Bind TCP sockets to the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ldap_port(
domain
)
Bind TCP sockets to the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_link_local_node(
domain
)
Bind TCP sockets to node link_local.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_lo_node(
domain
)
Bind TCP sockets to node lo.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_mail_port(
domain
)
Bind TCP sockets to the mail port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_mapped_ipv4_node(
domain
)
Bind TCP sockets to node mapped_ipv4.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_monopd_port(
domain
)
Bind TCP sockets to the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_multicast_node(
domain
)
Bind TCP sockets to node multicast.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_mysqld_port(
domain
)
Bind TCP sockets to the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_nessus_port(
domain
)
Bind TCP sockets to the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_nmbd_port(
domain
)
Bind TCP sockets to the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ntp_port(
domain
)
Bind TCP sockets to the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_openvpn_port(
domain
)
Bind TCP sockets to the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_pegasus_http_port(
domain
)
Bind TCP sockets to the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_pegasus_https_port(
domain
)
Bind TCP sockets to the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_pop_port(
domain
)
Bind TCP sockets to the pop port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_portmap_port(
domain
)
Bind TCP sockets to the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_postgresql_port(
domain
)
Bind TCP sockets to the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_postgrey_port(
domain
)
Bind TCP sockets to the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_printer_port(
domain
)
Bind TCP sockets to the printer port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ptal_port(
domain
)
Bind TCP sockets to the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_pxe_port(
domain
)
Bind TCP sockets to the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_pyzor_port(
domain
)
Bind TCP sockets to the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_radacct_port(
domain
)
Bind TCP sockets to the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_radius_port(
domain
)
Bind TCP sockets to the radius port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_razor_port(
domain
)
Bind TCP sockets to the razor port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_reserved_port(
domain
)
Bind TCP sockets to generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_rlogind_port(
domain
)
Bind TCP sockets to the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_rndc_port(
domain
)
Bind TCP sockets to the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_router_port(
domain
)
Bind TCP sockets to the router port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_rsh_port(
domain
)
Bind TCP sockets to the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_rsync_port(
domain
)
Bind TCP sockets to the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_site_local_node(
domain
)
Bind TCP sockets to node site_local.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_smbd_port(
domain
)
Bind TCP sockets to the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_smtp_port(
domain
)
Bind TCP sockets to the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_snmp_port(
domain
)
Bind TCP sockets to the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_soundd_port(
domain
)
Bind TCP sockets to the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_spamd_port(
domain
)
Bind TCP sockets to the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_ssh_port(
domain
)
Bind TCP sockets to the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_swat_port(
domain
)
Bind TCP sockets to the swat port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_syslogd_port(
domain
)
Bind TCP sockets to the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_telnetd_port(
domain
)
Bind TCP sockets to the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_tftp_port(
domain
)
Bind TCP sockets to the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_transproxy_port(
domain
)
Bind TCP sockets to the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_unspec_node(
domain
)
Bind TCP sockets to node unspec.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_uucpd_port(
domain
)
Bind TCP sockets to the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_vnc_port(
domain
)
Bind TCP sockets to the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_xserver_port(
domain
)
Bind TCP sockets to the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_zebra_port(
domain
)
Bind TCP sockets to the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_bind_zope_port(
domain
)
Bind TCP sockets to the zope port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_afs_bos_port(
domain
)
Make a TCP connection to the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_afs_fs_port(
domain
)
Make a TCP connection to the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_afs_ka_port(
domain
)
Make a TCP connection to the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_afs_pt_port(
domain
)
Make a TCP connection to the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_afs_vl_port(
domain
)
Make a TCP connection to the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_all_ports(
domain
)
Connect TCP sockets to all ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_all_reserved_ports(
domain
)
Connect TCP sockets to reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_amanda_port(
domain
)
Make a TCP connection to the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_amavisd_recv_port(
domain
)
Make a TCP connection to the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_amavisd_send_port(
domain
)
Make a TCP connection to the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_asterisk_port(
domain
)
Make a TCP connection to the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_auth_port(
domain
)
Make a TCP connection to the auth port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_bgp_port(
domain
)
Make a TCP connection to the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_clamd_port(
domain
)
Make a TCP connection to the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_clockspeed_port(
domain
)
Make a TCP connection to the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_comsat_port(
domain
)
Make a TCP connection to the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_cvs_port(
domain
)
Make a TCP connection to the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_dbskkd_port(
domain
)
Make a TCP connection to the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_dcc_port(
domain
)
Make a TCP connection to the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_dhcpc_port(
domain
)
Make a TCP connection to the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_dhcpd_port(
domain
)
Make a TCP connection to the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_dict_port(
domain
)
Make a TCP connection to the dict port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_distccd_port(
domain
)
Make a TCP connection to the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_dns_port(
domain
)
Make a TCP connection to the dns port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_fingerd_port(
domain
)
Make a TCP connection to the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ftp_data_port(
domain
)
Make a TCP connection to the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ftp_port(
domain
)
Make a TCP connection to the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_gatekeeper_port(
domain
)
Make a TCP connection to the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_generic_port(
domain
)
Connect TCP sockets to generic ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_giftd_port(
domain
)
Make a TCP connection to the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_gopher_port(
domain
)
Make a TCP connection to the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_howl_port(
domain
)
Make a TCP connection to the howl port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_hplip_port(
domain
)
Make a TCP connection to the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_http_cache_port(
domain
)
Make a TCP connection to the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_http_port(
domain
)
Make a TCP connection to the http port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_i18n_input_port(
domain
)
Make a TCP connection to the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_imaze_port(
domain
)
Make a TCP connection to the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_inetd_child_port(
domain
)
Make a TCP connection to the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_innd_port(
domain
)
Make a TCP connection to the innd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ipp_port(
domain
)
Make a TCP connection to the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ircd_port(
domain
)
Make a TCP connection to the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_isakmp_port(
domain
)
Make a TCP connection to the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_jabber_client_port(
domain
)
Make a TCP connection to the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_jabber_interserver_port(
domain
)
Make a TCP connection to the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_kerberos_admin_port(
domain
)
Make a TCP connection to the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_kerberos_master_port(
domain
)
Make a TCP connection to the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_kerberos_port(
domain
)
Make a TCP connection to the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ktalkd_port(
domain
)
Make a TCP connection to the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ldap_port(
domain
)
Make a TCP connection to the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_mail_port(
domain
)
Make a TCP connection to the mail port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_monopd_port(
domain
)
Make a TCP connection to the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_mysqld_port(
domain
)
Make a TCP connection to the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_nessus_port(
domain
)
Make a TCP connection to the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_nmbd_port(
domain
)
Make a TCP connection to the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ntp_port(
domain
)
Make a TCP connection to the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_openvpn_port(
domain
)
Make a TCP connection to the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_pegasus_http_port(
domain
)
Make a TCP connection to the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_pegasus_https_port(
domain
)
Make a TCP connection to the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_pop_port(
domain
)
Make a TCP connection to the pop port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_portmap_port(
domain
)
Make a TCP connection to the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_postgresql_port(
domain
)
Make a TCP connection to the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_postgrey_port(
domain
)
Make a TCP connection to the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_printer_port(
domain
)
Make a TCP connection to the printer port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ptal_port(
domain
)
Make a TCP connection to the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_pxe_port(
domain
)
Make a TCP connection to the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_pyzor_port(
domain
)
Make a TCP connection to the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_radacct_port(
domain
)
Make a TCP connection to the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_radius_port(
domain
)
Make a TCP connection to the radius port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_razor_port(
domain
)
Make a TCP connection to the razor port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_reserved_port(
domain
)
Connect TCP sockets to generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_rlogind_port(
domain
)
Make a TCP connection to the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_rndc_port(
domain
)
Make a TCP connection to the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_router_port(
domain
)
Make a TCP connection to the router port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_rsh_port(
domain
)
Make a TCP connection to the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_rsync_port(
domain
)
Make a TCP connection to the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_smbd_port(
domain
)
Make a TCP connection to the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_smtp_port(
domain
)
Make a TCP connection to the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_snmp_port(
domain
)
Make a TCP connection to the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_soundd_port(
domain
)
Make a TCP connection to the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_spamd_port(
domain
)
Make a TCP connection to the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_ssh_port(
domain
)
Make a TCP connection to the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_swat_port(
domain
)
Make a TCP connection to the swat port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_syslogd_port(
domain
)
Make a TCP connection to the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_telnetd_port(
domain
)
Make a TCP connection to the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_tftp_port(
domain
)
Make a TCP connection to the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_transproxy_port(
domain
)
Make a TCP connection to the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_uucpd_port(
domain
)
Make a TCP connection to the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_vnc_port(
domain
)
Make a TCP connection to the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_xserver_port(
domain
)
Make a TCP connection to the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_zebra_port(
domain
)
Make a TCP connection to the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_connect_zope_port(
domain
)
Make a TCP connection to the zope port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_afs_bos_port(
domain
)
Send and receive TCP traffic on the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_afs_fs_port(
domain
)
Send and receive TCP traffic on the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_afs_ka_port(
domain
)
Send and receive TCP traffic on the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_afs_pt_port(
domain
)
Send and receive TCP traffic on the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_afs_vl_port(
domain
)
Send and receive TCP traffic on the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_all_if(
domain
)
Send and receive TCP network traffic on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_all_nodes(
domain
)
Send and receive TCP network traffic on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_all_ports(
domain
)
Send and receive TCP network traffic on all ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_all_reserved_ports(
domain
)
Send and receive TCP network traffic on all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_amanda_port(
domain
)
Send and receive TCP traffic on the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_amavisd_recv_port(
domain
)
Send and receive TCP traffic on the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_amavisd_send_port(
domain
)
Send and receive TCP traffic on the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_asterisk_port(
domain
)
Send and receive TCP traffic on the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_auth_port(
domain
)
Send and receive TCP traffic on the auth port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_bgp_port(
domain
)
Send and receive TCP traffic on the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_clamd_port(
domain
)
Send and receive TCP traffic on the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_clockspeed_port(
domain
)
Send and receive TCP traffic on the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_compat_ipv4_node(
domain
)
Send and receive TCP traffic on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_comsat_port(
domain
)
Send and receive TCP traffic on the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_cvs_port(
domain
)
Send and receive TCP traffic on the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_dbskkd_port(
domain
)
Send and receive TCP traffic on the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_dcc_port(
domain
)
Send and receive TCP traffic on the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_dhcpc_port(
domain
)
Send and receive TCP traffic on the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_dhcpd_port(
domain
)
Send and receive TCP traffic on the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_dict_port(
domain
)
Send and receive TCP traffic on the dict port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_distccd_port(
domain
)
Send and receive TCP traffic on the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_dns_port(
domain
)
Send and receive TCP traffic on the dns port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_fingerd_port(
domain
)
Send and receive TCP traffic on the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ftp_data_port(
domain
)
Send and receive TCP traffic on the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ftp_port(
domain
)
Send and receive TCP traffic on the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_gatekeeper_port(
domain
)
Send and receive TCP traffic on the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_generic_if(
domain
)
Send and receive TCP network traffic on the generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_generic_node(
domain
)
Send and receive TCP network traffic on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_generic_port(
domain
)
Send and receive TCP network traffic on generic ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_giftd_port(
domain
)
Send and receive TCP traffic on the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_gopher_port(
domain
)
Send and receive TCP traffic on the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_howl_port(
domain
)
Send and receive TCP traffic on the howl port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_hplip_port(
domain
)
Send and receive TCP traffic on the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_http_cache_port(
domain
)
Send and receive TCP traffic on the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_http_port(
domain
)
Send and receive TCP traffic on the http port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_i18n_input_port(
domain
)
Send and receive TCP traffic on the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_imaze_port(
domain
)
Send and receive TCP traffic on the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_inaddr_any_node(
domain
)
Send and receive TCP traffic on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_inetd_child_port(
domain
)
Send and receive TCP traffic on the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_innd_port(
domain
)
Send and receive TCP traffic on the innd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ipp_port(
domain
)
Send and receive TCP traffic on the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ircd_port(
domain
)
Send and receive TCP traffic on the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_isakmp_port(
domain
)
Send and receive TCP traffic on the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_jabber_client_port(
domain
)
Send and receive TCP traffic on the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_jabber_interserver_port(
domain
)
Send and receive TCP traffic on the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_kerberos_admin_port(
domain
)
Send and receive TCP traffic on the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_kerberos_master_port(
domain
)
Send and receive TCP traffic on the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_kerberos_port(
domain
)
Send and receive TCP traffic on the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ktalkd_port(
domain
)
Send and receive TCP traffic on the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ldap_port(
domain
)
Send and receive TCP traffic on the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_link_local_node(
domain
)
Send and receive TCP traffic on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_lo_if(
domain
)
Send and receive TCP network traffic on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_lo_node(
domain
)
Send and receive TCP traffic on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_mail_port(
domain
)
Send and receive TCP traffic on the mail port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_mapped_ipv4_node(
domain
)
Send and receive TCP traffic on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_monopd_port(
domain
)
Send and receive TCP traffic on the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_multicast_node(
domain
)
Send and receive TCP traffic on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_mysqld_port(
domain
)
Send and receive TCP traffic on the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_nessus_port(
domain
)
Send and receive TCP traffic on the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_nmbd_port(
domain
)
Send and receive TCP traffic on the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ntp_port(
domain
)
Send and receive TCP traffic on the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_openvpn_port(
domain
)
Send and receive TCP traffic on the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_pegasus_http_port(
domain
)
Send and receive TCP traffic on the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_pegasus_https_port(
domain
)
Send and receive TCP traffic on the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_pop_port(
domain
)
Send and receive TCP traffic on the pop port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_portmap_port(
domain
)
Send and receive TCP traffic on the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_postgresql_port(
domain
)
Send and receive TCP traffic on the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_postgrey_port(
domain
)
Send and receive TCP traffic on the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_printer_port(
domain
)
Send and receive TCP traffic on the printer port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ptal_port(
domain
)
Send and receive TCP traffic on the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_pxe_port(
domain
)
Send and receive TCP traffic on the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_pyzor_port(
domain
)
Send and receive TCP traffic on the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_radacct_port(
domain
)
Send and receive TCP traffic on the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_radius_port(
domain
)
Send and receive TCP traffic on the radius port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_razor_port(
domain
)
Send and receive TCP traffic on the razor port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_reserved_port(
domain
)
Send and receive TCP network traffic on generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_rlogind_port(
domain
)
Send and receive TCP traffic on the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_rndc_port(
domain
)
Send and receive TCP traffic on the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_router_port(
domain
)
Send and receive TCP traffic on the router port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_rsh_port(
domain
)
Send and receive TCP traffic on the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_rsync_port(
domain
)
Send and receive TCP traffic on the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_site_local_node(
domain
)
Send and receive TCP traffic on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_smbd_port(
domain
)
Send and receive TCP traffic on the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_smtp_port(
domain
)
Send and receive TCP traffic on the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_snmp_port(
domain
)
Send and receive TCP traffic on the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_soundd_port(
domain
)
Send and receive TCP traffic on the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_spamd_port(
domain
)
Send and receive TCP traffic on the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_ssh_port(
domain
)
Send and receive TCP traffic on the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_swat_port(
domain
)
Send and receive TCP traffic on the swat port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_syslogd_port(
domain
)
Send and receive TCP traffic on the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_telnetd_port(
domain
)
Send and receive TCP traffic on the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_tftp_port(
domain
)
Send and receive TCP traffic on the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_transproxy_port(
domain
)
Send and receive TCP traffic on the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_unspec_node(
domain
)
Send and receive TCP traffic on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_uucpd_port(
domain
)
Send and receive TCP traffic on the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_vnc_port(
domain
)
Send and receive TCP traffic on the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_xserver_port(
domain
)
Send and receive TCP traffic on the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_zebra_port(
domain
)
Send and receive TCP traffic on the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_tcp_sendrecv_zope_port(
domain
)
Send and receive TCP traffic on the zope port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_afs_bos_port(
domain
)
Bind UDP sockets to the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_afs_fs_port(
domain
)
Bind UDP sockets to the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_afs_ka_port(
domain
)
Bind UDP sockets to the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_afs_pt_port(
domain
)
Bind UDP sockets to the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_afs_vl_port(
domain
)
Bind UDP sockets to the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_all_nodes(
domain
)
Bind UDP sockets to all nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_all_ports(
domain
)
Bind UDP sockets to all ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_all_reserved_ports(
domain
)
Bind UDP sockets to all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_amanda_port(
domain
)
Bind UDP sockets to the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_amavisd_recv_port(
domain
)
Bind UDP sockets to the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_amavisd_send_port(
domain
)
Bind UDP sockets to the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_asterisk_port(
domain
)
Bind UDP sockets to the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_auth_port(
domain
)
Bind UDP sockets to the auth port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_bgp_port(
domain
)
Bind UDP sockets to the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_clamd_port(
domain
)
Bind UDP sockets to the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_clockspeed_port(
domain
)
Bind UDP sockets to the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_compat_ipv4_node(
domain
)
Bind UDP sockets to the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_comsat_port(
domain
)
Bind UDP sockets to the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_cvs_port(
domain
)
Bind UDP sockets to the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_dbskkd_port(
domain
)
Bind UDP sockets to the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_dcc_port(
domain
)
Bind UDP sockets to the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_dhcpc_port(
domain
)
Bind UDP sockets to the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_dhcpd_port(
domain
)
Bind UDP sockets to the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_dict_port(
domain
)
Bind UDP sockets to the dict port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_distccd_port(
domain
)
Bind UDP sockets to the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_dns_port(
domain
)
Bind UDP sockets to the dns port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_fingerd_port(
domain
)
Bind UDP sockets to the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ftp_data_port(
domain
)
Bind UDP sockets to the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ftp_port(
domain
)
Bind UDP sockets to the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_gatekeeper_port(
domain
)
Bind UDP sockets to the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_generic_node(
domain
)
Bind UDP sockets to generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_generic_port(
domain
)
Bind UDP sockets to generic ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_giftd_port(
domain
)
Bind UDP sockets to the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_gopher_port(
domain
)
Bind UDP sockets to the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_howl_port(
domain
)
Bind UDP sockets to the howl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_hplip_port(
domain
)
Bind UDP sockets to the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_http_cache_port(
domain
)
Bind UDP sockets to the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_http_port(
domain
)
Bind UDP sockets to the http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_i18n_input_port(
domain
)
Bind UDP sockets to the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_imaze_port(
domain
)
Bind UDP sockets to the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_inaddr_any_node(
domain
)
Bind UDP sockets to the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_inetd_child_port(
domain
)
Bind UDP sockets to the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_innd_port(
domain
)
Bind UDP sockets to the innd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ipp_port(
domain
)
Bind UDP sockets to the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ircd_port(
domain
)
Bind UDP sockets to the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_isakmp_port(
domain
)
Bind UDP sockets to the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_jabber_client_port(
domain
)
Bind UDP sockets to the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_jabber_interserver_port(
domain
)
Bind UDP sockets to the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_kerberos_admin_port(
domain
)
Bind UDP sockets to the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_kerberos_master_port(
domain
)
Bind UDP sockets to the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_kerberos_port(
domain
)
Bind UDP sockets to the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ktalkd_port(
domain
)
Bind UDP sockets to the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ldap_port(
domain
)
Bind UDP sockets to the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_link_local_node(
domain
)
Bind UDP sockets to the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_lo_node(
domain
)
Bind UDP sockets to the lo node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_mail_port(
domain
)
Bind UDP sockets to the mail port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_mapped_ipv4_node(
domain
)
Bind UDP sockets to the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_monopd_port(
domain
)
Bind UDP sockets to the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_multicast_node(
domain
)
Bind UDP sockets to the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_mysqld_port(
domain
)
Bind UDP sockets to the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_nessus_port(
domain
)
Bind UDP sockets to the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_nmbd_port(
domain
)
Bind UDP sockets to the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ntp_port(
domain
)
Bind UDP sockets to the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_openvpn_port(
domain
)
Bind UDP sockets to the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_pegasus_http_port(
domain
)
Bind UDP sockets to the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_pegasus_https_port(
domain
)
Bind UDP sockets to the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_pop_port(
domain
)
Bind UDP sockets to the pop port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_portmap_port(
domain
)
Bind UDP sockets to the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_postgresql_port(
domain
)
Bind UDP sockets to the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_postgrey_port(
domain
)
Bind UDP sockets to the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_printer_port(
domain
)
Bind UDP sockets to the printer port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ptal_port(
domain
)
Bind UDP sockets to the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_pxe_port(
domain
)
Bind UDP sockets to the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_pyzor_port(
domain
)
Bind UDP sockets to the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_radacct_port(
domain
)
Bind UDP sockets to the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_radius_port(
domain
)
Bind UDP sockets to the radius port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_razor_port(
domain
)
Bind UDP sockets to the razor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_reserved_port(
domain
)
Bind UDP sockets to generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_rlogind_port(
domain
)
Bind UDP sockets to the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_rndc_port(
domain
)
Bind UDP sockets to the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_router_port(
domain
)
Bind UDP sockets to the router port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_rsh_port(
domain
)
Bind UDP sockets to the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_rsync_port(
domain
)
Bind UDP sockets to the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_site_local_node(
domain
)
Bind UDP sockets to the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_smbd_port(
domain
)
Bind UDP sockets to the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_smtp_port(
domain
)
Bind UDP sockets to the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_snmp_port(
domain
)
Bind UDP sockets to the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_soundd_port(
domain
)
Bind UDP sockets to the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_spamd_port(
domain
)
Bind UDP sockets to the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_ssh_port(
domain
)
Bind UDP sockets to the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_swat_port(
domain
)
Bind UDP sockets to the swat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_syslogd_port(
domain
)
Bind UDP sockets to the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_telnetd_port(
domain
)
Bind UDP sockets to the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_tftp_port(
domain
)
Bind UDP sockets to the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_transproxy_port(
domain
)
Bind UDP sockets to the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_unspec_node(
domain
)
Bind UDP sockets to the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_uucpd_port(
domain
)
Bind UDP sockets to the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_vnc_port(
domain
)
Bind UDP sockets to the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_xserver_port(
domain
)
Bind UDP sockets to the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_zebra_port(
domain
)
Bind UDP sockets to the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_udp_bind_zope_port(
domain
)
Bind UDP sockets to the zope port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_afs_bos_port(
domain
)
Receive UDP traffic on the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_afs_fs_port(
domain
)
Receive UDP traffic on the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_afs_ka_port(
domain
)
Receive UDP traffic on the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_afs_pt_port(
domain
)
Receive UDP traffic on the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_afs_vl_port(
domain
)
Receive UDP traffic on the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_all_if(
domain
)
Receive UDP network traffic on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_all_nodes(
domain
)
Receive UDP network traffic on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_all_ports(
domain
)
Receive UDP network traffic on all ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_all_reserved_ports(
domain
)
Receive UDP network traffic on all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_amanda_port(
domain
)
Receive UDP traffic on the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_amavisd_recv_port(
domain
)
Receive UDP traffic on the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_amavisd_send_port(
domain
)
Receive UDP traffic on the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_asterisk_port(
domain
)
Receive UDP traffic on the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_auth_port(
domain
)
Receive UDP traffic on the auth port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_bgp_port(
domain
)
Receive UDP traffic on the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_clamd_port(
domain
)
Receive UDP traffic on the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_clockspeed_port(
domain
)
Receive UDP traffic on the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_compat_ipv4_node(
domain
)
Receive UDP traffic on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_comsat_port(
domain
)
Receive UDP traffic on the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_cvs_port(
domain
)
Receive UDP traffic on the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_dbskkd_port(
domain
)
Receive UDP traffic on the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_dcc_port(
domain
)
Receive UDP traffic on the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_dhcpc_port(
domain
)
Receive UDP traffic on the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_dhcpd_port(
domain
)
Receive UDP traffic on the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_dict_port(
domain
)
Receive UDP traffic on the dict port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_distccd_port(
domain
)
Receive UDP traffic on the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_dns_port(
domain
)
Receive UDP traffic on the dns port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_fingerd_port(
domain
)
Receive UDP traffic on the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ftp_data_port(
domain
)
Receive UDP traffic on the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ftp_port(
domain
)
Receive UDP traffic on the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_gatekeeper_port(
domain
)
Receive UDP traffic on the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_generic_if(
domain
)
Receive UDP network traffic on generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_generic_node(
domain
)
Receive UDP network traffic on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_generic_port(
domain
)
Receive UDP network traffic on generic ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_giftd_port(
domain
)
Receive UDP traffic on the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_gopher_port(
domain
)
Receive UDP traffic on the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_howl_port(
domain
)
Receive UDP traffic on the howl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_hplip_port(
domain
)
Receive UDP traffic on the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_http_cache_port(
domain
)
Receive UDP traffic on the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_http_port(
domain
)
Receive UDP traffic on the http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_i18n_input_port(
domain
)
Receive UDP traffic on the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_imaze_port(
domain
)
Receive UDP traffic on the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_inaddr_any_node(
domain
)
Receive UDP traffic on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_inetd_child_port(
domain
)
Receive UDP traffic on the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_innd_port(
domain
)
Receive UDP traffic on the innd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ipp_port(
domain
)
Receive UDP traffic on the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ircd_port(
domain
)
Receive UDP traffic on the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_isakmp_port(
domain
)
Receive UDP traffic on the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_jabber_client_port(
domain
)
Receive UDP traffic on the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_jabber_interserver_port(
domain
)
Receive UDP traffic on the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_kerberos_admin_port(
domain
)
Receive UDP traffic on the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_kerberos_master_port(
domain
)
Receive UDP traffic on the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_kerberos_port(
domain
)
Receive UDP traffic on the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ktalkd_port(
domain
)
Receive UDP traffic on the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ldap_port(
domain
)
Receive UDP traffic on the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_link_local_node(
domain
)
Receive UDP traffic on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_lo_if(
domain
)
Receive UDP network traffic on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_lo_node(
domain
)
Receive UDP traffic on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_mail_port(
domain
)
Receive UDP traffic on the mail port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_mapped_ipv4_node(
domain
)
Receive UDP traffic on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_monopd_port(
domain
)
Receive UDP traffic on the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_multicast_node(
domain
)
Receive UDP traffic on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_mysqld_port(
domain
)
Receive UDP traffic on the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_nessus_port(
domain
)
Receive UDP traffic on the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_nmbd_port(
domain
)
Receive UDP traffic on the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ntp_port(
domain
)
Receive UDP traffic on the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_openvpn_port(
domain
)
Receive UDP traffic on the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_pegasus_http_port(
domain
)
Receive UDP traffic on the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_pegasus_https_port(
domain
)
Receive UDP traffic on the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_pop_port(
domain
)
Receive UDP traffic on the pop port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_portmap_port(
domain
)
Receive UDP traffic on the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_postgresql_port(
domain
)
Receive UDP traffic on the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_postgrey_port(
domain
)
Receive UDP traffic on the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_printer_port(
domain
)
Receive UDP traffic on the printer port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ptal_port(
domain
)
Receive UDP traffic on the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_pxe_port(
domain
)
Receive UDP traffic on the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_pyzor_port(
domain
)
Receive UDP traffic on the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_radacct_port(
domain
)
Receive UDP traffic on the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_radius_port(
domain
)
Receive UDP traffic on the radius port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_razor_port(
domain
)
Receive UDP traffic on the razor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_reserved_port(
domain
)
Receive UDP network traffic on generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_rlogind_port(
domain
)
Receive UDP traffic on the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_rndc_port(
domain
)
Receive UDP traffic on the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_router_port(
domain
)
Receive UDP traffic on the router port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_rsh_port(
domain
)
Receive UDP traffic on the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_rsync_port(
domain
)
Receive UDP traffic on the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_site_local_node(
domain
)
Receive UDP traffic on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_smbd_port(
domain
)
Receive UDP traffic on the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_smtp_port(
domain
)
Receive UDP traffic on the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_snmp_port(
domain
)
Receive UDP traffic on the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_soundd_port(
domain
)
Receive UDP traffic on the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_spamd_port(
domain
)
Receive UDP traffic on the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_ssh_port(
domain
)
Receive UDP traffic on the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_swat_port(
domain
)
Receive UDP traffic on the swat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_syslogd_port(
domain
)
Receive UDP traffic on the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_telnetd_port(
domain
)
Receive UDP traffic on the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_tftp_port(
domain
)
Receive UDP traffic on the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_transproxy_port(
domain
)
Receive UDP traffic on the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_unspec_node(
domain
)
Receive UDP traffic on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_uucpd_port(
domain
)
Receive UDP traffic on the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_vnc_port(
domain
)
Receive UDP traffic on the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_xserver_port(
domain
)
Receive UDP traffic on the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_zebra_port(
domain
)
Receive UDP traffic on the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_udp_receive_zope_port(
domain
)
Receive UDP traffic on the zope port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_afs_bos_port(
domain
)
Send UDP traffic on the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_afs_fs_port(
domain
)
Send UDP traffic on the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_afs_ka_port(
domain
)
Send UDP traffic on the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_afs_pt_port(
domain
)
Send UDP traffic on the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_afs_vl_port(
domain
)
Send UDP traffic on the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_all_if(
domain
)
Send UDP network traffic on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_all_nodes(
domain
)
Send UDP network traffic on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_all_ports(
domain
)
Send UDP network traffic on all ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_all_reserved_ports(
domain
)
Send UDP network traffic on all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_amanda_port(
domain
)
Send UDP traffic on the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_amavisd_recv_port(
domain
)
Send UDP traffic on the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_amavisd_send_port(
domain
)
Send UDP traffic on the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_asterisk_port(
domain
)
Send UDP traffic on the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_auth_port(
domain
)
Send UDP traffic on the auth port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_bgp_port(
domain
)
Send UDP traffic on the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_clamd_port(
domain
)
Send UDP traffic on the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_clockspeed_port(
domain
)
Send UDP traffic on the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_compat_ipv4_node(
domain
)
Send UDP traffic on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_comsat_port(
domain
)
Send UDP traffic on the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_cvs_port(
domain
)
Send UDP traffic on the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_dbskkd_port(
domain
)
Send UDP traffic on the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_dcc_port(
domain
)
Send UDP traffic on the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_dhcpc_port(
domain
)
Send UDP traffic on the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_dhcpd_port(
domain
)
Send UDP traffic on the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_dict_port(
domain
)
Send UDP traffic on the dict port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_distccd_port(
domain
)
Send UDP traffic on the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_dns_port(
domain
)
Send UDP traffic on the dns port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_fingerd_port(
domain
)
Send UDP traffic on the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ftp_data_port(
domain
)
Send UDP traffic on the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ftp_port(
domain
)
Send UDP traffic on the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_gatekeeper_port(
domain
)
Send UDP traffic on the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_generic_if(
domain
)
Send UDP network traffic on generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_generic_node(
domain
)
Send UDP network traffic on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_generic_port(
domain
)
Send UDP network traffic on generic ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_giftd_port(
domain
)
Send UDP traffic on the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_gopher_port(
domain
)
Send UDP traffic on the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_howl_port(
domain
)
Send UDP traffic on the howl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_hplip_port(
domain
)
Send UDP traffic on the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_http_cache_port(
domain
)
Send UDP traffic on the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_http_port(
domain
)
Send UDP traffic on the http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_i18n_input_port(
domain
)
Send UDP traffic on the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_imaze_port(
domain
)
Send UDP traffic on the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_inaddr_any_node(
domain
)
Send UDP traffic on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_inetd_child_port(
domain
)
Send UDP traffic on the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_innd_port(
domain
)
Send UDP traffic on the innd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ipp_port(
domain
)
Send UDP traffic on the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ircd_port(
domain
)
Send UDP traffic on the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_isakmp_port(
domain
)
Send UDP traffic on the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_jabber_client_port(
domain
)
Send UDP traffic on the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_jabber_interserver_port(
domain
)
Send UDP traffic on the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_kerberos_admin_port(
domain
)
Send UDP traffic on the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_kerberos_master_port(
domain
)
Send UDP traffic on the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_kerberos_port(
domain
)
Send UDP traffic on the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ktalkd_port(
domain
)
Send UDP traffic on the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ldap_port(
domain
)
Send UDP traffic on the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_link_local_node(
domain
)
Send UDP traffic on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_lo_if(
domain
)
Send UDP network traffic on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_lo_node(
domain
)
Send UDP traffic on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_mail_port(
domain
)
Send UDP traffic on the mail port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_mapped_ipv4_node(
domain
)
Send UDP traffic on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_monopd_port(
domain
)
Send UDP traffic on the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_multicast_node(
domain
)
Send UDP traffic on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_mysqld_port(
domain
)
Send UDP traffic on the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_nessus_port(
domain
)
Send UDP traffic on the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_nmbd_port(
domain
)
Send UDP traffic on the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ntp_port(
domain
)
Send UDP traffic on the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_openvpn_port(
domain
)
Send UDP traffic on the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_pegasus_http_port(
domain
)
Send UDP traffic on the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_pegasus_https_port(
domain
)
Send UDP traffic on the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_pop_port(
domain
)
Send UDP traffic on the pop port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_portmap_port(
domain
)
Send UDP traffic on the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_postgresql_port(
domain
)
Send UDP traffic on the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_postgrey_port(
domain
)
Send UDP traffic on the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_printer_port(
domain
)
Send UDP traffic on the printer port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ptal_port(
domain
)
Send UDP traffic on the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_pxe_port(
domain
)
Send UDP traffic on the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_pyzor_port(
domain
)
Send UDP traffic on the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_radacct_port(
domain
)
Send UDP traffic on the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_radius_port(
domain
)
Send UDP traffic on the radius port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_razor_port(
domain
)
Send UDP traffic on the razor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_reserved_port(
domain
)
Send UDP network traffic on generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_rlogind_port(
domain
)
Send UDP traffic on the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_rndc_port(
domain
)
Send UDP traffic on the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_router_port(
domain
)
Send UDP traffic on the router port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_rsh_port(
domain
)
Send UDP traffic on the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_rsync_port(
domain
)
Send UDP traffic on the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_site_local_node(
domain
)
Send UDP traffic on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_smbd_port(
domain
)
Send UDP traffic on the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_smtp_port(
domain
)
Send UDP traffic on the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_snmp_port(
domain
)
Send UDP traffic on the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_soundd_port(
domain
)
Send UDP traffic on the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_spamd_port(
domain
)
Send UDP traffic on the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_ssh_port(
domain
)
Send UDP traffic on the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_swat_port(
domain
)
Send UDP traffic on the swat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_syslogd_port(
domain
)
Send UDP traffic on the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_telnetd_port(
domain
)
Send UDP traffic on the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_tftp_port(
domain
)
Send UDP traffic on the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_transproxy_port(
domain
)
Send UDP traffic on the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_unspec_node(
domain
)
Send UDP traffic on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_uucpd_port(
domain
)
Send UDP traffic on the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_vnc_port(
domain
)
Send UDP traffic on the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_xserver_port(
domain
)
Send UDP traffic on the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_zebra_port(
domain
)
Send UDP traffic on the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_udp_send_zope_port(
domain
)
Send UDP traffic on the zope port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_afs_bos_port(
domain
)
Send and receive UDP traffic on the afs_bos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_afs_fs_port(
domain
)
Send and receive UDP traffic on the afs_fs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_afs_ka_port(
domain
)
Send and receive UDP traffic on the afs_ka port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_afs_pt_port(
domain
)
Send and receive UDP traffic on the afs_pt port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_afs_vl_port(
domain
)
Send and receive UDP traffic on the afs_vl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_all_if(
domain
)
Send and receive UDP network traffic on all interfaces.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_all_nodes(
domain
)
Send and receive UDP network traffic on all nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_all_ports(
domain
)
Send and receive UDP network traffic on all ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_all_reserved_ports(
domain
)
Send and receive UDP network traffic on all reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_amanda_port(
domain
)
Send and receive UDP traffic on the amanda port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_amavisd_recv_port(
domain
)
Send and receive UDP traffic on the amavisd_recv port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_amavisd_send_port(
domain
)
Send and receive UDP traffic on the amavisd_send port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_asterisk_port(
domain
)
Send and receive UDP traffic on the asterisk port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_auth_port(
domain
)
Send and receive UDP traffic on the auth port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_bgp_port(
domain
)
Send and receive UDP traffic on the bgp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_clamd_port(
domain
)
Send and receive UDP traffic on the clamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_clockspeed_port(
domain
)
Send and receive UDP traffic on the clockspeed port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_compat_ipv4_node(
domain
)
Send and receive UDP traffic on the compat_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_comsat_port(
domain
)
Send and receive UDP traffic on the comsat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_cvs_port(
domain
)
Send and receive UDP traffic on the cvs port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_dbskkd_port(
domain
)
Send and receive UDP traffic on the dbskkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_dcc_port(
domain
)
Send and receive UDP traffic on the dcc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_dhcpc_port(
domain
)
Send and receive UDP traffic on the dhcpc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_dhcpd_port(
domain
)
Send and receive UDP traffic on the dhcpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_dict_port(
domain
)
Send and receive UDP traffic on the dict port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_distccd_port(
domain
)
Send and receive UDP traffic on the distccd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_dns_port(
domain
)
Send and receive UDP traffic on the dns port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_fingerd_port(
domain
)
Send and receive UDP traffic on the fingerd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ftp_data_port(
domain
)
Send and receive UDP traffic on the ftp_data port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ftp_port(
domain
)
Send and receive UDP traffic on the ftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_gatekeeper_port(
domain
)
Send and receive UDP traffic on the gatekeeper port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_generic_if(
domain
)
Send and Receive UDP network traffic on generic interfaces.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_generic_node(
domain
)
Send and receive UDP network traffic on generic nodes.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_generic_port(
domain
)
Send and receive UDP network traffic on generic ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_giftd_port(
domain
)
Send and receive UDP traffic on the giftd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_gopher_port(
domain
)
Send and receive UDP traffic on the gopher port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_howl_port(
domain
)
Send and receive UDP traffic on the howl port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_hplip_port(
domain
)
Send and receive UDP traffic on the hplip port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_http_cache_port(
domain
)
Send and receive UDP traffic on the http_cache port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_http_port(
domain
)
Send and receive UDP traffic on the http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_i18n_input_port(
domain
)
Send and receive UDP traffic on the i18n_input port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_imaze_port(
domain
)
Send and receive UDP traffic on the imaze port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_inaddr_any_node(
domain
)
Send and receive UDP traffic on the inaddr_any node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_inetd_child_port(
domain
)
Send and receive UDP traffic on the inetd_child port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_innd_port(
domain
)
Send and receive UDP traffic on the innd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ipp_port(
domain
)
Send and receive UDP traffic on the ipp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ircd_port(
domain
)
Send and receive UDP traffic on the ircd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_isakmp_port(
domain
)
Send and receive UDP traffic on the isakmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_jabber_client_port(
domain
)
Send and receive UDP traffic on the jabber_client port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_jabber_interserver_port(
domain
)
Send and receive UDP traffic on the jabber_interserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_kerberos_admin_port(
domain
)
Send and receive UDP traffic on the kerberos_admin port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_kerberos_master_port(
domain
)
Send and receive UDP traffic on the kerberos_master port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_kerberos_port(
domain
)
Send and receive UDP traffic on the kerberos port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ktalkd_port(
domain
)
Send and receive UDP traffic on the ktalkd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ldap_port(
domain
)
Send and receive UDP traffic on the ldap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_link_local_node(
domain
)
Send and receive UDP traffic on the link_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_lo_if(
domain
)
Send and receive UDP network traffic on the lo interface.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_lo_node(
domain
)
Send and receive UDP traffic on the lo node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_mail_port(
domain
)
Send and receive UDP traffic on the mail port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_mapped_ipv4_node(
domain
)
Send and receive UDP traffic on the mapped_ipv4 node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_monopd_port(
domain
)
Send and receive UDP traffic on the monopd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_multicast_node(
domain
)
Send and receive UDP traffic on the multicast node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_mysqld_port(
domain
)
Send and receive UDP traffic on the mysqld port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_nessus_port(
domain
)
Send and receive UDP traffic on the nessus port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_nmbd_port(
domain
)
Send and receive UDP traffic on the nmbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ntp_port(
domain
)
Send and receive UDP traffic on the ntp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_openvpn_port(
domain
)
Send and receive UDP traffic on the openvpn port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_pegasus_http_port(
domain
)
Send and receive UDP traffic on the pegasus_http port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_pegasus_https_port(
domain
)
Send and receive UDP traffic on the pegasus_https port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_pop_port(
domain
)
Send and receive UDP traffic on the pop port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_portmap_port(
domain
)
Send and receive UDP traffic on the portmap port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_postgresql_port(
domain
)
Send and receive UDP traffic on the postgresql port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_postgrey_port(
domain
)
Send and receive UDP traffic on the postgrey port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_printer_port(
domain
)
Send and receive UDP traffic on the printer port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ptal_port(
domain
)
Send and receive UDP traffic on the ptal port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_pxe_port(
domain
)
Send and receive UDP traffic on the pxe port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_pyzor_port(
domain
)
Send and receive UDP traffic on the pyzor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_radacct_port(
domain
)
Send and receive UDP traffic on the radacct port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_radius_port(
domain
)
Send and receive UDP traffic on the radius port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_razor_port(
domain
)
Send and receive UDP traffic on the razor port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_reserved_port(
domain
)
Send and receive UDP network traffic on generic reserved ports.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_rlogind_port(
domain
)
Send and receive UDP traffic on the rlogind port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_rndc_port(
domain
)
Send and receive UDP traffic on the rndc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_router_port(
domain
)
Send and receive UDP traffic on the router port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_rsh_port(
domain
)
Send and receive UDP traffic on the rsh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_rsync_port(
domain
)
Send and receive UDP traffic on the rsync port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_site_local_node(
domain
)
Send and receive UDP traffic on the site_local node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_smbd_port(
domain
)
Send and receive UDP traffic on the smbd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_smtp_port(
domain
)
Send and receive UDP traffic on the smtp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_snmp_port(
domain
)
Send and receive UDP traffic on the snmp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_soundd_port(
domain
)
Send and receive UDP traffic on the soundd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_spamd_port(
domain
)
Send and receive UDP traffic on the spamd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_ssh_port(
domain
)
Send and receive UDP traffic on the ssh port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_swat_port(
domain
)
Send and receive UDP traffic on the swat port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_syslogd_port(
domain
)
Send and receive UDP traffic on the syslogd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_telnetd_port(
domain
)
Send and receive UDP traffic on the telnetd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_tftp_port(
domain
)
Send and receive UDP traffic on the tftp port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_transproxy_port(
domain
)
Send and receive UDP traffic on the transproxy port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_unspec_node(
domain
)
Send and receive UDP traffic on the unspec node.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_uucpd_port(
domain
)
Send and receive UDP traffic on the uucpd port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_vnc_port(
domain
)
Send and receive UDP traffic on the vnc port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_xserver_port(
domain
)
Send and receive UDP traffic on the xserver port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_zebra_port(
domain
)
Send and receive UDP traffic on the zebra port.
Module:
corenetwork
Layer:
kernel
corenet_udp_sendrecv_zope_port(
domain
)
Send and receive UDP traffic on the zope port.
Module:
corenetwork
Layer:
kernel
corenet_unconfined(
domain
)
Unconfined access to network objects.
Module:
cpucontrol
Layer:
services
cpucontrol_stub(
domain
)
CPUcontrol stub interface. No access allowed.
Module:
cron
Layer:
services
cron_anacron_domtrans_system_job(
domain
)
Execute APM in the apm domain.
Module:
cron
Layer:
services
cron_dontaudit_append_system_job_tmp_files(
domain
)
Do not audit attempts to append temporary
files from the system cron jobs.
Module:
cron
Layer:
services
cron_dontaudit_write_pipes(
domain
)
Do not audit attempts to write cron daemon unnamed pipes.
Module:
cron
Layer:
services
cron_read_pipes(
domain
)
Read a cron daemon unnamed pipe.
Module:
cron
Layer:
services
cron_read_system_job_tmp_files(
domain
)
Read temporary files from the system cron jobs.
Module:
cron
Layer:
services
cron_rw_pipes(
domain
)
Read and write a cron daemon unnamed pipe.
Module:
cron
Layer:
services
cron_rw_system_job_pipes(
domain
)
Read and write a system cron job unnamed pipe.
Module:
cron
Layer:
services
cron_rw_tcp_sockets(
domain
)
Read, and write cron daemon TCP sockets.
Module:
cron
Layer:
services
cron_search_spool(
domain
)
Search the directory containing user cron tables.
Module:
cron
Layer:
services
cron_sigchld(
domain
)
Send a SIGCHLD signal to the cron daemon.
Module:
cron
Layer:
services
cron_system_entry(
domain
,
entrypoint
)
Make the specified program domain accessable
from the system cron jobs.
Module:
cron
Layer:
services
cron_use_fds(
domain
)
Inherit and use a file descriptor
from the cron daemon.
Module:
cron
Layer:
services
cron_use_system_job_fds(
domain
)
Inherit and use a file descriptor
from system cron jobs.
Module:
cron
Layer:
services
cron_write_system_job_pipes(
domain
)
Write a system cron job unnamed pipe.
Module:
cups
Layer:
services
cups_dbus_chat(
domain
)
Send and receive messages from
cups over dbus.
Module:
cups
Layer:
services
cups_dbus_chat_config(
domain
)
Send and receive messages from
cupsd_config over dbus.
Module:
cups
Layer:
services
cups_domtrans(
domain
)
Execute cups in the cups domain.
Module:
cups
Layer:
services
cups_domtrans_config(
domain
)
Execute cups_config in the cups_config domain.
Module:
cups
Layer:
services
cups_read_config(
domain
)
Read cups configuration files.
Module:
cups
Layer:
services
cups_read_rw_config(
domain
)
Read cups-writable configuration files.
Module:
cups
Layer:
services
cups_signal_config(
domain
)
Send generic signals to the cups
configuration daemon.
Module:
cups
Layer:
services
cups_stream_connect_ptal(
domain
)
Connect to ptal over an unix domain stream socket.
Module:
cups
Layer:
services
cups_tcp_connect(
domain
)
Connect to cups over TCP.
Module:
cvs
Layer:
services
cvs_read_data(
domain
)
Read the CVS data and metadata.
Module:
cyrus
Layer:
services
cyrus_manage_data(
domain
)
Allow caller to create, read, write,
and delete cyrus data files.
Module:
daemontools
Layer:
system
daemontools_domtrans_multilog(
domain
)
Execute in the svc_multilog_t domain.
Module:
daemontools
Layer:
system
daemontools_domtrans_run(
domain
)
Execute in the svc_run_t domain.
Module:
daemontools
Layer:
system
daemontools_domtrans_start(
domain
)
Execute in the svc_start_t domain.
Module:
daemontools
Layer:
system
daemontools_ipc_domain(
domain
)
An ipc channel between the supervised domain and svc_start_t
Module:
daemontools
Layer:
system
daemontools_manage_svc(
domain
)
Allow a domain to create svc_svc_t files.
Module:
daemontools
Layer:
system
daemontools_read_svc(
domain
)
Allow a domain to read svc_svc_t files.
Module:
daemontools
Layer:
system
daemontools_service_domain(
domain
,
entrypoint
)
Define a specified domain as a supervised service.
Module:
dbus
Layer:
services
dbus_connect_system_bus(
domain
)
Connect to the the system DBUS
for service (acquire_svc).
Module:
dbus
Layer:
services
dbus_send_system_bus(
domain
)
Send a message on the system DBUS.
Module:
dbus
Layer:
services
dbus_stub(
domain
)
DBUS stub interface. No access allowed.
Module:
dbus
Layer:
services
dbus_system_bus_unconfined(
domain
)
Allow unconfined access to the system DBUS.
Module:
ddcprobe
Layer:
admin
ddcprobe_domtrans(
domain
)
Execute ddcprobe in the ddcprobe domain.
Module:
ddcprobe
Layer:
admin
ddcprobe_run(
domain
,
role
,
terminal
)
Execute ddcprobe in the ddcprobe domain, and
allow the specified role the ddcprobe domain.
Module:
devices
Layer:
kernel
dev_append_printer(
domain
)
Append the printer device.
Module:
devices
Layer:
kernel
dev_associate_usbfs(
file_type
)
Associate a file to a usbfs filesystem.
Module:
devices
Layer:
kernel
dev_create_cardmgr_dev(
domain
)
Create, read, write, and delete
the PCMCIA card manager device
with the correct type.
Module:
devices
Layer:
kernel
dev_create_generic_chr_files(
domain
)
Allow read, write, and create for generic character device files.
Module:
devices
Layer:
kernel
dev_create_generic_dirs(
domain
)
Create a directory in the device directory.
Module:
devices
Layer:
kernel
dev_delete_generic_files(
domain
)
Delete generic files in /dev.
Module:
devices
Layer:
kernel
dev_delete_generic_symlinks(
domain
)
Delete symbolic links in device directories.
Module:
devices
Layer:
kernel
dev_delete_lvm_control_dev(
domain
)
Delete the lvm control device.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_all_blk_files(
domain
)
Dontaudit getattr on all block file device nodes.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_all_chr_files(
domain
)
Dontaudit getattr on all character file device nodes.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_apm_bios_dev(
domain
)
Do not audit attempts to get the attributes of
the apm bios device node.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_generic_blk_files(
domain
)
Dontaudit getattr on generic block devices.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_generic_chr_files(
domain
)
Dontaudit getattr for generic character device files.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_generic_pipes(
domain
)
Dontaudit getattr on generic pipes.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_memory_dev(
domain
)
dontaudit getattr raw memory devices (e.g. /dev/mem).
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_misc_dev(
domain
)
Do not audit attempts to get the attributes
of miscellaneous devices.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_scanner_dev(
domain
)
Do not audit attempts to get the attributes of
the scanner device.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_usbfs_dirs(
domain
)
Do not audit attempts to get the attributes
of a directory in the usb filesystem.
Module:
devices
Layer:
kernel
dev_dontaudit_getattr_video_dev(
domain
)
Do not audit attempts to get the attributes
of video4linux device nodes.
Module:
devices
Layer:
kernel
dev_dontaudit_list_all_dev_nodes(
domain
)
Dontaudit attempts to list all device nodes.
Module:
devices
Layer:
kernel
dev_dontaudit_read_all_blk_files(
domain
)
Dontaudit read on all block file device nodes.
Module:
devices
Layer:
kernel
dev_dontaudit_read_all_chr_files(
domain
)
Dontaudit read on all character file device nodes.
Module:
devices
Layer:
kernel
dev_dontaudit_read_framebuffer(
domain
)
Do not audit attempts to read the framebuffer.
Module:
devices
Layer:
kernel
dev_dontaudit_read_rand(
domain
)
Do not audit attempts to read from random
number generator devices (e.g., /dev/random)
Module:
devices
Layer:
kernel
dev_dontaudit_rw_cardmgr(
domain
)
Do not audit attempts to read and
write the PCMCIA card manager device.
Module:
devices
Layer:
kernel
dev_dontaudit_rw_dri(
domain
)
Dontaudit read and write on the dri devices.
Module:
devices
Layer:
kernel
dev_dontaudit_rw_generic_dev_nodes(
domain
)
Dontaudit getattr for generic device files.
Module:
devices
Layer:
kernel
dev_dontaudit_rw_misc(
domain
)
Do not audit attempts to read and write miscellaneous devices.
Module:
devices
Layer:
kernel
dev_dontaudit_search_sysfs(
domain
)
Do not audit attempts to search sysfs.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_apm_bios_dev(
domain
)
Do not audit attempts to set the attributes of
the apm bios device node.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_framebuffer_dev(
domain
)
Dot not audit attempts to set the attributes
of the framebuffer device node.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_generic_blk_files(
domain
)
Dontaudit setattr on generic block devices.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_generic_chr_files(
domain
)
Dontaudit setattr for generic character device files.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_generic_symlinks(
domain
)
Do not audit attempts to set the attributes
of symbolic links in device directories (/dev).
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_misc_dev(
domain
)
Do not audit attempts to set the attributes
of miscellaneous devices.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_scanner_dev(
domain
)
Do not audit attempts to set the attributes of
the scanner device.
Module:
devices
Layer:
kernel
dev_dontaudit_setattr_video_dev(
domain
)
Do not audit attempts to set the attributes
of video4linux device nodes.
Module:
devices
Layer:
kernel
dev_filetrans(
domain
,
file
,
objectclass(es)
)
Create, read, and write device nodes. The node
will be transitioned to the type provided.
Module:
devices
Layer:
kernel
dev_getattr_all_blk_files(
domain
)
Getattr on all block file device nodes.
Module:
devices
Layer:
kernel
dev_getattr_all_chr_files(
domain
)
Getattr on all character file device nodes.
Module:
devices
Layer:
kernel
dev_getattr_apm_bios_dev(
domain
)
Get the attributes of the apm bios device node.
Module:
devices
Layer:
kernel
dev_getattr_cpu_dev(
domain
)
Get the attributes of the CPU
microcode and id interfaces.
Module:
devices
Layer:
kernel
dev_getattr_framebuffer_dev(
domain
)
Get the attributes of the framebuffer device node.
Module:
devices
Layer:
kernel
dev_getattr_generic_blk_files(
domain
)
Allow getattr on generic block devices.
Module:
devices
Layer:
kernel
dev_getattr_generic_chr_files(
domain
)
Allow getattr for generic character device files.
Module:
devices
Layer:
kernel
dev_getattr_misc_dev(
domain
)
Get the attributes of miscellaneous devices.
Module:
devices
Layer:
kernel
dev_getattr_mouse_dev(
domain
)
Get the attributes of the mouse devices.
Module:
devices
Layer:
kernel
dev_getattr_mtrr_dev(
domain
)
Get the attributes of the mtrr device.
Module:
devices
Layer:
kernel
dev_getattr_power_mgmt_dev(
domain
)
Get the attributes of the the power management device.
Module:
devices
Layer:
kernel
dev_getattr_scanner_dev(
domain
)
Get the attributes of the scanner device.
Module:
devices
Layer:
kernel
dev_getattr_sound_dev(
domain
)
Get the attributes of the sound devices.
Module:
devices
Layer:
kernel
dev_getattr_sysfs_dirs(
domain
)
Get the attributes of sysfs directories.
Module:
devices
Layer:
kernel
dev_getattr_usbfs_dirs(
domain
)
Get the attributes of a directory in the usb filesystem.
Module:
devices
Layer:
kernel
dev_getattr_video_dev(
domain
)
Get the attributes of video4linux devices.
Module:
devices
Layer:
kernel
dev_getattr_xserver_misc_dev(
domain
)
Get the attributes of X server miscellaneous devices.
Module:
devices
Layer:
kernel
dev_list_all_dev_nodes(
domain
)
List all of the device nodes in a device directory.
Module:
devices
Layer:
kernel
dev_list_sysfs(
domain
)
List the contents of the sysfs directories.
Module:
devices
Layer:
kernel
dev_list_usbfs(
domain
)
Allow caller to get a list of usb hardware.
Module:
devices
Layer:
kernel
dev_manage_all_blk_files(
domain
)
Read, write, create, and delete all block device files.
Module:
devices
Layer:
kernel
dev_manage_all_chr_files(
domain
)
Read, write, create, and delete all character device files.
Module:
devices
Layer:
kernel
dev_manage_all_dev_nodes(
domain
)
Create, delete, read, and write device nodes in device directories.
Module:
devices
Layer:
kernel
dev_manage_cardmgr_dev(
domain
)
Create, read, write, and delete
the PCMCIA card manager device.
Module:
devices
Layer:
kernel
dev_manage_dri_dev(
domain
)
Create, read, write, and delete the dri devices.
Module:
devices
Layer:
kernel
dev_manage_generic_blk_files(
domain
)
Create, delete, read, and write block device files.
Module:
devices
Layer:
kernel
dev_manage_generic_chr_files(
domain
)
Create, delete, read, and write character device files.
Module:
devices
Layer:
kernel
dev_manage_generic_files(
domain
)
Create a file in the device directory.
Module:
devices
Layer:
kernel
dev_manage_generic_symlinks(
domain
)
Create, delete, read, and write symbolic links in device directories.
Module:
devices
Layer:
kernel
dev_mount_usbfs(
domain
)
Mount a usbfs filesystem.
Module:
devices
Layer:
kernel
dev_node(
object_type
)
Make the passed in type a type appropriate for
use on device nodes (usually files in /dev).
Module:
devices
Layer:
kernel
dev_read_input(
domain
)
Read input event devices (/dev/input).
Module:
devices
Layer:
kernel
dev_read_lvm_control(
domain
)
Read the lvm comtrol device.
Module:
devices
Layer:
kernel
dev_read_misc(
domain
)
Read miscellaneous devices.
Module:
devices
Layer:
kernel
dev_read_rand(
domain
)
Read from random number generator
devices (e.g., /dev/random)
Module:
devices
Layer:
kernel
dev_read_raw_memory(
domain
)
Read raw memory devices (e.g. /dev/mem).
Module:
devices
Layer:
kernel
dev_read_realtime_clock(
domain
)
Read the realtime clock (/dev/rtc).
Module:
devices
Layer:
kernel
dev_read_sound_mixer(
domain
)
Read the sound mixer devices.
Module:
devices
Layer:
kernel
dev_read_sysfs(
domain
)
Allow caller to read hardware state information.
Module:
devices
Layer:
kernel
dev_read_urand(
domain
)
Read from pseudo random devices (e.g., /dev/urandom)
Module:
devices
Layer:
kernel
dev_read_usbfs(
domain
)
Read USB hardware information using
the usbfs filesystem interface.
Module:
devices
Layer:
kernel
dev_relabel_all_dev_nodes(
domain
)
Allow full relabeling (to and from) of all device nodes.
Module:
devices
Layer:
kernel
dev_relabel_generic_dev_dirs(
domain
)
Allow full relabeling (to and from) of directories in /dev.
Module:
devices
Layer:
kernel
dev_relabel_generic_symlinks(
domain
)
Relabel symbolic links in device directories.
Module:
devices
Layer:
kernel
dev_rw_agp(
domain
)
Read and write the agp devices.
Module:
devices
Layer:
kernel
dev_rw_apm_bios(
domain
)
Read and write the apm bios.
Module:
devices
Layer:
kernel
dev_rw_cardmgr(
domain
)
Read and write the PCMCIA card manager device.
Module:
devices
Layer:
kernel
dev_rw_cpu_microcode(
domain
)
Read and write the the CPU microcode device. This
is required to load CPU microcode.
Module:
devices
Layer:
kernel
dev_rw_crypto(
domain
)
Read and write the the hardware SSL accelerator.
Module:
devices
Layer:
kernel
dev_rw_dri(
domain
)
Read and write the dri devices.
Module:
devices
Layer:
kernel
dev_rw_framebuffer(
domain
)
Read and write the framebuffer.
Module:
devices
Layer:
kernel
dev_rw_generic_files(
domain
)
Read and write generic files in /dev.
Module:
devices
Layer:
kernel
dev_rw_generic_usb_dev(
domain
)
Read and write generic the USB devices.
Module:
devices
Layer:
kernel
dev_rw_input_dev(
domain
)
Read input event devices (/dev/input).
Module:
devices
Layer:
kernel
dev_rw_lvm_control(
domain
)
Read and write the lvm control device.
Module:
devices
Layer:
kernel
dev_rw_mouse(
domain
)
Read and write to mouse devices.
Module:
devices
Layer:
kernel
dev_rw_mtrr(
domain
)
Read and write the mtrr device.
Module:
devices
Layer:
kernel
dev_rw_null(
domain
)
Read and write to the null device (/dev/null).
Module:
devices
Layer:
kernel
dev_rw_power_management(
domain
)
Read and write the the power management device.
Module:
devices
Layer:
kernel
dev_rw_printer(
domain
)
Read and write the printer device.
Module:
devices
Layer:
kernel
dev_rw_realtime_clock(
domain
)
Read and set the realtime clock (/dev/rtc).
Module:
devices
Layer:
kernel
dev_rw_scanner(
domain
)
Read and write the scanner device.
Module:
devices
Layer:
kernel
dev_rw_sysfs(
domain
)
Allow caller to modify hardware state information.
Module:
devices
Layer:
kernel
dev_rw_usbfs(
domain
)
Allow caller to modify usb hardware configuration files.
Module:
devices
Layer:
kernel
dev_rw_xserver_misc(
domain
)
Read and write X server miscellaneous devices.
Module:
devices
Layer:
kernel
dev_rw_zero(
domain
)
Read and write to the zero device (/dev/zero).
Module:
devices
Layer:
kernel
dev_rwx_zero(
domain
)
Read, write, and execute the zero device (/dev/zero).
Module:
devices
Layer:
kernel
dev_rx_raw_memory(
domain
)
Read and execute raw memory devices (e.g. /dev/mem).
Module:
devices
Layer:
kernel
dev_search_sysfs(
domain
)
Search the sysfs directories.
Module:
devices
Layer:
kernel
dev_search_usbfs(
domain
)
Search the directory containing USB hardware information.
Module:
devices
Layer:
kernel
dev_setattr_all_blk_files(
domain
)
Setattr on all block file device nodes.
Module:
devices
Layer:
kernel
dev_setattr_all_chr_files(
domain
)
Setattr on all character file device nodes.
Module:
devices
Layer:
kernel
dev_setattr_apm_bios_dev(
domain
)
Set the attributes of the apm bios device node.
Module:
devices
Layer:
kernel
dev_setattr_framebuffer_dev(
domain
)
Set the attributes of the framebuffer device node.
Module:
devices
Layer:
kernel
dev_setattr_generic_dirs(
domain
)
Set the attributes of /dev directories.
Module:
devices
Layer:
kernel
dev_setattr_misc_dev(
domain
)
Set the attributes of miscellaneous devices.
Module:
devices
Layer:
kernel
dev_setattr_mouse_dev(
domain
)
Set the attributes of the mouse devices.
Module:
devices
Layer:
kernel
dev_setattr_power_mgmt_dev(
domain
)
Set the attributes of the the power management device.
Module:
devices
Layer:
kernel
dev_setattr_printer_dev(
domain
)
Set the attributes of the printer device nodes.
Module:
devices
Layer:
kernel
dev_setattr_scanner_dev(
domain
)
Set the attributes of the scanner device.
Module:
devices
Layer:
kernel
dev_setattr_sound_dev(
domain
)
Set the attributes of the sound devices.
Module:
devices
Layer:
kernel
dev_setattr_video_dev(
domain
)
Set the attributes of video4linux device nodes.
Module:
devices
Layer:
kernel
dev_setattr_xserver_misc_dev(
domain
)
Set the attributes of X server miscellaneous devices.
Module:
devices
Layer:
kernel
dev_unconfined(
domain
)
Unconfined access to devices.
Module:
devices
Layer:
kernel
dev_write_misc(
domain
)
Write miscellaneous devices.
Module:
devices
Layer:
kernel
dev_write_rand(
domain
)
Write to the random device (e.g., /dev/random). This adds
entropy used to generate the random data read from the
random device.
Module:
devices
Layer:
kernel
dev_write_raw_memory(
domain
)
Write raw memory devices (e.g. /dev/mem).
Module:
devices
Layer:
kernel
dev_write_realtime_clock(
domain
)
Set the realtime clock (/dev/rtc).
Module:
devices
Layer:
kernel
dev_write_sound_mixer(
domain
)
Write the sound mixer devices.
Module:
devices
Layer:
kernel
dev_write_urand(
domain
)
Write to the pseudo random device (e.g., /dev/urandom). This
sets the random number generator seed.
Module:
devices
Layer:
kernel
dev_wx_raw_memory(
domain
)
Write and execute raw memory devices (e.g. /dev/mem).
Module:
dhcp
Layer:
services
dhcpd_setattr_state_files(
domain
)
Set the attributes of the DCHP
server state files.
Module:
dictd
Layer:
services
dictd_tcp_connect(
domain
)
Use dictionary services by connecting
over TCP.
Module:
dmesg
Layer:
admin
dmesg_domtrans(
domain
)
Execute dmesg in the dmesg domain.
Module:
dmesg
Layer:
admin
dmesg_exec(
domain
)
Execute dmesg in the caller domain.
Module:
dmidecode
Layer:
admin
dmidecode_domtrans(
domain
)
Execute dmidecode in the dmidecode domain.
Module:
dmidecode
Layer:
admin
dmidecode_run(
domain
,
role
,
terminal
)
Execute dmidecode in the dmidecode domain, and
allow the specified role the dmidecode domain.
Module:
domain
Layer:
kernel
domain_base_type(
type
)
Make the specified type usable as a basic domain.
Module:
domain
Layer:
kernel
domain_cron_exemption_source(
domain
)
Make the specified domain the source of
the cron domain exception of the
SELinux role and identity change
constraints.
Module:
domain
Layer:
kernel
domain_cron_exemption_target(
domain
)
Make the specified domain the target of
the cron domain exception of the
SELinux role and identity change
constraints.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_dgram_sockets(
domain
)
Do not audit attempts to get the attributes
of all domains unix datagram sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_domains(
domain
)
Get the attributes of all domains of all domains.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_key_sockets(
domain
)
Do not audit attempts to get attribues of
all domains IPSEC key management sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_packet_sockets(
domain
)
Do not audit attempts to get attribues of
all domains packet sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_pipes(
domain
)
Do not audit attempts to get the attributes
of all domains unnamed pipes.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_raw_sockets(
domain
)
Do not audit attempts to get attribues of
all domains raw sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_sockets(
domain
)
Do not audit attempts to get the attributes
of all domains sockets, for all socket types.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_stream_sockets(
domain
)
Do not audit attempts to get the attributes
of all domains unix datagram sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_tcp_sockets(
domain
)
Do not audit attempts to get the attributes
of all domains TCP sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getattr_all_udp_sockets(
domain
)
Do not audit attempts to get the attributes
of all domains UDP sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_getsession_all_domains(
domain
)
Do not audit attempts to get the
session ID of all domains.
Module:
domain
Layer:
kernel
domain_dontaudit_list_all_domains_state(
domain
)
Do not audit attempts to read the process state
directories of all domains.
Module:
domain
Layer:
kernel
domain_dontaudit_ptrace_all_domains(
domain
)
Do not audit attempts to ptrace all domains.
Module:
domain
Layer:
kernel
domain_dontaudit_ptrace_confined_domains(
domain
)
Do not audit attempts to ptrace confined domains.
Module:
domain
Layer:
kernel
domain_dontaudit_read_all_domains_state(
domain
)
Do not audit attempts to read the process
state (/proc/pid) of all domains.
Module:
domain
Layer:
kernel
domain_dontaudit_rw_all_key_sockets(
domain
)
Do not audit attempts to read or write
all domains key sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_rw_all_udp_sockets(
domain
)
Do not audit attempts to read or write
all domains UDP sockets.
Module:
domain
Layer:
kernel
domain_dontaudit_search_all_domains_state(
domain
)
Do not audit attempts to search the process
state directory (/proc/pid) of all domains.
Module:
domain
Layer:
kernel
domain_dontaudit_use_interactive_fds(
?
)
Module:
domain
Layer:
kernel
domain_entry_file(
domain
,
type
)
Make the specified type usable as
an entry point for the domain.
Module:
domain
Layer:
kernel
domain_entry_file_spec_domtrans(
domain
)
Execute an entry_type in the specified domain.
Module:
domain
Layer:
kernel
domain_exec_all_entry_files(
?
)
Module:
domain
Layer:
kernel
domain_getattr_all_domains(
domain
)
Get the attributes of all domains of all domains.
Module:
domain
Layer:
kernel
domain_getattr_all_entry_files(
domain
)
Get the attributes of entry point
files for all domains.
Module:
domain
Layer:
kernel
domain_getattr_all_sockets(
domain
)
Get the attributes of all domains
sockets, for all socket types.
Module:
domain
Layer:
kernel
domain_getattr_confined_domains(
domain
)
Get the attributes of all confined domains.
Module:
domain
Layer:
kernel
domain_getsession_all_domains(
domain
)
Get the session ID of all domains.
Module:
domain
Layer:
kernel
domain_kill_all_domains(
domain
)
Send a kill signal to all domains.
Module:
domain
Layer:
kernel
domain_manage_all_entry_files(
domain
)
Create, read, write, and delete all
entrypoint files.
Module:
domain
Layer:
kernel
domain_mmap_all_entry_files(
domain
)
Mmap all entry point files as executable.
Module:
domain
Layer:
kernel
domain_obj_id_change_exemption(
domain
)
Makes caller an exception to the constraint preventing
changing the user identity in object contexts.
Module:
domain
Layer:
kernel
domain_ptrace_all_domains(
domain
)
Module:
domain
Layer:
kernel
domain_read_all_domains_state(
domain
)
Read the process state (/proc/pid) of all domains.
Module:
domain
Layer:
kernel
domain_read_all_entry_files(
?
)
Module:
domain
Layer:
kernel
domain_read_confined_domains_state(
domain
)
Read the process state (/proc/pid) of all confined domains.
Module:
domain
Layer:
kernel
domain_relabel_all_entry_files(
domain
)
Relabel to and from all entry point
file types.
Module:
domain
Layer:
kernel
domain_role_change_exemption(
domain
)
Makes caller an exception to the constraint preventing
changing of role.
Module:
domain
Layer:
kernel
domain_search_all_domains_state(
domain
)
Search the process state directory (/proc/pid) of all domains.
Module:
domain
Layer:
kernel
domain_setpriority_all_domains(
?
)
Module:
domain
Layer:
kernel
domain_sigchld_all_domains(
domain
)
Send a child terminated signal to all domains.
Module:
domain
Layer:
kernel
domain_sigchld_interactive_fds(
domain
)
Send a SIGCHLD signal to domains whose file
discriptors are widely inheritable.
Module:
domain
Layer:
kernel
domain_signal_all_domains(
domain
)
Send general signals to all domains.
Module:
domain
Layer:
kernel
domain_signull_all_domains(
domain
)
Send a null signal to all domains.
Module:
domain
Layer:
kernel
domain_sigstop_all_domains(
domain
)
Send a stop signal to all domains.
Module:
domain
Layer:
kernel
domain_subj_id_change_exemption(
domain
)
Makes caller an exception to the constraint preventing
changing of user identity.
Module:
domain
Layer:
kernel
domain_system_change_exemption(
domain
)
Makes caller and execption to the constraint
preventing changing to the system user
identity and system role.
Module:
domain
Layer:
kernel
domain_type(
type
)
Make the specified type usable as a domain.
Module:
domain
Layer:
kernel
domain_unconfined(
domain
)
Unconfined access to domains.
Module:
domain
Layer:
kernel
domain_use_interactive_fds(
?
)
Module:
domain
Layer:
kernel
domain_user_exemption_target(
domain
)
Make the specified domain the target of
the user domain exception of the
SELinux role and identity change
constraints.
Module:
dovecot
Layer:
services
dovecot_manage_spool(
domain
)
Create, read, write, and delete the dovecot spool files.
Module:
files
Layer:
kernel
files_associate_tmp(
file_type
)
Allow the specified type to associate
to a filesystem with the type of the
temporary directory (/tmp).
Module:
files
Layer:
kernel
files_boot_filetrans(
domain
,
private_type
,
object_class
)
Create a private type object in boot
with an automatic type transition
Module:
files
Layer:
kernel
files_config_file(
file_type
)
Make the specified type a
configuration file.
Module:
files
Layer:
kernel
files_create_boot_dirs(
domain
)
Create directories in /boot
Module:
files
Layer:
kernel
files_create_boot_flag(
?
)
Module:
files
Layer:
kernel
files_create_kernel_img(
domain
)
Install a kernel into the /boot directory.
Module:
files
Layer:
kernel
files_create_kernel_symbol_table(
domain
)
Install a system.map into the /boot directory.
Module:
files
Layer:
kernel
files_delete_all_locks(
?
)
Module:
files
Layer:
kernel
files_delete_all_pid_dirs(
?
)
Module:
files
Layer:
kernel
files_delete_etc_files(
domain
)
Delete system configuration files in /etc.
Module:
files
Layer:
kernel
files_delete_kernel(
domain
)
Delete a kernel from /boot.
Module:
files
Layer:
kernel
files_delete_kernel_modules(
domain
)
Delete kernel module files.
Module:
files
Layer:
kernel
files_delete_kernel_symbol_table(
domain
)
Delete a system.map in the /boot directory.
Module:
files
Layer:
kernel
files_delete_root_dir_entry(
?
)
Module:
files
Layer:
kernel
files_dontaudit_getattr_all_dirs(
domain
)
Do not audit attempts to get the attributes
of all directories.
Module:
files
Layer:
kernel
files_dontaudit_getattr_all_files(
domain
)
Do not audit attempts to get the attributes
of all files.
Module:
files
Layer:
kernel
files_dontaudit_getattr_all_pipes(
domain
)
Do not audit attempts to get the attributes
of all named pipes.
Module:
files
Layer:
kernel
files_dontaudit_getattr_all_sockets(
domain
)
Do not audit attempts to get the attributes
of all named sockets.
Module:
files
Layer:
kernel
files_dontaudit_getattr_all_symlinks(
domain
)
Do not audit attempts to get the attributes
of all symbolic links.
Module:
files
Layer:
kernel
files_dontaudit_getattr_boot_dirs(
domain
)
Do not audit attempts to get attributes
of the /boot directory.
Module:
files
Layer:
kernel
files_dontaudit_getattr_default_dirs(
domain
)
Do not audit attempts to get the attributes of
directories with the default file type.
Module:
files
Layer:
kernel
files_dontaudit_getattr_default_files(
domain
)
Do not audit attempts to get the attributes of
files with the default file type.
Module:
files
Layer:
kernel
files_dontaudit_getattr_home_dir(
domain
)
Do not audit attempts to get the
attributes of the home directories root
(/home).
Module:
files
Layer:
kernel
files_dontaudit_getattr_non_security_blk_files(
domain
)
Do not audit attempts to get the attributes
of non security block devices.
Module:
files
Layer:
kernel
files_dontaudit_getattr_non_security_chr_files(
domain
)
Do not audit attempts to get the attributes
of non security character devices.
Module:
files
Layer:
kernel
files_dontaudit_getattr_non_security_files(
domain
)
Do not audit attempts to get the attributes
of non security files.
Module:
files
Layer:
kernel
files_dontaudit_getattr_non_security_pipes(
domain
)
Do not audit attempts to get the attributes
of non security named pipes.
Module:
files
Layer:
kernel
files_dontaudit_getattr_non_security_sockets(
domain
)
Do not audit attempts to get the attributes
of non security named sockets.
Module:
files
Layer:
kernel
files_dontaudit_getattr_non_security_symlinks(
domain
)
Do not audit attempts to get the attributes
of non security symbolic links.
Module:
files
Layer:
kernel
files_dontaudit_getattr_pid_dirs(
domain
)
Do not audit attempts to get the attributes
of the /var/run directory.
Module:
files
Layer:
kernel
files_dontaudit_getattr_tmp_dirs(
domain
)
Do not audit attempts to get the
attributes of the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_dontaudit_ioctl_all_pids(
domain
)
Do not audit attempts to ioctl daemon runtime data files.
Module:
files
Layer:
kernel
files_dontaudit_list_default(
domain
)
Do not audit attempts to list contents of
directories with the default file type.
Module:
files
Layer:
kernel
files_dontaudit_list_home(
domain
)
Do not audit attempts to list
home directories root (/home).
Module:
files
Layer:
kernel
files_dontaudit_list_non_security(
domain
)
Do not audit attempts to list all
non-security directories.
Module:
files
Layer:
kernel
files_dontaudit_list_tmp(
domain
)
Do not audit listing of the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_dontaudit_read_default_files(
domain
)
Do not audit attempts to read files
with the default file type.
Module:
files
Layer:
kernel
files_dontaudit_read_etc_runtime_files(
domain
)
Do not audit attempts to read files
in /etc that are dynamically
created on boot, such as mtab.
Module:
files
Layer:
kernel
files_dontaudit_read_root_files(
?
)
Module:
files
Layer:
kernel
files_dontaudit_rw_root_chr_files(
?
)
Module:
files
Layer:
kernel
files_dontaudit_rw_root_files(
?
)
Module:
files
Layer:
kernel
files_dontaudit_search_all_dirs(
?
)
Module:
files
Layer:
kernel
files_dontaudit_search_boot(
domain
)
Do not audit attempts to search the /boot directory.
Module:
files
Layer:
kernel
files_dontaudit_search_home(
domain
)
Do not audit attempts to search
home directories root (/home).
Module:
files
Layer:
kernel
files_dontaudit_search_isid_type_dirs(
domain
)
Do not audit attempts to search directories on new filesystems
that have not yet been labeled.
Module:
files
Layer:
kernel
files_dontaudit_search_locks(
domain
)
Do not audit attempts to search the
locks directory (/var/lock).
Module:
files
Layer:
kernel
files_dontaudit_search_pids(
domain
)
Do not audit attempts to search
the /var/run directory.
Module:
files
Layer:
kernel
files_dontaudit_search_spool(
domain
)
Do not audit attempts to search generic
spool directories.
Module:
files
Layer:
kernel
files_dontaudit_search_src(
?
)
Module:
files
Layer:
kernel
files_dontaudit_search_var(
domain
)
Do not audit attempts to search
the contents of /var.
Module:
files
Layer:
kernel
files_dontaudit_write_all_pids(
domain
)
Do not audit attempts to write to daemon runtime data files.
Module:
files
Layer:
kernel
files_dontaudit_write_var_dirs(
domain
)
Do not audit attempts to write to /var.
Module:
files
Layer:
kernel
files_exec_usr_files(
domain
)
Execute generic programs in /usr in the caller domain.
Module:
files
Layer:
kernel
files_exec_usr_src_files(
domain
)
Execute programs in /usr/src in the caller domain.
Module:
files
Layer:
kernel
files_getattr_all_dirs(
domain
)
Get the attributes of all directories.
Module:
files
Layer:
kernel
files_getattr_all_files(
domain
)
Get the attributes of all files.
Module:
files
Layer:
kernel
files_getattr_all_pipes(
domain
)
Get the attributes of all named pipes.
Module:
files
Layer:
kernel
files_getattr_all_sockets(
domain
)
Get the attributes of all named sockets.
Module:
files
Layer:
kernel
files_getattr_all_symlinks(
domain
)
Get the attributes of all symbolic links.
Module:
files
Layer:
kernel
files_getattr_boot_dirs(
domain
)
Get attributes of the /boot directory.
Module:
files
Layer:
kernel
files_getattr_default_dirs(
domain
)
Getattr of directories with the default file type.
Module:
files
Layer:
kernel
files_getattr_generic_locks(
?
)
Module:
files
Layer:
kernel
files_getattr_home_dir(
domain
)
Get the attributes of the home directories root
(/home).
Module:
files
Layer:
kernel
files_getattr_isid_type_dirs(
domain
)
Getattr of directories on new filesystems
that have not yet been labeled.
Module:
files
Layer:
kernel
files_getattr_kernel_modules(
domain
)
Get the attributes of kernel module files.
Module:
files
Layer:
kernel
files_getattr_tmp_dirs(
domain
)
Get the attributes of the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_getattr_usr_files(
domain
)
Get the attributes of files in /usr.
Module:
files
Layer:
kernel
files_getattr_var_lib_dirs(
domain
)
Get the attributes of the /var/lib directory.
Module:
files
Layer:
kernel
files_home_filetrans(
domain
,
home_type
,
object
)
Module:
files
Layer:
kernel
files_kernel_modules_filetrans(
domain
,
private_type
,
object_class
)
Create objects in the kernel module directories
with a private type via an automatic type transition.
Module:
files
Layer:
kernel
files_list_default(
domain
)
List contents of directories with the default file type.
Module:
files
Layer:
kernel
files_list_home(
domain
)
Get listing of home directories.
Module:
files
Layer:
kernel
files_list_isid_type_dirs(
domain
)
List the contents of directories on new filesystems
that have not yet been labeled.
Module:
files
Layer:
kernel
files_list_kernel_modules(
domain
)
List the contents of the kernel module directories.
Module:
files
Layer:
kernel
files_list_non_security(
domain
)
List all non-security directories.
Module:
files
Layer:
kernel
files_list_tmp(
domain
)
Read the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_list_usr(
domain
)
List the contents of generic
directories in /usr.
Module:
files
Layer:
kernel
files_list_var(
domain
)
List the contents of /var.
Module:
files
Layer:
kernel
files_list_var_lib(
domain
)
List the contents of the /var/lib directory.
Module:
files
Layer:
kernel
files_list_world_readable(
domain
)
List world-readable directories.
Module:
files
Layer:
kernel
files_manage_all_files(
domain
,
exception_types
)
Manage all files on the filesystem, except
the listed exceptions.
Module:
files
Layer:
kernel
files_manage_boot_files(
domain
)
Create, read, write, and delete files
in the /boot directory.
Module:
files
Layer:
kernel
files_manage_boot_symlinks(
domain
)
Create, read, write, and delete symbolic links
in the /boot directory.
Module:
files
Layer:
kernel
files_manage_etc_files(
?
)
Module:
files
Layer:
kernel
files_manage_etc_runtime_files(
domain
)
Create, read, write, and delete files in
/etc that are dynamically created on boot,
such as mtab.
Module:
files
Layer:
kernel
files_manage_generic_locks(
?
)
Module:
files
Layer:
kernel
files_manage_generic_spool(
?
)
Module:
files
Layer:
kernel
files_manage_generic_spool_dirs(
?
)
Module:
files
Layer:
kernel
files_manage_isid_type_blk_files(
domain
)
Create, read, write, and delete block device nodes
on new filesystems that have not yet been labeled.
Module:
files
Layer:
kernel
files_manage_isid_type_chr_files(
domain
)
Create, read, write, and delete character device nodes
on new filesystems that have not yet been labeled.
Module:
files
Layer:
kernel
files_manage_isid_type_dirs(
domain
)
Create, read, write, and delete directories
on new filesystems that have not yet been labeled.
Module:
files
Layer:
kernel
files_manage_isid_type_files(
domain
)
Create, read, write, and delete files
on new filesystems that have not yet been labeled.
Module:
files
Layer:
kernel
files_manage_isid_type_symlinks(
domain
)
Create, read, write, and delete symbolic links
on new filesystems that have not yet been labeled.
Module:
files
Layer:
kernel
files_manage_kernel_modules(
domain
)
Create, read, write, and delete
kernel module files.
Module:
files
Layer:
kernel
files_manage_lost_found(
domain
)
Create, read, write, and delete objects in
lost+found directories.
Module:
files
Layer:
kernel
files_manage_mnt_dirs(
domain
)
Create, read, write, and delete directories in /mnt.
Module:
files
Layer:
kernel
files_manage_mnt_files(
domain
)
Create, read, write, and delete files in /mnt.
Module:
files
Layer:
kernel
files_manage_mnt_symlinks(
domain
)
Create, read, write, and delete symbolic links in /mnt.
Module:
files
Layer:
kernel
files_manage_mounttab(
domain
)
Allow domain to manage mount tables
necessary for rpcd, nfsd, etc.
Module:
files
Layer:
kernel
files_manage_urandom_seed(
?
)
Module:
files
Layer:
kernel
files_manage_var_dirs(
domain
)
Create, read, write, and delete directories
in the /var directory.
Module:
files
Layer:
kernel
files_manage_var_files(
domain
)
Create, read, write, and delete files in the /var directory.
Module:
files
Layer:
kernel
files_manage_var_symlinks(
domain
)
Create, read, write, and delete symbolic
links in the /var directory.
Module:
files
Layer:
kernel
files_mount_all_file_type_fs(
?
)
Module:
files
Layer:
kernel
files_mounton_all_mountpoints(
?
)
Module:
files
Layer:
kernel
files_mounton_all_poly_members(
domain
)
Mount filesystems on all polyinstantiation
member directories.
Module:
files
Layer:
kernel
files_mounton_default(
domain
)
Mount a filesystem on a directory with the default file type.
Module:
files
Layer:
kernel
files_mounton_isid_type_dirs(
domain
)
Mount a filesystem on a directory on new filesystems
that has not yet been labeled.
Module:
files
Layer:
kernel
files_mounton_mnt(
domain
)
Mount a filesystem on /mnt.
Module:
files
Layer:
kernel
files_poly(
file_type
)
Make the specified type a
polyinstantiated directory.
Module:
files
Layer:
kernel
files_poly_member(
file_type
)
Make the specified type a
polyinstantiation member directory.
Module:
files
Layer:
kernel
files_poly_member_tmp(
domain
,
file_type
)
Make the domain use the specified
type of polyinstantiated directory.
Module:
files
Layer:
kernel
files_poly_parent(
file_type
)
Make the specified type a parent
of a polyinstantiated directory.
Module:
files
Layer:
kernel
files_polyinstantiate_all(
domain
)
Allow access to manage all polyinstantiated
directories on the system.
Module:
files
Layer:
kernel
files_read_all_blk_files(
domain
)
Read all block nodes with file types.
Module:
files
Layer:
kernel
files_read_all_chr_files(
domain
)
Read all character nodes with file types.
Module:
files
Layer:
kernel
files_read_all_dirs_except(
domain
,
exception_types
)
Read all directories on the filesystem, except
the listed exceptions.
Module:
files
Layer:
kernel
files_read_all_files(
domain
)
Module:
files
Layer:
kernel
files_read_all_files_except(
domain
,
exception_types
)
Read all files on the filesystem, except
the listed exceptions.
Module:
files
Layer:
kernel
files_read_all_locks(
domain
)
Module:
files
Layer:
kernel
files_read_all_symlinks(
domain
)
Module:
files
Layer:
kernel
files_read_all_symlinks_except(
domain
,
exception_types
)
Read all symbolic links on the filesystem, except
the listed exceptions.
Module:
files
Layer:
kernel
files_read_default_files(
domain
)
Read files with the default file type.
Module:
files
Layer:
kernel
files_read_default_pipes(
domain
)
Read named pipes with the default file type.
Module:
files
Layer:
kernel
files_read_default_sockets(
domain
)
Read sockets with the default file type.
Module:
files
Layer:
kernel
files_read_default_symlinks(
domain
)
Read symbolic links with the default file type.
Module:
files
Layer:
kernel
files_read_etc_runtime_files(
domain
)
Read files in /etc that are dynamically
created on boot, such as mtab.
Module:
files
Layer:
kernel
files_read_generic_spool(
?
)
Module:
files
Layer:
kernel
files_read_generic_tmp_files(
domain
)
Read files in the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_read_generic_tmp_symlinks(
domain
)
Read symbolic links in the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_read_isid_type_files(
domain
)
Read files on new filesystems
that have not yet been labeled.
Module:
files
Layer:
kernel
files_read_kernel_modules(
domain
)
Read kernel module files.
Module:
files
Layer:
kernel
files_read_kernel_symbol_table(
domain
)
Read system.map in the /boot directory.
Module:
files
Layer:
kernel
files_read_non_security_files(
domain
)
Read all non-security files.
Module:
files
Layer:
kernel
files_read_usr_src_files(
?
)
Module:
files
Layer:
kernel
files_read_usr_symlinks(
domain
)
Read symbolic links in /usr.
Module:
files
Layer:
kernel
files_read_var_files(
domain
)
Read files in the /var directory.
Module:
files
Layer:
kernel
files_read_var_lib_files(
domain
)
Read generic files in /var/lib.
Module:
files
Layer:
kernel
files_read_var_lib_symlinks(
domain
)
Read generic symbolic links in /var/lib
Module:
files
Layer:
kernel
files_read_var_symlinks(
domain
)
Read symbolic links in the /var directory.
Module:
files
Layer:
kernel
files_read_world_readable_files(
domain
)
Read world-readable files.
Module:
files
Layer:
kernel
files_read_world_readable_pipes(
domain
)
Read world-readable named pipes.
Module:
files
Layer:
kernel
files_read_world_readable_sockets(
domain
)
Read world-readable sockets.
Module:
files
Layer:
kernel
files_read_world_readable_symlinks(
domain
)
Read world-readable symbolic links.
Module:
files
Layer:
kernel
files_relabel_all_files(
domain
,
exception_types
)
Relabel all files on the filesystem, except
the listed exceptions.
Module:
files
Layer:
kernel
files_relabel_etc_files(
domain
)
Relabel from and to generic files in /etc.
Module:
files
Layer:
kernel
files_relabel_kernel_modules(
domain
)
Relabel from and to kernel module files.
Module:
files
Layer:
kernel
files_relabelfrom_boot_files(
domain
)
Relabel from files in the /boot directory.
Module:
files
Layer:
kernel
files_relabelto_all_file_type_fs(
?
)
Module:
files
Layer:
kernel
files_relabelto_usr_files(
domain
)
Relabel a file to the type used in /usr.
Module:
files
Layer:
kernel
files_root_filetrans(
domain
,
private type
,
object
)
Create an object in the root directory, with a private
type.
Module:
files
Layer:
kernel
files_rw_boot_symlinks(
domain
)
Read and write symbolic links
in the /boot directory.
Module:
files
Layer:
kernel
files_rw_etc_runtime_files(
domain
)
Read and write files in /etc that are dynamically
created on boot, such as mtab.
Module:
files
Layer:
kernel
files_rw_generic_tmp_sockets(
domain
)
Read and write generic named sockets in the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_rw_isid_type_blk_files(
domain
)
Read and write block device nodes on new filesystems
that have not yet been labeled.
Module:
files
Layer:
kernel
files_rw_isid_type_dirs(
domain
)
Read and write directories on new filesystems
that have not yet been labeled.
Module:
files
Layer:
kernel
files_rw_lock_dirs(
domain
)
Add and remove entries in the /var/lock
directories.
Module:
files
Layer:
kernel
files_search_boot(
domain
)
Search the /boot directory.
Module:
files
Layer:
kernel
files_search_default(
domain
)
Search the contents of directories with the default file type.
Module:
files
Layer:
kernel
files_search_home(
domain
)
Search home directories root (/home).
Module:
files
Layer:
kernel
files_search_kernel_modules(
domain
)
Search the contents of the kernel module directories.
Module:
files
Layer:
kernel
files_search_locks(
domain
)
Search the locks directory (/var/lock).
Module:
files
Layer:
kernel
files_search_tmp(
domain
)
Search the tmp directory (/tmp).
Module:
files
Layer:
kernel
files_search_var(
domain
)
Search the contents of /var.
Module:
files
Layer:
kernel
files_search_var_lib(
domain
)
Search the /var/lib directory.
Module:
files
Layer:
kernel
files_security_file(
file_type
)
Make the specified type a file that
should not be dontaudited from
browsing from user domains.
Module:
files
Layer:
kernel
files_setattr_all_tmp_dirs(
domain
)
Set the attributes of all tmp directories.
Module:
files
Layer:
kernel
files_setattr_etc_dirs(
domain
)
Set the attributes of the /etc directories.
Module:
files
Layer:
kernel
files_tmp_file(
file_type
)
Make the specified type a file
used for temporary files.
Module:
files
Layer:
kernel
files_tmpfs_file(
type
)
Transform the type into a file, for use on a
virtual memory filesystem (tmpfs).
Module:
files
Layer:
kernel
files_type(
type
)
Make the specified type usable for files
in a filesystem.
Module:
files
Layer:
kernel
files_unconfined(
domain
)
Unconfined access to files.
Module:
files
Layer:
kernel
files_unmount_all_file_type_fs(
?
)
Module:
files
Layer:
kernel
files_usr_filetrans(
domain
,
file_type
,
object_class
)
Create objects in the /usr directory
Module:
files
Layer:
kernel
files_var_filetrans(
domain
,
file_type
,
object_class
)
Create objects in the /var directory
Module:
files
Layer:
kernel
files_var_lib_filetrans(
domain
,
file_type
,
object_class
)
Create objects in the /var/lib directory
Module:
files
Layer:
kernel
files_write_kernel_modules(
domain
)
Write kernel module files.
Module:
files
Layer:
kernel
files_write_non_security_dirs(
domain
)
Allow attempts to modify any directory
Module:
finger
Layer:
services
finger_domtrans(
domain
)
Execute fingerd in the fingerd domain.
Module:
finger
Layer:
services
finger_tcp_connect(
domain
)
Allow the specified domain to connect to fingerd with a tcp socket.
Module:
firstboot
Layer:
admin
firstboot_domtrans(
domain
)
Execute firstboot in the firstboot domain.
Module:
firstboot
Layer:
admin
firstboot_dontaudit_use_fds(
domain
)
Do not audit attempts to inherit a
file descriptor from firstboot.
Module:
firstboot
Layer:
admin
firstboot_run(
domain
,
role
,
terminal
)
Execute firstboot in the firstboot domain, and
allow the specified role the firstboot domain.
Module:
firstboot
Layer:
admin
firstboot_use_fds(
domain
)
Inherit and use a file descriptor from firstboot.
Module:
firstboot
Layer:
admin
firstboot_write_pipes(
domain
)
Write to a firstboot unnamed pipe.
Module:
filesystem
Layer:
kernel
fs_associate(
file_type
)
Associate the specified file type to persistent
filesystems with extended attributes. This
allows a file of this type to be created on
a filesystem such as ext3, JFS, and XFS.
Module:
filesystem
Layer:
kernel
fs_associate_noxattr(
file_type
)
Associate the specified file type to
filesystems which lack extended attributes
support. This allows a file of this type
to be created on a filesystem such as
FAT32, and NFS.
Module:
filesystem
Layer:
kernel
fs_associate_tmpfs(
type
)
Allow the type to associate to tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_cifs_domtrans(
domain
,
target_domain
)
Execute a file on a CIFS or SMB filesystem
in the specified domain.
Module:
filesystem
Layer:
kernel
fs_donaudit_read_removable_files(
domain
)
Do not audit attempts to read removable storage files.
Module:
filesystem
Layer:
kernel
fs_dontaudit_getattr_all_files(
domain
)
Do not audit attempts to get the attributes
of all files with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_dontaudit_getattr_all_fs(
domain
)
Do not audit attempts to get the attributes
all filesystems.
Module:
filesystem
Layer:
kernel
fs_dontaudit_getattr_all_pipes(
domain
)
Do not audit attempts to get the attributes
of all named pipes with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_dontaudit_getattr_all_sockets(
domain
)
Do not audit attempts to get the attributes
of all named sockets with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_dontaudit_getattr_all_symlinks(
domain
)
Do not audit attempts to get the attributes
of all symbolic links with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_dontaudit_getattr_xattr_fs(
domain
)
Do not audit attempts to
get the attributes of a persistent
filesystem which has extended
attributes, such as ext3, JFS, or XFS.
Module:
filesystem
Layer:
kernel
fs_dontaudit_list_auto_mountpoints(
domain
)
Do not audit attempts to list directories of automatically
mounted filesystems.
Module:
filesystem
Layer:
kernel
fs_dontaudit_list_cifs(
domain
)
Do not audit attempts to list the contents
of directories on a CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_list_nfs(
domain
)
Do not audit attempts to list the contents
of directories on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_list_removable(
domain
)
Do not audit attempts to list removable storage directories.
Module:
filesystem
Layer:
kernel
fs_dontaudit_list_tmpfs(
domain
)
Do not audit attempts to list the
contents of generic tmpfs directories.
Module:
filesystem
Layer:
kernel
fs_dontaudit_manage_cifs_dirs(
domain
)
Do not audit attempts to create, read,
write, and delete directories
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_manage_cifs_files(
domain
)
Do not audit attempts to create, read,
write, and delete files
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_manage_nfs_dirs(
domain
)
Do not audit attempts to create, read,
write, and delete directories
on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_manage_nfs_files(
domain
)
Do not audit attempts to create,
read, write, and delete files
on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_read_cifs_files(
domain
)
Do not audit attempts to read
files on a CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_read_nfs_files(
domain
)
Do not audit attempts to read
files on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_read_ramfs_files(
domain
)
Dontaudit read on a ramfs files.
Module:
filesystem
Layer:
kernel
fs_dontaudit_read_ramfs_pipes(
domain
)
Dontaudit read on a ramfs fifo_files.
Module:
filesystem
Layer:
kernel
fs_dontaudit_rw_cifs_files(
domain
)
Do not audit attempts to read or
write files on a CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_rw_nfs_files(
domain
)
Do not audit attempts to read or
write files on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_dontaudit_rw_tmpfs_files(
domain
)
Do not audit attempts to read or write
generic tmpfs files.
Module:
filesystem
Layer:
kernel
fs_dontaudit_search_ramfs(
domain
)
Dontaudit Search directories on a ramfs
Module:
filesystem
Layer:
kernel
fs_dontaudit_use_tmpfs_chr_dev(
domain
)
dontaudit Read and write character nodes on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_exec_cifs_files(
domain
)
Execute files on a CIFS or SMB
network filesystem, in the caller
domain.
Module:
filesystem
Layer:
kernel
fs_exec_nfs_files(
domain
)
Execute files on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_exec_noxattr(
domain
)
Execute files on a filesystem that does
not support extended attributes.
Module:
filesystem
Layer:
kernel
fs_get_all_fs_quotas(
domain
)
Get the quotas of all filesystems.
Module:
filesystem
Layer:
kernel
fs_get_xattr_fs_quotas(
domain
)
Get the filesystem quotas of a filesystem
with extended attributes.
Module:
filesystem
Layer:
kernel
fs_getattr_all_dirs(
domain
)
Get the attributes of all directories
with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_getattr_all_files(
domain
)
Get the attributes of all files with
a filesystem type.
Module:
filesystem
Layer:
kernel
fs_getattr_all_fs(
domain
)
Get the attributes of all persistent
filesystems.
Module:
filesystem
Layer:
kernel
fs_getattr_all_pipes(
domain
)
Get the attributes of all named pipes with
a filesystem type.
Module:
filesystem
Layer:
kernel
fs_getattr_all_sockets(
domain
)
Get the attributes of all named sockets with
a filesystem type.
Module:
filesystem
Layer:
kernel
fs_getattr_all_symlinks(
domain
)
Get the attributes of all symbolic links with
a filesystem type.
Module:
filesystem
Layer:
kernel
fs_getattr_autofs(
domain
)
Get the attributes of an automount
pseudo filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_cifs(
domain
)
Get the attributes of a CIFS or
SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_dos_fs(
domain
)
Get the attributes of a DOS
filesystem, such as FAT32 or NTFS.
Module:
filesystem
Layer:
kernel
fs_getattr_iso9660_fs(
domain
)
Get the attributes of an iso9660
filesystem, which is usually used on CDs.
Module:
filesystem
Layer:
kernel
fs_getattr_nfs(
domain
)
Get the attributes of a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_nfsd_fs(
domain
)
Get the attributes of a NFS server
pseudo filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_ramfs(
domain
)
Get the attributes of a RAM filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_romfs(
domain
)
Get the attributes of a ROM
filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_rpc_dirs(
domain
)
Read directories of RPC file system pipes.
Module:
filesystem
Layer:
kernel
fs_getattr_rpc_pipefs(
domain
)
Get the attributes of a RPC pipe
filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_tmpfs(
domain
)
Get the attributes of a tmpfs
filesystem.
Module:
filesystem
Layer:
kernel
fs_getattr_tmpfs_dirs(
domain
)
Get the attributes of tmpfs directories.
Module:
filesystem
Layer:
kernel
fs_getattr_xattr_fs(
domain
)
Get the attributes of a persistent
filesystem which has extended
attributes, such as ext3, JFS, or XFS.
Module:
filesystem
Layer:
kernel
fs_list_all(
domain
)
List all directories with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_list_auto_mountpoints(
domain
)
Read directories of automatically
mounted filesystems.
Module:
filesystem
Layer:
kernel
fs_list_cifs(
domain
)
List the contents of directories on a
CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_list_inotifyfs(
domain
)
List inotifyfs filesystem.
Module:
filesystem
Layer:
kernel
fs_list_noxattr_fs(
domain
)
Read all noxattrfs directories.
Module:
filesystem
Layer:
kernel
fs_list_rpc(
domain
)
Read directories of RPC file system pipes.
Module:
filesystem
Layer:
kernel
fs_list_tmpfs(
domain
)
List the contents of generic tmpfs directories.
Module:
filesystem
Layer:
kernel
fs_manage_auto_mountpoints(
domain
)
Create, read, write, and delete
auto moutpoints.
Module:
filesystem
Layer:
kernel
fs_manage_cifs_dirs(
domain
)
Create, read, write, and delete directories
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_cifs_files(
domain
)
Create, read, write, and delete files
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_cifs_named_pipes(
domain
)
Create, read, write, and delete named pipes
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_cifs_named_sockets(
domain
)
Create, read, write, and delete named sockets
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_cifs_symlinks(
domain
)
Create, read, write, and delete symbolic links
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_nfs_dirs(
domain
)
Create, read, write, and delete directories
on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_nfs_files(
domain
)
Create, read, write, and delete files
on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_nfs_named_pipes(
domain
)
Create, read, write, and delete named pipes
on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_nfs_named_sockets(
domain
)
Create, read, write, and delete named sockets
on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_nfs_symlinks(
domain
)
Create, read, write, and delete symbolic links
on a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_manage_tmpfs_blk_files(
domain
)
Read and write, create and delete block nodes
on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_manage_tmpfs_chr_files(
domain
)
Read and write, create and delete character
nodes on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_manage_tmpfs_dirs(
domain
)
Create, read, write, and delete
tmpfs directories
Module:
filesystem
Layer:
kernel
fs_manage_tmpfs_files(
domain
)
Read and write, create and delete generic
files on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_manage_tmpfs_sockets(
domain
)
Read and write, create and delete socket
files on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_manage_tmpfs_symlinks(
domain
)
Read and write, create and delete symbolic
links on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_mount_autofs(
domain
)
Mount an automount pseudo filesystem.
Module:
filesystem
Layer:
kernel
fs_mount_cifs(
domain
)
Mount a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_mount_dos_fs(
domain
)
Mount a DOS filesystem, such as
FAT32 or NTFS.
Module:
filesystem
Layer:
kernel
fs_mount_iso9660_fs(
domain
)
Mount an iso9660 filesystem, which
is usually used on CDs.
Module:
filesystem
Layer:
kernel
fs_mount_nfsd_fs(
domain
)
Mount a NFS server pseudo filesystem.
Module:
filesystem
Layer:
kernel
fs_mount_rpc_pipefs(
domain
)
Mount a RPC pipe filesystem.
Module:
filesystem
Layer:
kernel
fs_mount_tmpfs(
domain
)
Mount a tmpfs filesystem.
Module:
filesystem
Layer:
kernel
fs_mount_xattr_fs(
domain
)
Mount a persistent filesystem which
has extended attributes, such as
ext3, JFS, or XFS.
Module:
filesystem
Layer:
kernel
fs_nfs_domtrans(
domain
,
target_domain
)
Execute a file on a NFS filesystem
in the specified domain.
Module:
filesystem
Layer:
kernel
fs_noxattr_type(
domain
)
Transform specified type into a filesystem
type which does not have extended attribute
support.
Module:
filesystem
Layer:
kernel
fs_read_cifs_files(
domain
)
Read files on a CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_read_cifs_symlinks(
domain
)
Read symbolic links on a CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_read_nfs_files(
domain
)
Read files on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_read_nfs_symlinks(
domain
)
Read symbolic links on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_read_noxattr_fs_files(
domain
)
Read all noxattrfs files.
Module:
filesystem
Layer:
kernel
fs_read_noxattr_fs_symlinks(
domain
)
Read all noxattrfs symbolic links.
Module:
filesystem
Layer:
kernel
fs_read_removable_files(
domain
)
Read removable storage files.
Module:
filesystem
Layer:
kernel
fs_read_removable_symlinks(
domain
)
Read removable storage symbolic links.
Module:
filesystem
Layer:
kernel
fs_read_rpc_files(
domain
)
Read files of RPC file system pipes.
Module:
filesystem
Layer:
kernel
fs_read_rpc_sockets(
domain
)
Read sockets of RPC file system pipes.
Module:
filesystem
Layer:
kernel
fs_read_rpc_symlinks(
domain
)
Read symbolic links of RPC file system pipes.
Module:
filesystem
Layer:
kernel
fs_register_binary_executable_type(
domain
)
Register an interpreter for new binary
file types, using the kernel binfmt_misc
support. A common use for this is to
register a JVM as an interpreter for
Java byte code. Registered binaries
can be directly executed on a command line
without specifying the interpreter.
Module:
filesystem
Layer:
kernel
fs_relabel_tmpfs_blk_file(
domain
)
Relabel block nodes on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_relabel_tmpfs_chr_file(
domain
)
Relabel character nodes on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_relabelfrom_all_fs(
domain
)
Relabelfrom all filesystems.
Module:
filesystem
Layer:
kernel
fs_relabelfrom_dos_fs(
domain
)
Allow changing of the label of a
DOS filesystem using the context= mount option.
Module:
filesystem
Layer:
kernel
fs_relabelfrom_xattr_fs(
domain
)
Allow changing of the label of a
filesystem with extended attributes
using the context= mount option.
Module:
filesystem
Layer:
kernel
fs_remount_all_fs(
domain
)
Remount all filesystems. This
allows some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_autofs(
domain
)
Remount an automount pseudo filesystem
This allows some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_cifs(
domain
)
Remount a CIFS or SMB network filesystem.
This allows some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_dos_fs(
domain
)
Remount a DOS filesystem, such as
FAT32 or NTFS. This allows
some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_iso9660_fs(
domain
)
Remount an iso9660 filesystem, which
is usually used on CDs. This allows
some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_nfs(
domain
)
Remount a NFS filesystem. This allows
some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_nfsd_fs(
domain
)
Mount a NFS server pseudo filesystem.
This allows some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_ramfs(
domain
)
Remount a RAM filesystem. This allows
some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_romfs(
domain
)
Remount a ROM filesystem. This allows
some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_rpc_pipefs(
domain
)
Remount a RPC pipe filesystem. This
allows some mount option to be changed.
Module:
filesystem
Layer:
kernel
fs_remount_tmpfs(
domain
)
Remount a tmpfs filesystem.
Module:
filesystem
Layer:
kernel
fs_remount_xattr_fs(
domain
)
Remount a persistent filesystem which
has extended attributes, such as
ext3, JFS, or XFS. This allows
some mount options to be changed.
Module:
filesystem
Layer:
kernel
fs_rw_nfsd_fs(
domain
)
Read and write NFS server files.
Module:
filesystem
Layer:
kernel
fs_rw_ramfs_pipes(
domain
)
Read and write a named pipe on a ramfs filesystem.
Module:
filesystem
Layer:
kernel
fs_rw_tmpfs_blk_files(
domain
)
Read and write block nodes on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_rw_tmpfs_chr_files(
domain
)
Read and write character nodes on tmpfs filesystems.
Module:
filesystem
Layer:
kernel
fs_rw_tmpfs_files(
domain
)
Read and write generic tmpfs files.
Module:
filesystem
Layer:
kernel
fs_search_all(
domain
)
Search all directories with a filesystem type.
Module:
filesystem
Layer:
kernel
fs_search_auto_mountpoints(
domain
)
Search automount filesystem to use automatically
mounted filesystems.
Module:
filesystem
Layer:
kernel
fs_search_cifs(
domain
)
Search directories on a CIFS or SMB filesystem.
Module:
filesystem
Layer:
kernel
fs_search_inotifyfs(
domain
)
Search inotifyfs filesystem.
Module:
filesystem
Layer:
kernel
fs_search_nfs(
domain
)
Search directories on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_search_nfsd_fs(
domain
)
Search NFS server directories.
Module:
filesystem
Layer:
kernel
fs_search_ramfs(
domain
)
Search directories on a ramfs
Module:
filesystem
Layer:
kernel
fs_search_removable(
domain
)
Search removable storage directories.
Module:
filesystem
Layer:
kernel
fs_search_rpc(
domain
)
Search directories of RPC file system pipes.
Module:
filesystem
Layer:
kernel
fs_search_tmpfs(
domain
)
Search tmpfs directories.
Module:
filesystem
Layer:
kernel
fs_set_all_quotas(
domain
)
Set the quotas of all filesystems.
Module:
filesystem
Layer:
kernel
fs_set_xattr_fs_quotas(
domain
)
Set the filesystem quotas of a filesystem
with extended attributes.
Module:
filesystem
Layer:
kernel
fs_setattr_tmpfs_dirs(
domain
)
Set the attributes of tmpfs directories.
Module:
filesystem
Layer:
kernel
fs_type(
domain
)
Transform specified type into a filesystem type.
Module:
filesystem
Layer:
kernel
fs_unconfined(
domain
)
Unconfined access to filesystems
Module:
filesystem
Layer:
kernel
fs_unmount_autofs(
domain
)
Unmount an automount pseudo filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_cifs(
domain
)
Unmount a CIFS or SMB network filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_dos_fs(
domain
)
Unmount a DOS filesystem, such as
FAT32 or NTFS.
Module:
filesystem
Layer:
kernel
fs_unmount_iso9660_fs(
domain
)
Unmount an iso9660 filesystem, which
is usually used on CDs.
Module:
filesystem
Layer:
kernel
fs_unmount_nfs(
domain
)
Unmount a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_nfsd_fs(
domain
)
Unmount a NFS server pseudo filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_ramfs(
domain
)
Unmount a RAM filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_romfs(
domain
)
Unmount a ROM filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_rpc_pipefs(
domain
)
Unmount a RPC pipe filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_tmpfs(
domain
)
Unmount a tmpfs filesystem.
Module:
filesystem
Layer:
kernel
fs_unmount_xattr_fs(
domain
)
Unmount a persistent filesystem which
has extended attributes, such as
ext3, JFS, or XFS.
Module:
filesystem
Layer:
kernel
fs_write_nfs_files(
domain
)
Read files on a NFS filesystem.
Module:
filesystem
Layer:
kernel
fs_write_ramfs_pipes(
domain
)
Write to named pipe on a ramfs filesystem.
Module:
filesystem
Layer:
kernel
fs_write_ramfs_sockets(
domain
)
Write to named socket on a ramfs filesystem.
Module:
fstools
Layer:
system
fstools_domtrans(
domain
)
Execute fs tools in the fstools domain.
Module:
fstools
Layer:
system
fstools_exec(
domain
)
Execute fsadm in the caller domain.
Module:
fstools
Layer:
system
fstools_manage_entry_files(
domain
)
Create, read, write, and delete a file used by the
filesystem tools programs.
Module:
fstools
Layer:
system
fstools_relabelto_entry_files(
domain
)
Relabel a file to the type used by the
filesystem tools programs.
Module:
fstools
Layer:
system
fstools_run(
domain
,
role
,
terminal
)
Execute fs tools in the fstools domain, and
allow the specified role the fs tools domain.
Module:
ftp
Layer:
services
ftp_check_exec(
domain
)
Execute FTP daemon entry point programs.
Module:
ftp
Layer:
services
ftp_tcp_connect(
domain
)
Use ftp by connecting over TCP.
Module:
getty
Layer:
system
getty_domtrans(
domain
)
Execute gettys in the getty domain.
Module:
getty
Layer:
system
getty_read_config(
domain
)
Allow process to read getty config file.
Module:
getty
Layer:
system
getty_read_log(
domain
)
Allow process to read getty log file.
Module:
getty
Layer:
system
getty_rw_config(
domain
)
Allow process to edit getty config file.
Module:
getty
Layer:
system
getty_use_fds(
domain
)
Inherit and use getty file descriptors.
Module:
gpm
Layer:
services
gpm_dontaudit_getattr_gpmctl(
domain
)
Do not audit attempts to get the
attributes of the GPM control channel
named socket.
Module:
gpm
Layer:
services
gpm_getattr_gpmctl(
domain
)
Get the attributes of the GPM
control channel named socket.
Module:
gpm
Layer:
services
gpm_setattr_gpmctl(
domain
)
Set the attributes of the GPM
control channel named socket.
Module:
gpm
Layer:
services
gpm_stream_connect(
domain
)
Connect to GPM over a unix domain
stream socket.
Module:
hal
Layer:
services
hal_dbus_chat(
domain
)
Send and receive messages from
hal over dbus.
Module:
hal
Layer:
services
hal_dbus_send(
domain
)
Send a dbus message to hal.
Module:
hal
Layer:
services
hal_dgram_send(
domain
)
Send to hal over a unix domain
datagram socket.
Module:
hal
Layer:
services
hal_domtrans(
domain
)
Execute hal in the hal domain.
Module:
hal
Layer:
services
hal_stream_connect(
domain
)
Send to hal over a unix domain
stream socket.
Module:
hostname
Layer:
system
hostname_domtrans(
domain
)
Execute hostname in the hostname domain.
Module:
hostname
Layer:
system
hostname_exec(
domain
)
Execute hostname in the caller domain.
Module:
hostname
Layer:
system
hostname_run(
domain
,
role
,
terminal
)
Execute hostname in the hostname domain, and
allow the specified role the hostname domain.
Module:
hotplug
Layer:
system
hotplug_dontaudit_search_config(
?
)
Module:
hotplug
Layer:
system
hotplug_getattr_config_dirs(
domain
)
Get the attributes of the hotplug configuration directory.
Module:
hotplug
Layer:
system
hotplug_read_config(
domain
)
Read the configuration files for hotplug.
Module:
hotplug
Layer:
system
hotplug_search_config(
domain
)
Search the hotplug configuration directory.
Module:
howl
Layer:
services
howl_signal(
domain
)
Send generic signals to howl.
Module:
i18n_input
Layer:
services
i18n_use(
domain
)
Use i18n_input over a TCP connection.
Module:
inetd
Layer:
services
inetd_core_service_domain(
domain
,
entrypoint
)
Define the specified domain as a inetd service.
Module:
inetd
Layer:
services
inetd_domtrans_child(
domain
)
Run inetd child process in the inet child domain
Module:
inetd
Layer:
services
inetd_rw_tcp_sockets(
domain
)
Read and write inetd TCP sockets.
Module:
inetd
Layer:
services
inetd_service_domain(
domain
,
entrypoint
)
Define the specified domain as a TCP and UDP inetd service.
Module:
inetd
Layer:
services
inetd_tcp_connect(
domain
)
Connect to the inetd service using a TCP connection.
Module:
inetd
Layer:
services
inetd_tcp_service_domain(
domain
,
entrypoint
)
Define the specified domain as a TCP inetd service.
Module:
inetd
Layer:
services
inetd_udp_send(
domain
)
Send UDP network traffic to inetd.
Module:
inetd
Layer:
services
inetd_udp_service_domain(
domain
,
entrypoint
)
Define the specified domain as a UDP inetd service.
Module:
inetd
Layer:
services
inetd_use_fds(
domain
)
Inherit and use file descriptors from inetd.
Module:
init
Layer:
system
init_daemon_domain(
domain
,
entry_point
)
Create a domain for long running processes
(daemons) which can be started by init scripts.
Module:
init
Layer:
system
init_dbus_chat_script(
domain
)
Send and receive messages from
init scripts over dbus.
Module:
init
Layer:
system
init_domain(
domain
,
entry_point
)
Create a domain which can be started by init.
Module:
init
Layer:
system
init_domtrans_script(
?
)
Module:
init
Layer:
system
init_dontaudit_getattr_initctl(
?
)
Module:
init
Layer:
system
init_dontaudit_lock_utmp(
domain
)
Do not audit attempts to lock
init script pid files.
Module:
init
Layer:
system
init_dontaudit_rw_initctl(
?
)
Module:
init
Layer:
system
init_dontaudit_rw_utmp(
?
)
Module:
init
Layer:
system
init_dontaudit_stream_connect_script(
domain
)
Dont audit the specified domain connecting to
init scripts with a unix domain stream socket.
Module:
init
Layer:
system
init_dontaudit_use_fds(
?
)
Module:
init
Layer:
system
init_dontaudit_use_script_fds(
?
)
Module:
init
Layer:
system
init_dontaudit_use_script_ptys(
domain
)
Do not audit attempts to read and
write the init script pty.
Module:
init
Layer:
system
init_dontaudit_write_utmp(
?
)
Module:
init
Layer:
system
init_exec(
domain
)
Execute the init program in the caller domain.
Module:
init
Layer:
system
init_exec_script_files(
?
)
Module:
init
Layer:
system
init_getattr_initctl(
?
)
Module:
init
Layer:
system
init_getattr_script_files(
domain
)
Get the attribute of init script entrypoint files.
Module:
init
Layer:
system
init_getattr_utmp(
domain
)
Get the attributes of init script process id files.
Module:
init
Layer:
system
init_getpgid_script(
?
)
Module:
init
Layer:
system
init_manage_utmp(
domain
)
Create, read, write, and delete utmp.
Module:
init
Layer:
system
init_read_script_files(
domain
)
Module:
init
Layer:
system
init_read_script_state(
domain
)
Read the process state (/proc/pid) of the init scripts.
Module:
init
Layer:
system
init_run_daemon(
domain
,
role
,
terminal
)
Start and stop daemon programs directly.
Module:
init
Layer:
system
init_rw_script_pipes(
domain
)
Read and write init script unnamed pipes.
Module:
init
Layer:
system
init_rw_script_tmp_files(
domain
)
Read and write init script temporary data.
Module:
init
Layer:
system
init_script_file_domtrans(
source_domain
,
target_domain
)
Execute a init script in a specified domain.
Module:
init
Layer:
system
init_script_file_entry_type(
domain
)
Make init scripts an entry point for
the specified domain.
Module:
init
Layer:
system
init_script_tmp_filetrans(
domain
,
file_type
,
object_class
)
Create files in a init script
temporary data directory.
Module:
init
Layer:
system
init_sigchld(
domain
)
Send init a SIGCHLD signal.
Module:
init
Layer:
system
init_sigchld_script(
domain
)
Send SIGCHLD signals to init scripts.
Module:
init
Layer:
system
init_signal_script(
domain
)
Send generic signals to init scripts.
Module:
init
Layer:
system
init_signull_script(
domain
)
Send null signals to init scripts.
Module:
init
Layer:
system
init_stream_connect_script(
domain
)
Allow the specified domain to connect to
init scripts with a unix socket.
Module:
init
Layer:
system
init_system_domain(
domain
,
entry_point
)
Create a domain for short running processes
which can be started by init scripts.
Module:
init
Layer:
system
init_udp_send(
domain
)
Send UDP network traffic to init.
Module:
init
Layer:
system
init_udp_send_script(
domain
)
Send UDP network traffic to init scripts.
Module:
init
Layer:
system
init_use_script_fds(
?
)
Module:
init
Layer:
system
init_use_script_ptys(
domain
)
Read and write the init script pty.
Module:
init
Layer:
system
init_write_initctl(
?
)
Module:
init
Layer:
system
init_write_script_pipes(
domain
)
Write an init script unnamed pipe.
Module:
inn
Layer:
services
inn_dgram_send(
domain
)
Send to a innd unix dgram socket.
Module:
inn
Layer:
services
inn_exec(
domain
)
Allow the specified domain to execute innd
in the caller domain.
Module:
inn
Layer:
services
inn_exec_config(
domain
)
Allow the specified domain to execute
inn configuration files in /etc.
Module:
inn
Layer:
services
inn_manage_log(
domain
)
Create, read, write, and delete the innd log.
Module:
inn
Layer:
services
inn_manage_pid(
domain
)
Create, read, write, and delete the innd pid files.
Module:
inn
Layer:
services
inn_read_config(
domain
)
Read innd configuration files.
Module:
inn
Layer:
services
inn_read_news_lib(
domain
)
Read innd news library files.
Module:
inn
Layer:
services
inn_read_news_spool(
domain
)
Read innd news library files.
Module:
ipsec
Layer:
system
ipsec_domtrans(
domain
)
Execute ipsec in the ipsec domain.
Module:
ipsec
Layer:
system
ipsec_exec_mgmt(
domain
)
Execute the IPSEC management program in the caller domain.
Module:
ipsec
Layer:
system
ipsec_getattr_key_sockets(
domain
)
Get the attributes of an IPSEC key socket.
Module:
ipsec
Layer:
system
ipsec_manage_pid(
domain
)
Create, read, write, and delete the IPSEC pid files.
Module:
ipsec
Layer:
system
ipsec_read_config(
domain
)
Read the IPSEC configuration
Module:
ipsec
Layer:
system
ipsec_stream_connect(
domain
)
Connect to IPSEC using a unix domain stream socket.
Module:
iptables
Layer:
system
iptables_domtrans(
domain
)
Execute iptables in the iptables domain.
Module:
iptables
Layer:
system
iptables_exec(
domain
)
Execute iptables in the caller domain.
Module:
iptables
Layer:
system
iptables_run(
domain
,
role
,
terminal
)
Execute iptables in the iptables domain, and
allow the specified role the iptables domain.
Module:
java
Layer:
apps
java_domtrans(
domain
)
Execute the java program in the java domain.
Module:
kerberos
Layer:
services
kerberos_dontaudit_write_config(
domain
)
Do not audit attempts to write the kerberos
configuration file (/etc/krb5.conf).
Module:
kerberos
Layer:
services
kerberos_read_config(
domain
)
Read the kerberos configuration file (/etc/krb5.conf).
Module:
kerberos
Layer:
services
kerberos_read_keytab(
domain
)
Read the kerberos key table.
Module:
kerberos
Layer:
services
kerberos_rw_config(
domain
)
Read and write the kerberos configuration file (/etc/krb5.conf).
Module:
kernel
Layer:
kernel
kernel_change_ring_buffer_level(
domain
)
Change the level of kernel messages logged to the console.
Module:
kernel
Layer:
kernel
kernel_clear_ring_buffer(
domain
)
Allows the caller to clear the ring buffer.
Module:
kernel
Layer:
kernel
kernel_dgram_send(
domain
)
Send messages to kernel unix datagram sockets.
Module:
kernel
Layer:
kernel
kernel_domtrans_to(
domain
,
entrypoint
)
Allows to start userland processes
by transitioning to the specified domain.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_core_if(
domain
)
Do not audit attempts to get the attributes of
core kernel interfaces.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_message_if(
domain
)
Do not audit attempts by caller to get the attributes of kernel
message interfaces.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_unlabeled_blk_files(
domain
)
Do not audit attempts by caller to get attributes for
unlabeled block devices.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_unlabeled_chr_files(
domain
)
Do not audit attempts by caller to get attributes for
unlabeled character devices.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_unlabeled_files(
domain
)
Do not audit attempts by caller to get the
attributes of an unlabeled file.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_unlabeled_pipes(
domain
)
Do not audit attempts by caller to get the
attributes of unlabeled named pipes.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_unlabeled_sockets(
domain
)
Do not audit attempts by caller to get the
attributes of unlabeled named sockets.
Module:
kernel
Layer:
kernel
kernel_dontaudit_getattr_unlabeled_symlinks(
domain
)
Do not audit attempts by caller to get the
attributes of unlabeled symbolic links.
Module:
kernel
Layer:
kernel
kernel_dontaudit_list_proc(
domain
)
Do not audit attempts to list the
contents of directories in /proc.
Module:
kernel
Layer:
kernel
kernel_dontaudit_list_unlabeled(
domain
)
Do not audit attempts to list unlabeled directories.
Module:
kernel
Layer:
kernel
kernel_dontaudit_read_proc_symlinks(
domain
)
Do not audit attempts by caller to
read system state information in proc.
Module:
kernel
Layer:
kernel
kernel_dontaudit_read_ring_buffer(
domain
)
Do not audit attempts to read the ring buffer.
Module:
kernel
Layer:
kernel
kernel_dontaudit_read_system_state(
domain
)
Do not audit attempts by caller to
read system state information in proc.
Module:
kernel
Layer:
kernel
kernel_dontaudit_read_unlabeled_files(
domain
)
Do not audit attempts by caller to
read an unlabeled file.
Module:
kernel
Layer:
kernel
kernel_dontaudit_search_kernel_sysctl(
domain
)
Do not audit attempts to search generic kernel sysctls.
Module:
kernel
Layer:
kernel
kernel_dontaudit_search_network_state(
domain
)
Do not audit attempts to search the network
state directory.
Module:
kernel
Layer:
kernel
kernel_dontaudit_search_network_sysctl(
domain
)
Do not audit attempts by caller to search network sysctl directories.
Module:
kernel
Layer:
kernel
kernel_dontaudit_search_sysctl(
domain
)
Do not audit attempts by caller to search
the base directory of sysctls.
Module:
kernel
Layer:
kernel
kernel_dontaudit_use_fds(
domain
)
Do not audit attempts to use
kernel file descriptors.
Module:
kernel
Layer:
kernel
kernel_dontaudit_write_kernel_sysctl(
domain
)
Do not audit attempts to write generic kernel sysctls.
Module:
kernel
Layer:
kernel
kernel_get_sysvipc_info(
domain
)
Get information on all System V IPC objects.
Module:
kernel
Layer:
kernel
kernel_getattr_core_if(
domain
)
Allows caller to get attribues of core kernel interface.
Module:
kernel
Layer:
kernel
kernel_getattr_debugfs(
domain
)
Get the attributes of a kernel debugging filesystem.
Module:
kernel
Layer:
kernel
kernel_getattr_message_if(
domain
)
Allow caller to get the attributes of kernel message
interface (/proc/kmsg).
Module:
kernel
Layer:
kernel
kernel_getattr_proc(
domain
)
Get the attributes of the proc filesystem.
Module:
kernel
Layer:
kernel
kernel_getattr_proc_files(
domain
)
Get the attributes of files in /proc.
Module:
kernel
Layer:
kernel
kernel_kill_unlabeled(
domain
)
Send a kill signal to unlabeled processes.
Module:
kernel
Layer:
kernel
kernel_list_proc(
domain
)
List the contents of directories in /proc.
Module:
kernel
Layer:
kernel
kernel_list_unlabeled(
domain
)
List unlabeled directories.
Module:
kernel
Layer:
kernel
kernel_load_module(
domain
)
Allows caller to load kernel modules
Module:
kernel
Layer:
kernel
kernel_mount_debugfs(
domain
)
Mount a kernel debugging filesystem.
Module:
kernel
Layer:
kernel
kernel_read_all_sysctls(
domain
)
Allow caller to read all sysctls.
Module:
kernel
Layer:
kernel
kernel_read_debugfs(
domain
)
Read information from the debugging filesystem.
Module:
kernel
Layer:
kernel
kernel_read_device_sysctls(
domain
)
Allow caller to read the device sysctls.
Module:
kernel
Layer:
kernel
kernel_read_fs_sysctls(
domain
)
Module:
kernel
Layer:
kernel
kernel_read_hotplug_sysctls(
domain
)
Module:
kernel
Layer:
kernel
kernel_read_irq_sysctls(
domain
)
Module:
kernel
Layer:
kernel
kernel_read_kernel_sysctls(
domain
)
Read generic kernel sysctls.
Module:
kernel
Layer:
kernel
kernel_read_messages(
domain
)
Allow caller to read kernel messages
using the /proc/kmsg interface.
Module:
kernel
Layer:
kernel
kernel_read_modprobe_sysctls(
domain
)
Read the modprobe sysctl.
Module:
kernel
Layer:
kernel
kernel_read_net_sysctls(
domain
)
Allow caller to read network sysctls.
Module:
kernel
Layer:
kernel
kernel_read_network_state(
domain
)
Allow caller to read the network state information.
Module:
kernel
Layer:
kernel
kernel_read_network_state_symlinks(
domain
)
Allow caller to read the network state symbolic links.
Module:
kernel
Layer:
kernel
kernel_read_proc_symlinks(
domain
)
Read symbolic links in /proc.
Module:
kernel
Layer:
kernel
kernel_read_ring_buffer(
domain
)
Allows caller to read the ring buffer.
Module:
kernel
Layer:
kernel
kernel_read_software_raid_state(
domain
)
Allow caller to read the state information for software raid.
Module:
kernel
Layer:
kernel
kernel_read_sysctl(
domain
)
Allow access to read sysctl directories.
Module:
kernel
Layer:
kernel
kernel_read_system_state(
domain
)
Allows caller to read system state information in proc.
Module:
kernel
Layer:
kernel
kernel_read_unix_sysctls(
domain
)
Allow caller to read unix domain
socket sysctls.
Module:
kernel
Layer:
kernel
kernel_read_vm_sysctls(
domain
)
Allow caller to read virtual memory sysctls.
Module:
kernel
Layer:
kernel
kernel_relabelfrom_unlabeled_dirs(
domain
)
Allow caller to relabel unlabeled directories.
Module:
kernel
Layer:
kernel
kernel_relabelfrom_unlabeled_files(
domain
)
Allow caller to relabel unlabeled files.
Module:
kernel
Layer:
kernel
kernel_relabelfrom_unlabeled_pipes(
domain
)
Allow caller to relabel unlabeled named pipes.
Module:
kernel
Layer:
kernel
kernel_relabelfrom_unlabeled_sockets(
domain
)
Allow caller to relabel unlabeled named sockets.
Module:
kernel
Layer:
kernel
kernel_relabelfrom_unlabeled_symlinks(
domain
)
Allow caller to relabel unlabeled symbolic links.
Module:
kernel
Layer:
kernel
kernel_remount_debugfs(
domain
)
Remount a kernel debugging filesystem.
Module:
kernel
Layer:
kernel
kernel_rootfs_mountpoint(
directory_type
)
Allows the kernel to mount filesystems on
the specified directory type.
Module:
kernel
Layer:
kernel
kernel_rw_all_sysctls(
domain
)
Read and write all sysctls.
Module:
kernel
Layer:
kernel
kernel_rw_device_sysctls(
domain
)
Read and write device sysctls.
Module:
kernel
Layer:
kernel
kernel_rw_fs_sysctls(
domain
)
Read and write fileystem sysctls.
Module:
kernel
Layer:
kernel
kernel_rw_hotplug_sysctls(
domain
)
Read and write the hotplug sysctl.
Module:
kernel
Layer:
kernel
kernel_rw_irq_sysctls(
domain
)
Read and write IRQ sysctls.
Module:
kernel
Layer:
kernel
kernel_rw_kernel_sysctl(
domain
)
Read and write generic kernel sysctls.
Module:
kernel
Layer:
kernel
kernel_rw_modprobe_sysctls(
domain
)
Read and write the modprobe sysctl.
Module:
kernel
Layer:
kernel
kernel_rw_net_sysctls(
domain
)
Allow caller to modiry contents of sysctl network files.
Module:
kernel
Layer:
kernel
kernel_rw_pipes(
domain
)
Read and write kernel unnamed pipes.
Module:
kernel
Layer:
kernel
kernel_rw_software_raid_state(
domain
)
Allow caller to read and set the state information for software raid.
Module:
kernel
Layer:
kernel
kernel_rw_unix_dgram_sockets(
domain
)
Read and write kernel unix datagram sockets.
Module:
kernel
Layer:
kernel
kernel_rw_unix_sysctls(
domain
)
Read and write unix domain
socket sysctls.
Module:
kernel
Layer:
kernel
kernel_rw_unlabeled_blk_files(
domain
)
Read and write unlabeled block device nodes.
Module:
kernel
Layer:
kernel
kernel_rw_unlabeled_dirs(
domain
)
Read and write unlabeled directories.
Module:
kernel
Layer:
kernel
kernel_rw_vm_sysctls(
domain
)
Read and write virtual memory sysctls.
Module:
kernel
Layer:
kernel
kernel_search_debugfs(
domain
)
Search the contents of a kernel debugging filesystem.
Module:
kernel
Layer:
kernel
kernel_search_network_state(
domain
)
Allow searching of network state directory.
Module:
kernel
Layer:
kernel
kernel_search_network_sysctl(
domain
)
Search network sysctl directories.
Module:
kernel
Layer:
kernel
kernel_search_proc(
domain
)
Search directories in /proc.
Module:
kernel
Layer:
kernel
kernel_search_vm_sysctl(
domain
)
Allow caller to search virtual memory sysctls.
Module:
kernel
Layer:
kernel
kernel_sendrecv_unlabeled_association(
domain
)
Send and receive messages from an
unlabeled IPSEC association.
Module:
kernel
Layer:
kernel
kernel_setpgid(
domain
)
Set the process group of kernel threads.
Module:
kernel
Layer:
kernel
kernel_share_state(
domain
)
Allows the kernel to share state information with
the caller.
Module:
kernel
Layer:
kernel
kernel_sigchld(
domain
)
Send a SIGCHLD signal to kernel threads.
Module:
kernel
Layer:
kernel
kernel_sigchld_unlabeled(
domain
)
Send a child terminated signal to unlabeled processes.
Module:
kernel
Layer:
kernel
kernel_signal(
domain
)
Send a generic signal to kernel threads.
Module:
kernel
Layer:
kernel
kernel_signal_unlabeled(
domain
)
Send general signals to unlabeled processes.
Module:
kernel
Layer:
kernel
kernel_signull_unlabeled(
domain
)
Send a null signal to unlabeled processes.
Module:
kernel
Layer:
kernel
kernel_sigstop_unlabeled(
domain
)
Send a stop signal to unlabeled processes.
Module:
kernel
Layer:
kernel
kernel_tcp_recvfrom(
domain
)
Receive messages from kernel TCP sockets.
Module:
kernel
Layer:
kernel
kernel_udp_recvfrom(
domain
)
Receive messages from kernel UDP sockets.
Module:
kernel
Layer:
kernel
kernel_udp_send(
domain
)
Send UDP network traffic to the kernel.
Module:
kernel
Layer:
kernel
kernel_unconfined(
domain
)
Unconfined access to kernel module resources.
Module:
kernel
Layer:
kernel
kernel_unmount_debugfs(
domain
)
Unmount a kernel debugging filesystem.
Module:
kernel
Layer:
kernel
kernel_use_fds(
domain
)
Permits caller to use kernel file descriptors.
Module:
kernel
Layer:
kernel
kernel_write_proc_files(
domain
)
Write to generic proc entries.
Module:
kudzu
Layer:
admin
kudzu_domtrans(
domain
)
Execute kudzu in the kudzu domain.
Module:
kudzu
Layer:
admin
kudzu_getattr_exec_files(
domain
)
Get attributes of kudzu executable.
Module:
kudzu
Layer:
admin
kudzu_run(
domain
,
role
,
terminal
)
Execute kudzu in the kudzu domain, and
allow the specified role the kudzu domain.
Module:
ldap
Layer:
services
ldap_list_db(
domain
)
Read the contents of the OpenLDAP
database directories.
Module:
ldap
Layer:
services
ldap_read_config(
domain
)
Read the OpenLDAP configuration files.
Module:
ldap
Layer:
services
ldap_use(
domain
)
Use LDAP over TCP connection.
Module:
libraries
Layer:
system
libs_delete_lib_symlinks(
domain
)
Delete generic symlinks in library directories.
Module:
libraries
Layer:
system
libs_domtrans_ldconfig(
domain
)
Execute ldconfig in the ldconfig domain.
Module:
libraries
Layer:
system
libs_exec_ld_so(
domain
)
Execute the dynamic link/loader in the caller's domain.
Module:
libraries
Layer:
system
libs_exec_lib_files(
domain
)
Execute library scripts in the caller domain.
Module:
libraries
Layer:
system
libs_legacy_use_ld_so(
domain
)
Use the dynamic link/loader for automatic loading
of shared libraries with legacy support.
Module:
libraries
Layer:
system
libs_legacy_use_shared_libs(
domain
)
Load and execute functions from shared libraries,
with legacy support.
Module:
libraries
Layer:
system
libs_manage_ld_so(
domain
)
Create, read, write, and delete the
dynamic link/loader.
Module:
libraries
Layer:
system
libs_manage_lib_files(
domain
)
Create, read, write, and delete generic
files in library directories.
Module:
libraries
Layer:
system
libs_manage_shared_libs(
domain
)
Create, read, write, and delete shared libraries.
Module:
libraries
Layer:
system
libs_read_lib_files(
domain
)
Read files in the library directories, such
as static libraries.
Module:
libraries
Layer:
system
libs_relabel_ld_so(
domain
)
Relabel to and from the type used for
the dynamic link/loader.
Module:
libraries
Layer:
system
libs_relabel_lib_files(
domain
)
Relabel to and from the type used
for generic lib files.
Module:
libraries
Layer:
system
libs_relabel_shared_libs(
domain
)
Relabel to and from the type used for
shared libraries.
Module:
libraries
Layer:
system
libs_relabelto_lib_files(
domain
)
Relabel files to the type used in library directories.
Module:
libraries
Layer:
system
libs_run_ldconfig(
domain
,
role
,
terminal
)
Execute ldconfig in the ldconfig domain.
Module:
libraries
Layer:
system
libs_rw_ld_so_cache(
domain
)
Modify the dynamic link/loader's cached listing
of shared libraries.
Module:
libraries
Layer:
system
libs_use_ld_so(
domain
)
Use the dynamic link/loader for automatic loading
of shared libraries.
Module:
libraries
Layer:
system
libs_use_lib_files(
domain
)
Load and execute functions from generic
lib files as shared libraries.
Module:
libraries
Layer:
system
libs_use_shared_libs(
domain
)
Load and execute functions from shared libraries.
Module:
loadkeys
Layer:
apps
loadkeys_domtrans(
domain
)
Execute the loadkeys program in the loadkeys domain.
Module:
loadkeys
Layer:
apps
loadkeys_exec(
domain
)
Execute the loadkeys program in the caller domain.
Module:
loadkeys
Layer:
apps
loadkeys_run(
domain
,
role
,
terminal
)
Execute the loadkeys program in the loadkeys domain.
Module:
locallogin
Layer:
system
locallogin_domtrans(
domain
)
Execute local logins in the local login domain.
Module:
locallogin
Layer:
system
locallogin_dontaudit_use_fds(
domain
)
Do not audit attempts to inherit local login file descriptors.
Module:
locallogin
Layer:
system
locallogin_signull(
domain
)
Send a null signal to local login processes.
Module:
locallogin
Layer:
system
locallogin_use_fds(
domain
)
Allow processes to inherit local login file descriptors.
Module:
logging
Layer:
system
logging_domtrans_auditctl(
domain
)
Execute auditctl in the auditctl domain.
Module:
logging
Layer:
system
logging_domtrans_syslog(
domain
)
Execute syslogd in the syslog domain.
Module:
logging
Layer:
system
logging_dontaudit_getattr_all_logs(
?
)
Module:
logging
Layer:
system
logging_exec_all_logs(
domain
)
Execute all log files in the caller domain.
Module:
logging
Layer:
system
logging_list_logs(
domain
)
List the contents of the generic log directory (/var/log).
Module:
logging
Layer:
system
logging_log_file(
file_type
)
Make the specified type a file
used for logs.
Module:
logging
Layer:
system
logging_manage_generic_logs(
domain
)
Create, read, write, and delete
generic log files.
Module:
logging
Layer:
system
logging_read_audit_config(
domain
)
Read the auditd configuration files.
Module:
logging
Layer:
system
logging_rw_generic_log_dirs(
domain
)
Read and write the generic log directory (/var/log).
Module:
logging
Layer:
system
logging_rw_generic_logs(
domain
)
Read and write generic log files.
Module:
logging
Layer:
system
logging_search_logs(
domain
)
Allows the domain to open a file in the
log directory, but does not allow the listing
of the contents of the log directory.
Module:
logrotate
Layer:
admin
logrotate_domtrans(
domain
)
Execute logrotate in the logrotate domain.
Module:
logrotate
Layer:
admin
logrotate_dontaudit_use_fds(
domain
)
Do not audit attempts to inherit logrotate file descriptors.
Module:
logrotate
Layer:
admin
logrotate_exec(
domain
)
Execute logrotate in the caller domain.
Module:
logrotate
Layer:
admin
logrotate_read_tmp_files(
domain
)
Read a logrotate temporary files.
Module:
logrotate
Layer:
admin
logrotate_run(
domain
,
role
,
terminal
)
Execute logrotate in the logrotate domain, and
allow the specified role the logrotate domain.
Module:
logrotate
Layer:
admin
logrotate_use_fds(
domain
)
Inherit and use logrotate file descriptors.
Module:
logwatch
Layer:
admin
logwatch_read_tmp_files(
domain
)
Read logwatch temporary files.
Module:
lpd
Layer:
services
lpd_domtrans_checkpc(
domain
)
Execute lpd in the lpd domain.
Module:
lpd
Layer:
services
lpd_list_spool(
domain
)
List the contents of the printer spool directories.
Module:
lpd
Layer:
services
lpd_manage_spool(
domain
)
Create, read, write, and delete printer spool files.
Module:
lpd
Layer:
services
lpd_read_config(
domain
)
List the contents of the printer spool directories.
Module:
lpd
Layer:
services
lpd_run_checkpc(
domain
,
role
,
terminal
)
Execute amrecover in the lpd domain, and
allow the specified role the lpd domain.
Module:
lvm
Layer:
system
lvm_domtrans(
domain
)
Execute lvm programs in the lvm domain.
Module:
lvm
Layer:
system
lvm_read_config(
domain
)
Read LVM configuration files.
Module:
lvm
Layer:
system
lvm_run(
domain
,
role
,
terminal
)
Execute lvm programs in the lvm domain.
Module:
mailman
Layer:
services
mailman_domtrans(
domain
)
Execute mailman in the mailman domain.
Module:
mailman
Layer:
services
mailman_domtrans_cgi(
domain
)
Execute mailman CGI scripts in the
mailman CGI domain.
Module:
mailman
Layer:
services
mailman_exec(
domain
)
Execute mailman in the caller domain.
Module:
mailman
Layer:
services
mailman_list_data(
domain
)
List the contents of mailman data directories.
Module:
mailman
Layer:
services
mailman_manage_log(
domain
)
Create, read, write, and delete
mailman logs.
Module:
mailman
Layer:
services
mailman_read_archive(
domain
)
Allow domain to read mailman archive files.
Module:
mailman
Layer:
services
mailman_read_data_symlinks(
domain
)
Allow read acces to mailman data symbolic links.
Module:
mailman
Layer:
services
mailman_search_data(
domain
)
Allow domain to search data directories.
Module:
mailman
Layer:
services
mailman_signal_cgi(
domain
)
Send generic signals to the mailman cgi domain.
Module:
mcs
Layer:
kernel
mcs_killall(
domain
)
This domain is allowed to sigkill and sigstop
all domains regardless of their MCS level.
Module:
miscfiles
Layer:
system
miscfiles_dontaudit_search_man_pages(
domain
)
Do not audit attempts to search man pages.
Module:
miscfiles
Layer:
system
miscfiles_exec_tetex_data(
domain
)
Execute TeX data programs in the caller domain.
Module:
miscfiles
Layer:
system
miscfiles_legacy_read_localization(
domain
)
Allow process to read legacy time localization info
Module:
miscfiles
Layer:
system
miscfiles_manage_fonts(
domain
)
Create, read, write, and delete fonts.
Module:
miscfiles
Layer:
system
miscfiles_manage_man_pages(
domain
)
Create, read, write, and delete man pages
Module:
miscfiles
Layer:
system
miscfiles_manage_public_files(
domain
)
Create, read, write, and delete public files
and directories used for file transfer services.
Module:
miscfiles
Layer:
system
miscfiles_read_certs(
domain
)
Read system SSL certificates.
Module:
miscfiles
Layer:
system
miscfiles_read_hwdata(
domain
)
Read hardware identification data.
Module:
miscfiles
Layer:
system
miscfiles_read_localization(
domain
)
Allow process to read localization info
Module:
miscfiles
Layer:
system
miscfiles_read_public_files(
domain
)
Read public files used for file
transfer services.
Module:
mls
Layer:
kernel
mls_file_downgrade(
domain
)
Make specified domain MLS trusted
for lowering the level of files.
Module:
mls
Layer:
kernel
mls_file_read_up(
domain
)
Make specified domain MLS trusted
for reading from files at higher levels.
Module:
mls
Layer:
kernel
mls_file_upgrade(
domain
)
Make specified domain MLS trusted
for raising the level of files.
Module:
mls
Layer:
kernel
mls_file_write_down(
domain
)
Make specified domain MLS trusted
for writing to files at lower levels.
Module:
mls
Layer:
kernel
mls_process_read_up(
domain
)
Make specified domain MLS trusted
for reading from processes at higher levels.
Module:
mls
Layer:
kernel
mls_process_set_level(
domain
)
Make specified domain MLS trusted
for setting the level of processes
it executes.
Module:
mls
Layer:
kernel
mls_process_write_down(
domain
)
Make specified domain MLS trusted
for writing to processes at lower levels.
Module:
mls
Layer:
kernel
mls_rangetrans_source(
domain
)
Allow the specified domain to do a MLS
range transition that changes
the current level.
Module:
mls
Layer:
kernel
mls_rangetrans_target(
domain
)
Make specified domain a target domain
for MLS range transitions that change
the current level.
Module:
mls
Layer:
kernel
mls_trusted_object(
domain
)
Make specified object MLS trusted.
Module:
modutils
Layer:
system
modutils_domtrans_depmod(
domain
)
Execute depmod in the depmod domain.
Module:
modutils
Layer:
system
modutils_domtrans_insmod(
domain
)
Execute insmod in the insmod domain.
Module:
modutils
Layer:
system
modutils_domtrans_insmod_uncond(
domain
)
Unconditionally execute insmod in the insmod domain.
Module:
modutils
Layer:
system
modutils_domtrans_update_mods(
domain
)
Execute depmod in the depmod domain.
Module:
modutils
Layer:
system
modutils_read_module_config(
domain
)
Read the configuration options used when
loading modules.
Module:
modutils
Layer:
system
modutils_read_module_deps(
domain
)
Read the dependencies of kernel modules.
Module:
modutils
Layer:
system
modutils_rename_module_config(
domain
)
Rename a file with the configuration options used when
loading modules.
Module:
modutils
Layer:
system
modutils_run_depmod(
domain
,
role
,
terminal
)
Execute depmod in the depmod domain.
Module:
modutils
Layer:
system
modutils_run_insmod(
domain
,
role
,
terminal
)
Execute insmod in the insmod domain, and
allow the specified role the insmod domain,
and use the caller's terminal. Has a sigchld
backchannel.
Module:
modutils
Layer:
system
modutils_run_update_mods(
domain
,
role
,
terminal
)
Execute update_modules in the update_modules domain.
Module:
mono
Layer:
apps
mono_domtrans(
domain
)
Execute the mono program in the mono domain.
Module:
mount
Layer:
system
mount_domtrans(
domain
)
Execute mount in the mount domain.
Module:
mount
Layer:
system
mount_exec(
domain
)
Execute mount in the caller domain.
Module:
mount
Layer:
system
mount_run(
domain
,
role
,
terminal
)
Execute mount in the mount domain, and
allow the specified role the mount domain,
and use the caller's terminal.
Module:
mount
Layer:
system
mount_send_nfs_client_request(
domain
)
Allow the mount domain to send nfs requests for mounting
network drives
Module:
mount
Layer:
system
mount_use_fds(
domain
)
Use file descriptors for mount.
Module:
mrtg
Layer:
admin
mrtg_append_create_logs(
domain
)
Create and append mrtg logs.
Module:
mta
Layer:
services
mta_append_spool(
domain
)
Create, read, and write the mail spool.
Module:
mta
Layer:
services
mta_delete_spool(
domain
)
Delete from the mail spool.
Module:
mta
Layer:
services
mta_dontaudit_getattr_spool_files(
?
)
Module:
mta
Layer:
services
mta_dontaudit_read_spool_symlinks(
domain
)
Do not audit attempts to read a symlink
in the mail spool.
Module:
mta
Layer:
services
mta_dontaudit_rw_delivery_tcp_sockets(
domain
)
Do not audit attempts to read and write TCP
sockets of mail delivery domains.
Module:
mta
Layer:
services
mta_dontaudit_rw_queue(
domain
)
Do not audit attempts to read and
write the mail queue.
Module:
mta
Layer:
services
mta_etc_filetrans_aliases(
domain
)
Type transition files created in /etc
to the mail address aliases type.
Module:
mta
Layer:
services
mta_mailserver_delivery(
domain
)
Make a type a mailserver type used
for delivering mail to local users.
Module:
mta
Layer:
services
mta_mailserver_sender(
domain
)
Make a type a mailserver type used
for sending mail.
Module:
mta
Layer:
services
mta_mailserver_user_agent(
domain
)
Make a type a mailserver type used
for sending mail on behalf of local
users to the local mail spool.
Module:
mta
Layer:
services
mta_read_aliases(
domain
)
Read mail address aliases.
Module:
mta
Layer:
services
mta_read_config(
domain
)
Read mail server configuration.
Module:
mta
Layer:
services
mta_read_sendmail_bin(
domain
)
Module:
mta
Layer:
services
mta_rw_user_mail_stream_sockets(
domain
)
Read and write unix domain stream sockets
of user mail domains.
Module:
mta
Layer:
services
mta_sendmail_mailserver(
domain
,
entry_point
)
Modified mailserver interface for
sendmail daemon use.
Module:
mta
Layer:
services
mta_spool_filetrans(
domain
,
private type
,
object
)
Create private objects in the
mail spool directory.
Module:
mta
Layer:
services
mta_stub(
domain
)
MTA stub interface. No access allowed.
Module:
mta
Layer:
services
mta_tcp_connect_all_mailservers(
domain
)
Connect to all mail servers over TCP.
Module:
mysql
Layer:
services
mysql_manage_db_dirs(
domain
)
Create, read, write, and delete MySQL database directories.
Module:
mysql
Layer:
services
mysql_read_config(
domain
)
Read MySQL configuration files.
Module:
mysql
Layer:
services
mysql_rw_db_dirs(
domain
)
Read and write to the MySQL database directory.
Module:
mysql
Layer:
services
mysql_rw_db_sockets(
domain
)
Read and write to the MySQL database
named socket.
Module:
mysql
Layer:
services
mysql_search_db(
domain
)
Search the directories that contain MySQL
database storage.
Module:
mysql
Layer:
services
mysql_signal(
domain
)
Send a generic signal to MySQL.
Module:
mysql
Layer:
services
mysql_stream_connect(
domain
)
Connect to MySQL using a unix domain stream socket.
Module:
netutils
Layer:
admin
netutils_domtrans(
domain
)
Execute network utilities in the netutils domain.
Module:
netutils
Layer:
admin
netutils_domtrans_ping(
domain
)
Execute ping in the ping domain.
Module:
netutils
Layer:
admin
netutils_domtrans_traceroute(
domain
)
Execute traceroute in the traceroute domain.
Module:
netutils
Layer:
admin
netutils_exec(
domain
)
Execute network utilities in the caller domain.
Module:
netutils
Layer:
admin
netutils_exec_ping(
domain
)
Execute ping in the caller domain.
Module:
netutils
Layer:
admin
netutils_exec_traceroute(
domain
)
Execute traceroute in the caller domain.
Module:
netutils
Layer:
admin
netutils_run(
domain
,
role
,
terminal
)
Execute network utilities in the netutils domain, and
allow the specified role the netutils domain.
Module:
netutils
Layer:
admin
netutils_run_ping(
domain
,
role
,
terminal
)
Execute ping in the ping domain, and
allow the specified role the ping domain.
Module:
netutils
Layer:
admin
netutils_run_ping_cond(
domain
,
role
,
terminal
)
Conditionally execute ping in the ping domain, and
allow the specified role the ping domain.
Module:
netutils
Layer:
admin
netutils_run_traceroute(
domain
,
role
,
terminal
)
Execute traceroute in the traceroute domain, and
allow the specified role the traceroute domain.
Module:
netutils
Layer:
admin
netutils_run_traceroute_cond(
domain
,
role
,
terminal
)
Conditionally execute traceroute in the traceroute domain, and
allow the specified role the traceroute domain.
Module:
networkmanager
Layer:
services
networkmanager_dbus_chat(
domain
)
Send and receive messages from
NetworkManager over dbus.
Module:
networkmanager
Layer:
services
networkmanager_rw_packet_sockets(
domain
)
Read and write NetworkManager packet sockets.
Module:
networkmanager
Layer:
services
networkmanager_rw_routing_sockets(
domain
)
Read and write NetworkManager netlink
routing sockets.
Module:
networkmanager
Layer:
services
networkmanager_rw_udp_sockets(
domain
)
Read and write NetworkManager UDP sockets.
Module:
nis
Layer:
services
nis_delete_ypbind_pid(
domain
)
Module:
nis
Layer:
services
nis_domtrans_ypbind(
domain
)
Execute ypbind in the ypbind domain.
Module:
nis
Layer:
services
nis_list_var_yp(
domain
)
List the contents of the NIS data directory.
Module:
nis
Layer:
services
nis_read_ypbind_pid(
domain
)
Module:
nis
Layer:
services
nis_read_ypserv_config(
domain
)
Read ypserv configuration files.
Module:
nis
Layer:
services
nis_signal_ypbind(
domain
)
Send generic signals to ypbind.
Module:
nis
Layer:
services
nis_tcp_connect_ypbind(
domain
)
Connect to ypbind over TCP.
Module:
nis
Layer:
services
nis_udp_send_ypbind(
domain
)
Send UDP network traffic to NIS clients.
Module:
nis
Layer:
services
nis_use_ypbind(
domain
)
Use the ypbind service to access NIS services.
Module:
nis
Layer:
services
nis_use_ypbind_uncond(
domain
)
Use the ypbind service to access NIS services
unconditionally.
Module:
nscd
Layer:
services
nscd_domtrans(
domain
)
Execute NSCD in the nscd domain.
Module:
nscd
Layer:
services
nscd_shm_use(
domain
)
Use NSCD services by mapping the database from
an inherited NSCD file descriptor.
Module:
nscd
Layer:
services
nscd_socket_use(
domain
)
Use NSCD services by connecting using
a unix stream socket.
Module:
nscd
Layer:
services
nscd_unconfined(
domain
)
Unconfined access to NSCD services.
Module:
ntp
Layer:
services
ntp_domtrans(
domain
)
Execute ntp server in the ntpd domain.
Module:
ntp
Layer:
services
ntp_domtrans_ntpdate(
domain
)
Execute ntp server in the ntpd domain.
Module:
ntp
Layer:
services
ntp_stub(
domain
)
NTP stub interface. No access allowed.
Module:
pcmcia
Layer:
system
pcmcia_domtrans_cardctl(
domain
)
Execute cardctl in the cardmgr domain.
Module:
pcmcia
Layer:
system
pcmcia_domtrans_cardmgr(
domain
)
Execute cardmgr in the cardmgr domain.
Module:
pcmcia
Layer:
system
pcmcia_manage_pid(
domain
)
Create, read, write, and delete
cardmgr pid files.
Module:
pcmcia
Layer:
system
pcmcia_manage_pid_chr_files(
domain
)
Create, read, write, and delete
cardmgr runtime character nodes.
Module:
pcmcia
Layer:
system
pcmcia_run_cardctl(
domain
,
role
,
terminal
)
Execute cardmgr in the cardctl domain, and
allow the specified role the cardmgr domain.
Module:
pcmcia
Layer:
system
pcmcia_stub(
domain
)
PCMCIA stub interface. No access allowed.
Module:
pcmcia
Layer:
system
pcmcia_use_cardmgr_fds(
domain
)
Inherit and use file descriptors from cardmgr.
Module:
portage
Layer:
admin
portage_domtrans(
domain
)
Execute emerge in the portage domain.
Module:
portage
Layer:
admin
portage_run(
domain
,
role
,
terminal
)
Execute emerge in the portage domain, and
allow the specified role the portage domain.
Module:
portmap
Layer:
services
portmap_domtrans_helper(
domain
)
Execute portmap_helper in the helper domain.
Module:
portmap
Layer:
services
portmap_run_helper(
domain
,
role
,
terminal
)
Execute portmap helper in the helper domain, and
allow the specified role the helper domain.
Communicate with portmap.
Module:
portmap
Layer:
services
portmap_tcp_connect(
domain
)
Connect to portmap over a TCP socket
Module:
portmap
Layer:
services
portmap_udp_chat(
domain
)
Send and receive UDP network traffic from portmap.
Module:
portmap
Layer:
services
portmap_udp_send(
domain
)
Send UDP network traffic to portmap.
Module:
postfix
Layer:
services
postfix_config_filetrans(
domain
,
private type
,
object
)
Create files with the specified type in
the postfix configuration directories.
Module:
postfix
Layer:
services
postfix_domtrans_map(
domain
)
Execute postfix_map in the postfix_map domain.
Module:
postfix
Layer:
services
postfix_domtrans_master(
domain
)
Execute the master postfix program in the
postfix_master domain.
Module:
postfix
Layer:
services
postfix_domtrans_user_mail_handler(
domain
)
Execute postfix user mail programs
in their respective domains.
Module:
postfix
Layer:
services
postfix_dontaudit_rw_local_tcp_sockets(
domain
)
Do not audit attempts to read and
write postfix local delivery
TCP sockets.
Module:
postfix
Layer:
services
postfix_dontaudit_use_fds(
domain
)
Do not audit attempts to use
postfix master process file
file descriptors.
Module:
postfix
Layer:
services
postfix_exec_master(
domain
)
Execute the master postfix program in the
caller domain.
Module:
postfix
Layer:
services
postfix_list_spool(
domain
)
List postfix mail spool directories.
Module:
postfix
Layer:
services
postfix_read_config(
domain
)
Read postfix configuration files.
Module:
postfix
Layer:
services
postfix_run_map(
domain
,
role
,
terminal
)
Execute postfix_map in the postfix_map domain, and
allow the specified role the postfix_map domain.
Module:
postfix
Layer:
services
postfix_search_spool(
domain
)
Search postfix mail spool directories.
Module:
postfix
Layer:
services
postfix_stub(
domain
)
Postfix stub interface. No access allowed.
Module:
postgresql
Layer:
services
postgresql_domtrans(
domain
)
Execute postgresql in the postgresql domain.
Module:
postgresql
Layer:
services
postgresql_manage_db(
domain
)
Allow the specified domain to manage postgresql's database.
Module:
postgresql
Layer:
services
postgresql_read_config(
domain
)
Allow the specified domain to read postgresql's etc.
Module:
postgresql
Layer:
services
postgresql_search_db(
domain
)
Allow the specified domain to search postgresql's database directory.
Module:
postgresql
Layer:
services
postgresql_stream_connect(
domain
)
Allow the specified domain to connect to postgresql with a unix socket.
Module:
postgresql
Layer:
services
postgresql_tcp_connect(
domain
)
Allow the specified domain to connect to postgresql with a tcp socket.
Module:
ppp
Layer:
services
ppp_domtrans(
domain
)
Execute domain in the ppp domain.
Module:
ppp
Layer:
services
ppp_dontaudit_use_fds(
domain
)
Do not audit attempts to inherit
and use PPP file discriptors.
Module:
ppp
Layer:
services
ppp_run(
domain
)
Unconditionally execute ppp daemon on behalf of a user or staff type.
Module:
ppp
Layer:
services
ppp_run_cond(
domain
)
Conditionally execute ppp daemon on behalf of a user or staff type.
Module:
ppp
Layer:
services
ppp_sigchld(
domain
)
Send a SIGCHLD signal to PPP.
Module:
ppp
Layer:
services
ppp_signal(
domain
)
Send a generic signal to PPP.
Module:
ppp
Layer:
services
ppp_use_fds(
domain
)
Use PPP file discriptors.
Module:
prelink
Layer:
admin
prelink_delete_cache(
file_type
)
Delete the prelink cache.
Module:
prelink
Layer:
admin
prelink_domtrans(
domain
)
Execute the prelink program in the prelink domain.
Module:
prelink
Layer:
admin
prelink_manage_log(
file_type
)
Create, read, write, and delete
prelink log files.
Module:
prelink
Layer:
admin
prelink_object_file(
file_type
)
Make the specified file type prelinkable.
Module:
prelink
Layer:
admin
prelink_read_cache(
file_type
)
Module:
procmail
Layer:
services
procmail_domtrans(
domain
)
Execute procmail with a domain transition.
Module:
procmail
Layer:
services
procmail_exec(
domain
)
Execute procmail in the caller domain.
Module:
quota
Layer:
admin
quota_domtrans(
domain
)
Execute quota management tools in the quota domain.
Module:
quota
Layer:
admin
quota_dontaudit_getattr_db(
domain
)
Do not audit attempts to get the attributes
of filesystem quota data files.
Module:
quota
Layer:
admin
quota_manage_flags(
?
)
Module:
quota
Layer:
admin
quota_run(
domain
,
role
,
terminal
)
Execute quota management tools in the quota domain, and
allow the specified role the quota domain.
Module:
radius
Layer:
services
radius_use(
domain
)
Use radius over a UDP connection.
Module:
raid
Layer:
system
raid_domtrans_mdadm(
domain
)
Execute software raid tools in the mdadm domain.
Module:
raid
Layer:
system
raid_manage_mdadm_pid(
domain
)
Create, read, write, and delete the mdadm pid files.
Module:
remotelogin
Layer:
services
remotelogin_domtrans(
domain
)
Domain transition to the remote login domain.
Module:
rlogin
Layer:
services
rlogin_domtrans(
domain
)
Execute rlogind in the rlogin domain.
Module:
rpc
Layer:
services
rpc_domtrans_nfsd(
domain
)
Execute domain in nfsd domain.
Module:
rpc
Layer:
services
rpc_dontaudit_getattr_exports(
domain
)
Do not audit attempts to get the attributes
of the NFS export file.
Module:
rpc
Layer:
services
rpc_manage_nfs_ro_content(
domain
)
Allow domain to create read and write NFS directories.
Module:
rpc
Layer:
services
rpc_manage_nfs_rw_content(
domain
)
Allow domain to create read and write NFS directories.
Module:
rpc
Layer:
services
rpc_read_exports(
domain
)
Allow read access to exports.
Module:
rpc
Layer:
services
rpc_search_nfs_state_data(
domain
)
Search NFS state data in /var/lib/nfs.
Module:
rpc
Layer:
services
rpc_udp_rw_nfs_sockets(
domain
)
Allow domain to read and write to an NFS UDP socket.
Module:
rpc
Layer:
services
rpc_udp_send(
domain
)
Send UDP network traffic to rpc and recieve UDP traffic from rpc.
Module:
rpc
Layer:
services
rpc_udp_send_nfs(
domain
)
Send UDP traffic to NFSd.
Module:
rpc
Layer:
services
rpc_write_exports(
domain
)
Allow write access to exports.
Module:
rpm
Layer:
admin
rpm_domtrans(
domain
)
Execute rpm programs in the rpm domain.
Module:
rpm
Layer:
admin
rpm_domtrans_script(
domain
)
Execute rpm_script programs in the rpm_script domain.
Module:
rpm
Layer:
admin
rpm_dontaudit_manage_db(
domain
)
Do not audit attempts to create, read,
write, and delete the RPM package database.
Module:
rpm
Layer:
admin
rpm_manage_db(
domain
)
Create, read, write, and delete the RPM package database.
Module:
rpm
Layer:
admin
rpm_manage_log(
domain
)
Create, read, write, and delete the RPM log.
Module:
rpm
Layer:
admin
rpm_read_db(
domain
)
Read the RPM package database.
Module:
rpm
Layer:
admin
rpm_read_pipes(
domain
)
Read from an unnamed RPM pipe.
Module:
rpm
Layer:
admin
rpm_run(
domain
,
role
,
terminal
)
Execute RPM programs in the RPM domain.
Module:
rpm
Layer:
admin
rpm_rw_pipes(
domain
)
Read and write an unnamed RPM pipe.
Module:
rpm
Layer:
admin
rpm_use_fds(
domain
)
Inherit and use file descriptors from RPM.
Module:
rpm
Layer:
admin
rpm_use_script_fds(
domain
)
Inherit and use file descriptors from RPM scripts.
Module:
rshd
Layer:
services
rshd_domtrans(
domain
)
Domain transition to rshd.
Module:
samba
Layer:
services
samba_domtrans_net(
domain
)
Execute samba net in the samba_net domain.
Module:
samba
Layer:
services
samba_domtrans_smbmount(
domain
)
Execute smbmount in the smbmount domain.
Module:
samba
Layer:
services
samba_domtrans_winbind_helper(
domain
)
Execute winbind_helper in the winbind_helper domain.
Module:
samba
Layer:
services
samba_exec_log(
domain
)
Execute samba log in the caller domain.
Module:
samba
Layer:
services
samba_read_config(
domain
)
Allow the specified domain to read
samba configuration files.
Module:
samba
Layer:
services
samba_read_log(
domain
)
Allow the specified domain to read samba's log files.
Module:
samba
Layer:
services
samba_read_secrets(
domain
)
Allow the specified domain to read samba's secrets.
Module:
samba
Layer:
services
samba_read_winbind_pid(
domain
)
Allow the specified domain to read the winbind pid files.
Module:
samba
Layer:
services
samba_run_net(
domain
,
role
,
terminal
)
Execute samba net in the samba_net domain, and
allow the specified role the samba_net domain.
Module:
samba
Layer:
services
samba_run_winbind_helper(
domain
,
role
,
terminal
)
Execute winbind_helper in the winbind_helper domain, and
allow the specified role the winbind_helper domain.
Module:
samba
Layer:
services
samba_rw_config(
domain
)
Allow the specified domain to read
and write samba configuration files.
Module:
samba
Layer:
services
samba_rw_smbmount_tcp_sockets(
domain
)
Allow the specified domain to read and write to smbmount tcp sockets.
Module:
samba
Layer:
services
samba_rw_var_files(
domain
)
Allow the specified domain to
read and write samba /var files.
Module:
samba
Layer:
services
samba_search_var(
domain
)
Allow the specified domain to search
samba /var directories.
Module:
samba
Layer:
services
samba_stream_connect_winbind(
domain
)
Module:
samba
Layer:
services
samba_write_smbmount_tcp_sockets(
domain
)
Allow the specified domain to write to smbmount tcp sockets.
Module:
selinux
Layer:
kernel
selinux_compute_access_vector(
domain
)
Allows caller to compute an access vector.
Module:
selinux
Layer:
kernel
selinux_compute_create_context(
domain
)
Calculate the default type for object creation.
Module:
selinux
Layer:
kernel
selinux_compute_member(
domain
)
Allows caller to compute polyinstatntiated
directory members.
Module:
selinux
Layer:
kernel
selinux_compute_relabel_context(
domain
)
Calculate the context for relabeling objects.
Module:
selinux
Layer:
kernel
selinux_compute_user_contexts(
domain
)
Allows caller to compute possible contexts for a user.
Module:
selinux
Layer:
kernel
selinux_dontaudit_getattr_dir(
domain
)
Do not audit attempts to get the
attributes of the selinuxfs directory.
Module:
selinux
Layer:
kernel
selinux_dontaudit_read_fs(
domain
)
Do not audit attempts to read
generic selinuxfs entries
Module:
selinux
Layer:
kernel
selinux_dontaudit_search_fs(
domain
)
Do not audit attempts to search selinuxfs.
Module:
selinux
Layer:
kernel
selinux_get_enforce_mode(
domain
)
Allows the caller to get the mode of policy enforcement
(enforcing or permissive mode).
Module:
selinux
Layer:
kernel
selinux_get_fs_mount(
domain
)
Gets the caller the mountpoint of the selinuxfs filesystem.
Module:
selinux
Layer:
kernel
selinux_load_policy(
domain
)
Allow caller to load the policy into the kernel.
Module:
selinux
Layer:
kernel
selinux_set_boolean(
domain
)
Allow caller to set the state of Booleans to
enable or disable conditional portions of the policy.
Module:
selinux
Layer:
kernel
selinux_set_enforce_mode(
domain
)
Allow caller to set the mode of policy enforcement
(enforcing or permissive mode).
Module:
selinux
Layer:
kernel
selinux_set_parameters(
domain
)
Allow caller to set SELinux access vector cache parameters.
Module:
selinux
Layer:
kernel
selinux_unconfined(
domain
)
Unconfined access to the SELinux kernel security server.
Module:
selinux
Layer:
kernel
selinux_validate_context(
domain
)
Allows caller to validate security contexts.
Module:
sendmail
Layer:
services
sendmail_create_log(
domain
)
Create sendmail logs with the correct type.
Module:
sendmail
Layer:
services
sendmail_domtrans(
domain
)
Domain transition to sendmail.
Module:
sendmail
Layer:
services
sendmail_manage_log(
domain
)
Create, read, write, and delete sendmail logs.
Module:
sendmail
Layer:
services
sendmail_rw_tcp_sockets(
domain
)
Read and write sendmail TCP sockets.
Module:
sendmail
Layer:
services
sendmail_rw_unix_stream_sockets(
domain
)
Read and write sendmail unix_stream_sockets.
Module:
sendmail
Layer:
services
sendmail_stub(
domain
)
Sendmail stub interface. No access allowed.
Module:
selinuxutil
Layer:
system
seutil_domtrans_checkpolicy(
domain
)
Execute checkpolicy in the checkpolicy domain.
Module:
selinuxutil
Layer:
system
seutil_domtrans_loadpolicy(
domain
)
Execute load_policy in the load_policy domain.
Module:
selinuxutil
Layer:
system
seutil_domtrans_newrole(
domain
)
Execute newrole in the load_policy domain.
Module:
selinuxutil
Layer:
system
seutil_domtrans_restorecon(
domain
)
Execute restorecon in the restorecon domain.
Module:
selinuxutil
Layer:
system
seutil_domtrans_runinit(
domain
)
Execute run_init in the run_init domain.
Module:
selinuxutil
Layer:
system
seutil_domtrans_semanage(
domain
)
Execute a domain transition to run semanage.
Module:
selinuxutil
Layer:
system
seutil_domtrans_setfiles(
domain
)
Execute setfiles in the setfiles domain.
Module:
selinuxutil
Layer:
system
seutil_dontaudit_read_config(
domain
)
Do not audit attempts to read the SELinux
userland configuration (/etc/selinux).
Module:
selinuxutil
Layer:
system
seutil_dontaudit_search_config(
domain
)
Do not audit attempts to search the SELinux
configuration directory (/etc/selinux).
Module:
selinuxutil
Layer:
system
seutil_dontaudit_signal_newrole(
domain
)
Do not audit the caller attempts to send
a signal to newrole.
Module:
selinuxutil
Layer:
system
seutil_get_semanage_read_lock(
domain
)
Get read lock on module store
Module:
selinuxutil
Layer:
system
seutil_get_semanage_trans_lock(
domain
)
Get trans lock on module store
Module:
selinuxutil
Layer:
system
seutil_init_script_domtrans_runinit(
domain
)
Execute init scripts in the run_init domain.
Module:
selinuxutil
Layer:
system
seutil_init_script_run_runinit(
domain
,
role
,
terminal
)
Execute init scripts in the run_init domain, and
allow the specified role the run_init domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_manage_module_store(
domain
)
Full management of the semanage
module store.
Module:
selinuxutil
Layer:
system
seutil_relabelto_bin_policy(
domain
)
Allow the caller to relabel a file to the binary policy type.
Module:
selinuxutil
Layer:
system
seutil_run_checkpolicy(
domain
,
role
,
terminal
)
Execute checkpolicy in the checkpolicy domain, and
allow the specified role the checkpolicy domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_run_loadpolicy(
domain
,
role
,
terminal
)
Execute load_policy in the load_policy domain, and
allow the specified role the load_policy domain,
and use the caller's terminal.
Has a SIGCHLD signal backchannel.
Module:
selinuxutil
Layer:
system
seutil_run_newrole(
domain
,
role
,
terminal
)
Execute newrole in the newrole domain, and
allow the specified role the newrole domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_run_restorecon(
domain
,
role
,
terminal
)
Execute restorecon in the restorecon domain, and
allow the specified role the restorecon domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_run_runinit(
domain
,
role
,
terminal
)
Execute run_init in the run_init domain, and
allow the specified role the run_init domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_run_semanage(
domain
,
role
,
terminal
)
Execute semanage in the semanage domain, and
allow the specified role the semanage domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_run_setfiles(
domain
,
role
,
terminal
)
Execute setfiles in the setfiles domain, and
allow the specified role the setfiles domain,
and use the caller's terminal.
Module:
selinuxutil
Layer:
system
seutil_rw_file_contexts(
domain
)
Read and write the file_contexts files.
Module:
selinuxutil
Layer:
system
seutil_search_default_contexts(
domain
)
Search the policy directory with default_context files.
Module:
slocate
Layer:
apps
slocate_create_append_log(
domain
)
Create the locate log with append mode.
Module:
slrnpull
Layer:
services
slrnpull_manage_spool(
pty_type
)
Allow the domain to create, read,
write, and delete slrnpull spools.
Module:
slrnpull
Layer:
services
slrnpull_search_spool(
pty_type
)
Allow the domain to search slrnpull spools.
Module:
smartmon
Layer:
services
smartmon_read_tmp_files(
domain
)
Allow caller to read smartmon temporary files.
Module:
snmp
Layer:
services
snmp_read_snmp_var_lib_files(
domain
)
Module:
snmp
Layer:
services
snmp_tcp_connect(
domain
)
Use snmp over a TCP connection.
Module:
snmp
Layer:
services
snmp_udp_chat(
domain
)
Send and receive UDP traffic to SNMP
Module:
spamassassin
Layer:
services
spamassassin_exec(
domain
)
Execute the standalone spamassassin
program in the caller directory.
Module:
spamassassin
Layer:
services
spamassassin_exec_client(
domain
)
Execute the spamassassin client
program in the caller directory.
Module:
squid
Layer:
services
squid_domtrans(
domain
)
Execute squid in the squid domain.
Module:
squid
Layer:
services
squid_manage_logs(
domain
)
Create, read, write, and delete
squid logs.
Module:
squid
Layer:
services
squid_read_config(
domain
)
Read squid configuration file.
Module:
squid
Layer:
services
squid_use(
domain
)
Use squid services by connecting over TCP.
Module:
ssh
Layer:
services
ssh_dontaudit_read_server_keys(
domain
)
Module:
ssh
Layer:
services
ssh_dontaudit_rw_tcp_sockets(
domain
)
Do not audit attempts to read and write
ssh server TCP sockets.
Module:
ssh
Layer:
services
ssh_read_pipes(
domain
)
Read a ssh server unnamed pipe.
Module:
ssh
Layer:
services
ssh_sigchld(
domain
)
Send a SIGCHLD signal to the ssh server.
Module:
ssh
Layer:
services
ssh_tcp_connect(
domain
)
Connect to SSH daemons over TCP sockets.
Module:
storage
Layer:
kernel
storage_dev_filetrans_fixed_disk(
domain
)
Create block devices in /dev with the fixed disk type
via an automatic type transition.
Module:
storage
Layer:
kernel
storage_dontaudit_getattr_fixed_disk_dev(
domain
)
Do not audit attempts made by the caller to get
the attributes of fixed disk device nodes.
Module:
storage
Layer:
kernel
storage_dontaudit_getattr_removable_dev(
domain
)
Do not audit attempts made by the caller to get
the attributes of removable devices device nodes.
Module:
storage
Layer:
kernel
storage_dontaudit_raw_read_removable_device(
domain
)
Do not audit attempts to directly read removable devices.
Module:
storage
Layer:
kernel
storage_dontaudit_raw_write_removable_device(
domain
)
Do not audit attempts to directly write removable devices.
Module:
storage
Layer:
kernel
storage_dontaudit_read_fixed_disk(
domain
)
Do not audit attempts made by the caller to read
fixed disk device nodes.
Module:
storage
Layer:
kernel
storage_dontaudit_read_removable_device(
domain
)
Do not audit attempts made by the caller to read
removable devices device nodes.
Module:
storage
Layer:
kernel
storage_dontaudit_rw_scsi_generic(
domain
)
Do not audit attempts to read or write
SCSI generic device interfaces.
Module:
storage
Layer:
kernel
storage_dontaudit_setattr_fixed_disk_dev(
domain
)
Do not audit attempts made by the caller to set
the attributes of fixed disk device nodes.
Module:
storage
Layer:
kernel
storage_dontaudit_setattr_removable_dev(
domain
)
Do not audit attempts made by the caller to set
the attributes of removable devices device nodes.
Module:
storage
Layer:
kernel
storage_dontaudit_write_fixed_disk(
domain
)
Do not audit attempts made by the caller to write
fixed disk device nodes.
Module:
storage
Layer:
kernel
storage_getattr_fixed_disk_dev(
domain
)
Allow the caller to get the attributes of fixed disk
device nodes.
Module:
storage
Layer:
kernel
storage_getattr_removable_dev(
domain
)
Allow the caller to get the attributes of removable
devices device nodes.
Module:
storage
Layer:
kernel
storage_getattr_scsi_generic_dev(
domain
)
Allow the caller to get the attributes of
the generic SCSI interface device nodes.
Module:
storage
Layer:
kernel
storage_getattr_tape_dev(
domain
)
Allow the caller to get the attributes
of device nodes of tape devices.
Module:
storage
Layer:
kernel
storage_manage_fixed_disk(
domain
)
Create, read, write, and delete fixed disk device nodes.
Module:
storage
Layer:
kernel
storage_raw_read_fixed_disk(
domain
)
Allow the caller to directly read from a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Module:
storage
Layer:
kernel
storage_raw_read_removable_device(
domain
)
Allow the caller to directly read from
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Module:
storage
Layer:
kernel
storage_raw_write_fixed_disk(
domain
)
Allow the caller to directly write to a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Module:
storage
Layer:
kernel
storage_raw_write_removable_device(
domain
)
Allow the caller to directly write to
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Module:
storage
Layer:
kernel
storage_read_scsi_generic(
domain
)
Allow the caller to directly read, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Module:
storage
Layer:
kernel
storage_read_tape(
domain
)
Allow the caller to directly read
a tape device.
Module:
storage
Layer:
kernel
storage_relabel_fixed_disk(
domain
)
Relabel fixed disk device nodes.
Module:
storage
Layer:
kernel
storage_setattr_fixed_disk_dev(
domain
)
Allow the caller to set the attributes of fixed disk
device nodes.
Module:
storage
Layer:
kernel
storage_setattr_removable_dev(
domain
)
Allow the caller to set the attributes of removable
devices device nodes.
Module:
storage
Layer:
kernel
storage_setattr_scsi_generic_dev(
domain
)
Allow the caller to set the attributes of
the generic SCSI interface device nodes.
Module:
storage
Layer:
kernel
storage_setattr_scsi_generic_dev_dev(
domain
)
Set attributes of the device nodes
for the SCSI generic inerface.
Module:
storage
Layer:
kernel
storage_setattr_tape_dev(
domain
)
Allow the caller to set the attributes
of device nodes of tape devices.
Module:
storage
Layer:
kernel
storage_swapon_fixed_disk(
domain
)
Enable a fixed disk device as swap space
Module:
storage
Layer:
kernel
storage_tmpfs_filetrans_fixed_disk(
domain
)
Create block devices in on a tmpfs filesystem with the
fixed disk type via an automatic type transition.
Module:
storage
Layer:
kernel
storage_unconfined(
domain
)
Unconfined access to storage devices.
Module:
storage
Layer:
kernel
storage_write_scsi_generic(
domain
)
Allow the caller to directly write, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
Module:
storage
Layer:
kernel
storage_write_tape(
domain
)
Allow the caller to directly read
a tape device.
Module:
su
Layer:
admin
su_exec(
domain
)
Execute su in the caller domain.
Module:
sysnetwork
Layer:
system
sysnet_dbus_chat_dhcpc(
domain
)
Send and receive messages from
dhcpc over dbus.
Module:
sysnetwork
Layer:
system
sysnet_delete_dhcpc_pid(
domain
)
Delete the dhcp client pid file.
Module:
sysnetwork
Layer:
system
sysnet_dhcp_state_filetrans(
domain
,
file_type
,
object_class
)
Module:
sysnetwork
Layer:
system
sysnet_dns_name_resolve(
domain
)
Perform a DNS name resolution.
Module:
sysnetwork
Layer:
system
sysnet_domtrans_dhcpc(
domain
)
Execute dhcp client in dhcpc domain.
Module:
sysnetwork
Layer:
system
sysnet_domtrans_ifconfig(
domain
)
Execute ifconfig in the ifconfig domain.
Module:
sysnetwork
Layer:
system
sysnet_dontaudit_read_config(
domain
)
Do not audit attempts to read network config files.
Module:
sysnetwork
Layer:
system
sysnet_etc_filetrans_config(
domain
)
Create files in /etc with the type used for
the network config files.
Module:
sysnetwork
Layer:
system
sysnet_exec_ifconfig(
domain
)
Execute ifconfig in the caller domain.
Module:
sysnetwork
Layer:
system
sysnet_kill_dhcpc(
domain
)
Send a kill signal to the dhcp client.
Module:
sysnetwork
Layer:
system
sysnet_manage_config(
domain
)
Create, read, write, and delete network config files.
Module:
sysnetwork
Layer:
system
sysnet_read_config(
domain
)
Allow network init to read network config files.
Module:
sysnetwork
Layer:
system
sysnet_read_dhcp_config(
domain
)
Read the DHCP configuration files.
Module:
sysnetwork
Layer:
system
sysnet_read_dhcpc_pid(
domain
)
Read the dhcp client pid file.
Module:
sysnetwork
Layer:
system
sysnet_read_dhcpc_state(
domain
)
Read dhcp client state files.
Module:
sysnetwork
Layer:
system
sysnet_run_dhcpc(
domain
,
role
,
terminal
)
Execute DHCP clients in the dhcpc domain, and
allow the specified role the dhcpc domain.
Module:
sysnetwork
Layer:
system
sysnet_run_ifconfig(
domain
,
role
,
terminal
)
Execute ifconfig in the ifconfig domain, and
allow the specified role the ifconfig domain,
and use the caller's terminal.
Module:
sysnetwork
Layer:
system
sysnet_rw_dhcp_config(
domain
)
Read and write dhcp configuration files.
Module:
sysnetwork
Layer:
system
sysnet_search_dhcp_state(
domain
)
Search the DHCP state data directory.
Module:
sysnetwork
Layer:
system
sysnet_sigchld_dhcpc(
domain
)
Send a SIGCHLD signal to the dhcp client.
Module:
sysnetwork
Layer:
system
sysnet_signal_dhcpc(
domain
)
Send a generic signal to the dhcp client.
Module:
sysnetwork
Layer:
system
sysnet_signull_dhcpc(
domain
)
Send a null signal to the dhcp client.
Module:
sysnetwork
Layer:
system
sysnet_sigstop_dhcpc(
domain
)
Send a SIGSTOP signal to the dhcp client.
Module:
sysnetwork
Layer:
system
sysnet_use_ldap(
domain
)
Connect and use a LDAP server.
Module:
sysnetwork
Layer:
system
sysnet_use_portmap(
domain
)
Connect and use remote port mappers.
Module:
tcpd
Layer:
services
tcpd_domtrans(
domain
)
Execute tcpd in the tcpd domain.
Module:
terminal
Layer:
kernel
term_create_pty(
domain
,
pty_type
)
Create a pty in the /dev/pts directory.
Module:
terminal
Layer:
kernel
term_dontaudit_getattr_all_user_ptys(
domain
)
Do not audit attempts to get the
attributes of any user pty
device nodes.
Module:
terminal
Layer:
kernel
term_dontaudit_getattr_all_user_ttys(
domain
)
Do not audit attempts to get the
attributes of any user tty
device nodes.
Module:
terminal
Layer:
kernel
term_dontaudit_getattr_pty_dirs(
domain
)
Do not audit attempts to get the
attributes of the /dev/pts directory.
Module:
terminal
Layer:
kernel
term_dontaudit_getattr_unallocated_ttys(
domain
)
Do not audit attempts to get the attributes
of all unallocated tty device nodes.
Module:
terminal
Layer:
kernel
term_dontaudit_ioctl_unallocated_ttys(
domain
)
Do not audit attempts to ioctl
unallocated tty device nodes.
Module:
terminal
Layer:
kernel
term_dontaudit_list_ptys(
domain
)
Do not audit attempts to read the
/dev/pts directory.
Module:
terminal
Layer:
kernel
term_dontaudit_manage_pty_dirs(
domain
)
Do not audit attempts to create, read,
write, or delete the /dev/pts directory.
Module:
terminal
Layer:
kernel
term_dontaudit_search_ptys(
domain
)
Do not audit attempts to search the
contents of the /dev/pts directory.
Module:
terminal
Layer:
kernel
term_dontaudit_use_all_user_ptys(
domain
)
Do not audit attempts to read any
user ptys.
Module:
terminal
Layer:
kernel
term_dontaudit_use_all_user_ttys(
domain
)
Do not audit attempts to read or write
any user ttys.
Module:
terminal
Layer:
kernel
term_dontaudit_use_console(
domain
)
Do not audit attemtps to read from
or write to the console.
Module:
terminal
Layer:
kernel
term_dontaudit_use_generic_ptys(
domain
)
Dot not audit attempts to read and
write the generic pty type. This is
generally only used in the targeted policy.
Module:
terminal
Layer:
kernel
term_dontaudit_use_ptmx(
domain
)
Do not audit attempts to read and
write the pty multiplexor (/dev/ptmx).
Module:
terminal
Layer:
kernel
term_dontaudit_use_unallocated_ttys(
domain
)
Do not audit attempts to read or
write unallocated ttys.
Module:
terminal
Layer:
kernel
term_getattr_all_user_ptys(
domain
)
Get the attributes of all user
pty device nodes.
Module:
terminal
Layer:
kernel
term_getattr_all_user_ttys(
domain
)
Get the attributes of all user tty
device nodes.
Module:
terminal
Layer:
kernel
term_getattr_unallocated_ttys(
domain
)
Get the attributes of all unallocated
tty device nodes.
Module:
terminal
Layer:
kernel
term_ioctl_generic_ptys(
domain
)
ioctl of generic pty types.
Module:
terminal
Layer:
kernel
term_list_ptys(
domain
)
Read the /dev/pts directory to
list all ptys.
Module:
terminal
Layer:
kernel
term_login_pty(
pty_type
)
Transform specified type into a pty type
used by login programs, such as sshd.
Module:
terminal
Layer:
kernel
term_pty(
pty_type
)
Transform specified type into a pty type.
Module:
terminal
Layer:
kernel
term_relabel_all_user_ptys(
domain
)
Relabel from and to all user
user pty device nodes.
Module:
terminal
Layer:
kernel
term_relabel_all_user_ttys(
domain
)
Relabel from and to all user
user tty device nodes.
Module:
terminal
Layer:
kernel
term_relabel_unallocated_ttys(
domain
)
Relabel from and to the unallocated
tty type.
Module:
terminal
Layer:
kernel
term_relabelto_all_user_ptys(
domain
)
Relabel to all user ptys.
Module:
terminal
Layer:
kernel
term_reset_tty_labels(
domain
)
Relabel from all user tty types to
the unallocated tty type.
Module:
terminal
Layer:
kernel
term_search_ptys(
domain
)
Search the contents of the /dev/pts directory.
Module:
terminal
Layer:
kernel
term_setattr_all_user_ptys(
domain
)
Set the attributes of all user
pty device nodes.
Module:
terminal
Layer:
kernel
term_setattr_all_user_ttys(
domain
)
Set the attributes of all user tty
device nodes.
Module:
terminal
Layer:
kernel
term_setattr_console(
domain
)
Set the attributes of the console
device node.
Module:
terminal
Layer:
kernel
term_setattr_unallocated_ttys(
domain
)
Set the attributes of all unallocated
tty device nodes.
Module:
terminal
Layer:
kernel
term_tty(
tty_type
)
Transform specified type into a tty type.
Module:
terminal
Layer:
kernel
term_use_all_terms(
domain
)
Read and write the console, all
ttys and all ptys.
Module:
terminal
Layer:
kernel
term_use_all_user_ptys(
domain
)
Read and write all user ptys.
Module:
terminal
Layer:
kernel
term_use_all_user_ttys(
domain
)
Read and write all user to all user ttys.
Module:
terminal
Layer:
kernel
term_use_console(
domain
)
Read from and write to the console.
Module:
terminal
Layer:
kernel
term_use_controlling_term(
domain
)
Read and write the controlling
terminal (/dev/tty).
Module:
terminal
Layer:
kernel
term_use_generic_ptys(
domain
)
Read and write the generic pty
type. This is generally only used in
the targeted policy.
Module:
terminal
Layer:
kernel
term_use_ptmx(
domain
)
Read and write the pty multiplexor (/dev/ptmx).
Module:
terminal
Layer:
kernel
term_use_unallocated_ttys(
domain
)
Read and write unallocated ttys.
Module:
terminal
Layer:
kernel
term_user_pty(
userdomain
,
object_type
)
Transform specified type into an user
pty type. This allows it to be relabeled via
type change by login programs such as ssh.
Module:
terminal
Layer:
kernel
term_write_unallocated_ttys(
domain
)
Write to unallocated ttys.
Module:
tmpreaper
Layer:
admin
tmpreaper_exec(
domain
)
Execute tmpreaper in the caller domain.
Module:
ucspitcp
Layer:
services
ucspitcp_service_domain(
domain
,
entrypoint
)
Define a specified domain as a ucspitcp service.
Module:
udev
Layer:
system
udev_domtrans(
domain
)
Execute udev in the udev domain.
Module:
udev
Layer:
system
udev_dontaudit_rw_dgram_sockets(
domain
)
Do not audit attempts to read or write
to a udev unix datagram socket.
Module:
udev
Layer:
system
udev_dontaudit_use_fds(
domain
)
Do not audit attempts to inherit a
udev file descriptor.
Module:
udev
Layer:
system
udev_helper_domtrans(
domain
)
Execute a udev helper in the udev domain.
Module:
udev
Layer:
system
udev_read_db(
domain
)
Allow process to read list of devices.
Module:
udev
Layer:
system
udev_read_state(
domain
)
Allow process to read udev process state.
Module:
udev
Layer:
system
udev_rw_db(
domain
)
Allow process to modify list of devices.
Module:
uml
Layer:
apps
uml_manage_util_files(
domain
)
Manage uml utility files.
Module:
uml
Layer:
apps
uml_setattr_util_sockets(
domain
)
Set attributes on uml utility socket files.
Module:
unconfined
Layer:
system
unconfined_alias_domain(
domain
)
Add an alias type to the unconfined domain.
Module:
unconfined
Layer:
system
unconfined_dbus_send(
domain
)
Send messages to the unconfined domain over dbus.
Module:
unconfined
Layer:
system
unconfined_domain(
domain
)
Make the specified domain unconfined and
audit executable memory and executable heap
usage.
Module:
unconfined
Layer:
system
unconfined_domain_noaudit(
domain
)
Make the specified domain unconfined.
Module:
unconfined
Layer:
system
unconfined_domtrans(
domain
)
Transition to the unconfined domain.
Module:
unconfined
Layer:
system
unconfined_dontaudit_read_pipes(
domain
)
Do not audit attempts to read unconfined domain unnamed pipes.
Module:
unconfined
Layer:
system
unconfined_dontaudit_rw_tcp_sockets(
domain
)
Do not audit attempts to read or write
unconfined domain tcp sockets.
Module:
unconfined
Layer:
system
unconfined_read_pipes(
domain
)
Read unconfined domain unnamed pipes.
Module:
unconfined
Layer:
system
unconfined_run(
domain
,
role
,
terminal
)
Execute specified programs in the unconfined domain.
Module:
unconfined
Layer:
system
unconfined_rw_pipes(
domain
)
Read and write unconfined domain unnamed pipes.
Module:
unconfined
Layer:
system
unconfined_shell_domtrans(
domain
)
Transition to the unconfined domain by executing a shell.
Module:
unconfined
Layer:
system
unconfined_sigchld(
domain
)
Send a SIGCHLD signal to the unconfined domain.
Module:
unconfined
Layer:
system
unconfined_signal(
domain
)
Send generic signals to the unconfined domain.
Module:
unconfined
Layer:
system
unconfined_use_fds(
domain
)
Inherit file descriptors from the unconfined domain.
Module:
updfstab
Layer:
admin
updfstab_domtrans(
domain
)
Execute updfstab in the updfstab domain.
Module:
usbmodules
Layer:
admin
usbmodules_domtrans(
domain
)
Execute usbmodules in the usbmodules domain.
Module:
usbmodules
Layer:
admin
usbmodules_run(
domain
,
role
,
terminal
)
Execute usbmodules in the usbmodules domain, and
allow the specified role the usbmodules domain,
and use the caller's terminal.
Module:
userdomain
Layer:
system
userdom_bin_spec_domtrans_sysadm(
domain
)
Execute a generic bin program in the sysadm domain.
Module:
userdomain
Layer:
system
userdom_bin_spec_domtrans_unpriv_users(
domain
)
Execute bin_t in the unprivileged user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_dbus_send_all_users(
domain
)
Send a dbus message to all user domains.
Module:
userdomain
Layer:
system
userdom_dontaudit_append_staff_home_content_files(
domain
)
Do not audit attempts to append to the staff
users home directory.
Module:
userdomain
Layer:
system
userdom_dontaudit_getattr_sysadm_home_dirs(
domain
)
Do not audit attempts to get the
attributes of the sysadm users
home directory.
Module:
userdomain
Layer:
system
userdom_dontaudit_getattr_sysadm_ttys(
domain
)
Do not audit attepts to get the attributes
of sysadm ttys.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_sysadm_home_dirs(
domain
)
Do not audit attempts to list the sysadm
users home directory.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_sysadm_home_content_files(
domain
)
Do not audit attempts to search the sysadm
users home directory.
Module:
userdomain
Layer:
system
userdom_dontaudit_relabelfrom_unpriv_users_ptys(
domain
)
Do not audit attempts to relabel files from
unprivileged user pty types.
Module:
userdomain
Layer:
system
userdom_dontaudit_search_all_users_home_content(
domain
)
Do not audit attempts to search all users home directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_search_generic_user_home_dirs(
domain
)
Don't audit search on the user home subdirectory.
Module:
userdomain
Layer:
system
userdom_dontaudit_search_staff_home_dirs(
domain
)
Do not audit attempts to search the staff
users home directory.
Module:
userdomain
Layer:
system
userdom_dontaudit_search_sysadm_home_dirs(
domain
)
Do not audit attempts to search the sysadm
users home directory.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_all_users_fds(
domain
)
Do not audit attempts to inherit the file
descriptors from any user domains.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_sysadm_ptys(
domain
)
Dont audit attempts to read and write sysadm ptys.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_sysadm_terms(
domain
)
Do not audit attempts to use sysadm ttys and ptys.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_sysadm_ttys(
domain
)
Do not audit attempts to use sysadm ttys.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_unpriv_user_fds(
domain
)
Do not audit attempts to inherit the
file descriptors from all user domains.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_unpriv_users_ptys(
domain
)
Do not audit attempts to use unprivileged
user ptys.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_unpriv_users_ttys(
domain
)
Do not audit attempts to use unprivileged
user ttys.
Module:
userdomain
Layer:
system
userdom_entry_spec_domtrans_sysadm(
domain
)
Execute all entrypoint files in the sysadm domain. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_entry_spec_domtrans_unpriv_users(
domain
)
Execute all entrypoint files in unprivileged user
domains. This is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_generic_user_home_dir_filetrans_generic_user_home_content(
domain
,
object_class
)
Create objects in generic user home directories
with automatic file type transition.
Module:
userdomain
Layer:
system
userdom_getattr_all_users(
domain
)
Get the attributes of all user domains.
Module:
userdomain
Layer:
system
userdom_getattr_sysadm_home_dirs(
domain
)
Get the attributes of the sysadm users
home directory.
Module:
userdomain
Layer:
system
userdom_home_filetrans_generic_user_home_dir(
domain
)
Create generic user home directories
with automatic file type transition.
Module:
userdomain
Layer:
system
userdom_list_all_users_home_dirs(
domain
)
List all users home directories.
Module:
userdomain
Layer:
system
userdom_list_sysadm_home_dirs(
domain
)
List the sysadm users home directory.
Module:
userdomain
Layer:
system
userdom_list_unpriv_users_tmp(
domain
)
Read all unprivileged users temporary directories.
Module:
userdomain
Layer:
system
userdom_manage_all_users_home_content_dirs(
domain
)
Create, read, write, and delete all directories
in all users home directories.
Module:
userdomain
Layer:
system
userdom_manage_all_users_home_content_files(
domain
)
Create, read, write, and delete all files
in all users home directories.
Module:
userdomain
Layer:
system
userdom_manage_all_users_home_content_symlinks(
domain
)
Create, read, write, and delete all symlinks
in all users home directories.
Module:
userdomain
Layer:
system
userdom_manage_generic_user_home_content_dirs(
domain
)
Create, read, write, and delete
subdirectories of generic user
home directories.
Module:
userdomain
Layer:
system
userdom_manage_generic_user_home_content_files(
domain
)
Create, read, write, and delete files
in generic user home directories.
Module:
userdomain
Layer:
system
userdom_manage_generic_user_home_content_pipes(
domain
)
Create, read, write, and delete named
pipes in generic user home directories.
Module:
userdomain
Layer:
system
userdom_manage_generic_user_home_content_sockets(
domain
)
Create, read, write, and delete named
sockets in generic user home directories.
Module:
userdomain
Layer:
system
userdom_manage_generic_user_home_content_symlinks(
domain
)
Create, read, write, and delete symbolic
links in generic user home directories.
Module:
userdomain
Layer:
system
userdom_manage_unpriv_user_semaphores(
domain
)
Manage unpriviledged user SysV sempaphores.
Module:
userdomain
Layer:
system
userdom_manage_unpriv_user_shared_mem(
domain
)
Manage unpriviledged user SysV shared
memory segments.
Module:
userdomain
Layer:
system
userdom_priveleged_home_dir_manager(
domain
)
Make the specified domain a privileged
home directory manager.
Module:
userdomain
Layer:
system
userdom_read_all_tmp_untrusted_content(
domain
)
Read all user temporary untrusted content files.
Module:
userdomain
Layer:
system
userdom_read_all_untrusted_content(
domain
)
Read all user untrusted content files.
Module:
userdomain
Layer:
system
userdom_read_all_users_home_content_files(
domain
)
Read all files in all users home directories.
Module:
userdomain
Layer:
system
userdom_read_all_users_state(
domain
)
Read the process state of all user domains.
Module:
userdomain
Layer:
system
userdom_read_staff_home_content_files(
domain
)
Read files in the staff users home directory.
Module:
userdomain
Layer:
system
userdom_read_sysadm_home_content_files(
domain
)
Read files in the sysadm users home directory.
Module:
userdomain
Layer:
system
userdom_read_unpriv_users_home_content_files(
domain
)
Read all unprivileged users home directory
files.
Module:
userdomain
Layer:
system
userdom_read_unpriv_users_tmp_files(
domain
)
Read all unprivileged users temporary files.
Module:
userdomain
Layer:
system
userdom_read_unpriv_users_tmp_symlinks(
domain
)
Read all unprivileged users temporary symbolic links.
Module:
userdomain
Layer:
system
userdom_relabelto_unpriv_users_ptys(
domain
)
Relabel files to unprivileged user pty types.
Module:
userdomain
Layer:
system
userdom_rw_sysadm_pipes(
domain
)
Read and write sysadm user unnamed pipes.
Module:
userdomain
Layer:
system
userdom_sbin_spec_domtrans_sysadm(
domain
)
Execute a generic sbin program in the sysadm domain.
Module:
userdomain
Layer:
system
userdom_sbin_spec_domtrans_unpriv_users(
domain
)
Execute generic sbin programs in all unprivileged user
domains. This is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_search_all_users_home_content(
domain
)
Search all users home directories.
Module:
userdomain
Layer:
system
userdom_search_generic_user_home_dirs(
domain
)
Search generic user home directories.
Module:
userdomain
Layer:
system
userdom_search_staff_home_dirs(
domain
)
Search the staff users home directory.
Module:
userdomain
Layer:
system
userdom_search_sysadm_home_content_dirs(
domain
)
Search the sysadm users home sub directories.
Module:
userdomain
Layer:
system
userdom_search_sysadm_home_dirs(
domain
)
Search the sysadm users home directory.
Module:
userdomain
Layer:
system
userdom_search_unpriv_users_home_dirs(
domain
)
Search all unprivileged users home directories.
Module:
userdomain
Layer:
system
userdom_setattr_unpriv_users_ptys(
domain
)
Set the attributes of user ptys.
Module:
userdomain
Layer:
system
userdom_shell_domtrans_sysadm(
domain
)
Execute a shell in the sysadm domain.
Module:
userdomain
Layer:
system
userdom_sigchld_all_users(
domain
)
Send a SIGCHLD signal to all user domains.
Module:
userdomain
Layer:
system
userdom_sigchld_sysadm(
domain
)
Send a SIGCHLD signal to sysadm users.
Module:
userdomain
Layer:
system
userdom_signal_all_users(
domain
)
Send general signals to all user domains.
Module:
userdomain
Layer:
system
userdom_signal_unpriv_users(
domain
)
Send general signals to unprivileged user domains.
Module:
userdomain
Layer:
system
userdom_spec_domtrans_all_users(
domain
)
Execute a shell in all user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_spec_domtrans_unpriv_users(
domain
)
Execute a shell in all unprivileged user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_sysadm_home_dir_filetrans(
domain
,
private type
,
object_class
)
Create objects in sysadm home directories
with automatic file type transition.
Module:
userdomain
Layer:
system
userdom_unconfined(
domain
)
Unconfined access to user domains.
Module:
userdomain
Layer:
system
userdom_use_all_users_fds(
domain
)
Inherit the file descriptors from all user domains
Module:
userdomain
Layer:
system
userdom_use_sysadm_fds(
domain
)
Inherit and use sysadm file descriptors
Module:
userdomain
Layer:
system
userdom_use_sysadm_ptys(
domain
)
Read and write sysadm ptys.
Module:
userdomain
Layer:
system
userdom_use_sysadm_terms(
domain
)
Read and write sysadm ttys and ptys.
Module:
userdomain
Layer:
system
userdom_use_sysadm_ttys(
domain
)
Read and write sysadm ttys.
Module:
userdomain
Layer:
system
userdom_use_unpriv_users_fds(
domain
)
Inherit the file descriptors from unprivileged user domains.
Module:
userdomain
Layer:
system
userdom_use_unpriv_users_ptys(
domain
)
Read and write unprivileged user ptys.
Module:
userdomain
Layer:
system
userdom_write_unpriv_users_tmp_files(
domain
)
Write all unprivileged users files in /tmp
Module:
userdomain
Layer:
system
userdom_xsession_spec_domtrans_all_users(
domain
)
Execute an Xserver session in all unprivileged user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
userdomain
Layer:
system
userdom_xsession_spec_domtrans_unpriv_users(
domain
)
Execute an Xserver session in all unprivileged user domains. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
userhelper
Layer:
apps
userhelper_dontaudit_search_config(
domain
)
Do not audit attempts to search
the userhelper configuration directory.
Module:
userhelper
Layer:
apps
userhelper_search_config(
domain
)
Search the userhelper configuration directory.
Module:
usermanage
Layer:
admin
usermanage_domtrans_admin_passwd(
domain
)
Execute password admin functions in
the admin passwd domain.
Module:
usermanage
Layer:
admin
usermanage_domtrans_chfn(
domain
)
Execute chfn in the chfn domain.
Module:
usermanage
Layer:
admin
usermanage_domtrans_groupadd(
domain
)
Execute groupadd in the groupadd domain.
Module:
usermanage
Layer:
admin
usermanage_domtrans_passwd(
domain
)
Execute passwd in the passwd domain.
Module:
usermanage
Layer:
admin
usermanage_domtrans_useradd(
domain
)
Execute useradd in the useradd domain.
Module:
usermanage
Layer:
admin
usermanage_run_admin_passwd(
domain
,
role
,
terminal
)
Execute passwd admin functions in the admin
passwd domain, and allow the specified role
the admin passwd domain.
Module:
usermanage
Layer:
admin
usermanage_run_chfn(
domain
,
role
,
terminal
)
Execute chfn in the chfn domain, and
allow the specified role the chfn domain.
Module:
usermanage
Layer:
admin
usermanage_run_groupadd(
domain
,
role
,
terminal
)
Execute groupadd in the groupadd domain, and
allow the specified role the groupadd domain.
Module:
usermanage
Layer:
admin
usermanage_run_passwd(
domain
,
role
,
terminal
)
Execute passwd in the passwd domain, and
allow the specified role the passwd domain.
Module:
usermanage
Layer:
admin
usermanage_run_useradd(
domain
,
role
,
terminal
)
Execute useradd in the useradd domain, and
allow the specified role the useradd domain.
Module:
usernetctl
Layer:
apps
usernetctl_domtrans(
domain
)
Execute usernetctl in the usernetctl domain.
Module:
usernetctl
Layer:
apps
usernetctl_run(
domain
,
role
,
terminal
)
Execute usernetctl in the usernetctl domain, and
allow the specified role the usernetctl domain.
Module:
vbetool
Layer:
admin
vbetool_domtrans(
domain
)
Execute vbetool application in the vbetool domain.
Module:
vpn
Layer:
admin
vpn_domtrans(
domain
)
Execute VPN clients in the vpnc domain.
Module:
vpn
Layer:
admin
vpn_run(
domain
,
role
,
terminal
)
Execute VPN clients in the vpnc domain, and
allow the specified role the vpnc domain.
Module:
vpn
Layer:
admin
vpn_signal(
domain
)
Send generic signals to VPN clients.
Module:
webalizer
Layer:
apps
webalizer_domtrans(
domain
)
Execute webalizer in the webalizer domain.
Module:
webalizer
Layer:
apps
webalizer_run(
domain
,
role
,
terminal
)
Execute webalizer in the webalizer domain, and
allow the specified role the webalizer domain.
Module:
wine
Layer:
apps
wine_domtrans(
domain
)
Execute the wine program in the wine domain.
Module:
xfs
Layer:
services
xfs_read_sockets(
domain
)
Read a X font server named socket.
Module:
xfs
Layer:
services
xfs_stream_connect(
domain
)
Connect to a X font server over
a unix domain stream socket.
Module:
xserver
Layer:
services
xserver_create_xdm_tmp_sockets(
domain
)
Create a named socket in a XDM
temporary directory.
Module:
xserver
Layer:
services
xserver_delete_log(
domain
)
Do not audit attempts to write the X server
log files.
Module:
xserver
Layer:
services
xserver_domtrans_xdm_xserver(
domain
)
Execute the X server in the XDM X server domain.
Module:
xserver
Layer:
services
xserver_dontaudit_write_log(
domain
)
Do not audit attempts to write the X server
log files.
Module:
xserver
Layer:
services
xserver_read_xdm_rw_config(
domain
)
Read xdm-writable configuration files.
Module:
xserver
Layer:
services
xserver_setattr_xdm_tmp_dirs(
domain
)
Set the attributes of XDM temporary directories.
Module:
xserver
Layer:
services
xserver_stream_connect_xdm(
domain
)
Connect to XDM over a unix domain
stream socket.
Module:
xserver
Layer:
services
xserver_xsession_entry_type(
domain
)
Make an X session script an entrypoint for the specified domain.
Module:
xserver
Layer:
services
xserver_xsession_spec_domtrans(
domain
,
target_domain
)
Execute an X session in the target domain. This
is an explicit transition, requiring the
caller to use setexeccon().
Module:
zebra
Layer:
services
zebra_read_config(
domain
)
Read the configuration files for zebra.