<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> - <a href='admin_acct.html'> acct</a><br/> - <a href='admin_consoletype.html'> consoletype</a><br/> - <a href='admin_dmesg.html'> dmesg</a><br/> - <a href='admin_firstboot.html'> firstboot</a><br/> - <a href='admin_logrotate.html'> logrotate</a><br/> - <a href='admin_netutils.html'> netutils</a><br/> - <a href='admin_quota.html'> quota</a><br/> - <a href='admin_rpm.html'> rpm</a><br/> - <a href='admin_su.html'> su</a><br/> - <a href='admin_sudo.html'> sudo</a><br/> - <a href='admin_tmpreaper.html'> tmpreaper</a><br/> - <a href='admin_updfstab.html'> updfstab</a><br/> - <a href='admin_usermanage.html'> usermanage</a><br/> - <a href='admin_vpn.html'> vpn</a><br/> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> - <a href='apps_gpg.html'> gpg</a><br/> - <a href='apps_loadkeys.html'> loadkeys</a><br/> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_bootloader.html'> bootloader</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> - <a href='services_bind.html'> bind</a><br/> - <a href='services_comsat.html'> comsat</a><br/> - <a href='services_cpucontrol.html'> cpucontrol</a><br/> - <a href='services_cron.html'> cron</a><br/> - <a href='services_cvs.html'> cvs</a><br/> - <a href='services_dbus.html'> dbus</a><br/> - <a href='services_dhcp.html'> dhcp</a><br/> - <a href='services_dictd.html'> dictd</a><br/> - <a href='services_gpm.html'> gpm</a><br/> - <a href='services_hal.html'> hal</a><br/> - <a href='services_howl.html'> howl</a><br/> - <a href='services_inetd.html'> inetd</a><br/> - <a href='services_inn.html'> inn</a><br/> - <a href='services_kerberos.html'> kerberos</a><br/> - <a href='services_ktalk.html'> ktalk</a><br/> - <a href='services_ldap.html'> ldap</a><br/> - <a href='services_mta.html'> mta</a><br/> - <a href='services_mysql.html'> mysql</a><br/> - <a href='services_nis.html'> nis</a><br/> - <a href='services_nscd.html'> nscd</a><br/> - <a href='services_ntp.html'> ntp</a><br/> - <a href='services_portmap.html'> portmap</a><br/> - <a href='services_postgresql.html'> postgresql</a><br/> - <a href='services_privoxy.html'> privoxy</a><br/> - <a href='services_remotelogin.html'> remotelogin</a><br/> - <a href='services_rlogin.html'> rlogin</a><br/> - <a href='services_rshd.html'> rshd</a><br/> - <a href='services_rsync.html'> rsync</a><br/> - <a href='services_samba.html'> samba</a><br/> - <a href='services_sendmail.html'> sendmail</a><br/> - <a href='services_snmp.html'> snmp</a><br/> - <a href='services_squid.html'> squid</a><br/> - <a href='services_ssh.html'> ssh</a><br/> - <a href='services_stunnel.html'> stunnel</a><br/> - <a href='services_tcpd.html'> tcpd</a><br/> - <a href='services_telnet.html'> telnet</a><br/> - <a href='services_tftp.html'> tftp</a><br/> - <a href='services_uucp.html'> uucp</a><br/> - <a href='services_zebra.html'> zebra</a><br/> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_corecommands.html'> corecommands</a><br/> - <a href='system_domain.html'> domain</a><br/> - <a href='system_files.html'> files</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_pcmcia.html'> pcmcia</a><br/> - <a href='system_raid.html'> raid</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <h1>Layer: admin</h1><p/> <p><p> Policy modules for administrative functions, such as package management. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> <tr><td> <a href='admin_acct.html'> acct</a></td> <td><p>Berkeley process accounting</p></td> <tr><td> <a href='admin_consoletype.html'> consoletype</a></td> <td><p> Determine of the console connected to the controlling terminal. </p></td> <tr><td> <a href='admin_dmesg.html'> dmesg</a></td> <td><p>Policy for dmesg.</p></td> <tr><td> <a href='admin_firstboot.html'> firstboot</a></td> <td><p> Final system configuration run during the first boot after installation of Red Hat/Fedora systems. </p></td> <tr><td> <a href='admin_logrotate.html'> logrotate</a></td> <td><p>Rotate and archive system logs</p></td> <tr><td> <a href='admin_netutils.html'> netutils</a></td> <td><p>Network analysis utilities</p></td> <tr><td> <a href='admin_quota.html'> quota</a></td> <td><p>File system quota management</p></td> <tr><td> <a href='admin_rpm.html'> rpm</a></td> <td><p>Policy for the RPM package manager.</p></td> <tr><td> <a href='admin_su.html'> su</a></td> <td><p>Run shells with substitute user and group</p></td> <tr><td> <a href='admin_sudo.html'> sudo</a></td> <td><p>Execute a command with a substitute user</p></td> <tr><td> <a href='admin_tmpreaper.html'> tmpreaper</a></td> <td><p>Manage temporary directory sizes and file ages</p></td> <tr><td> <a href='admin_updfstab.html'> updfstab</a></td> <td><p>Red Hat utility to change /etc/fstab.</p></td> <tr><td> <a href='admin_usermanage.html'> usermanage</a></td> <td><p>Policy for managing user accounts.</p></td> <tr><td> <a href='admin_vpn.html'> vpn</a></td> <td><p>Virtual Private Networking client</p></td> </td></tr> </td></tr> </td></tr> </td></tr> </td></tr> </table> <p/><br/><br/> <h1>Layer: kernel</h1><p/> <p><p> Policy for kernel threads, proc filesystem,and unlabeled processes and objects. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> </td></tr> <tr><td> <a href='kernel_bootloader.html'> bootloader</a></td> <td><p>Policy for the kernel modules, kernel image, and bootloader.</p></td> <tr><td> <a href='kernel_corenetwork.html'> corenetwork</a></td> <td><p>Policy controlling access to network objects</p></td> <tr><td> <a href='kernel_devices.html'> devices</a></td> <td><p> Device nodes and interfaces for many basic system devices. </p></td> <tr><td> <a href='kernel_filesystem.html'> filesystem</a></td> <td><p>Policy for filesystems.</p></td> <tr><td> <a href='kernel_kernel.html'> kernel</a></td> <td><p> Policy for kernel threads, proc filesystem,and unlabeled processes and objects. </p></td> <tr><td> <a href='kernel_selinux.html'> selinux</a></td> <td><p> Policy for kernel security interface, in particular, selinuxfs. </p></td> <tr><td> <a href='kernel_storage.html'> storage</a></td> <td><p>Policy controlling access to storage devices</p></td> <tr><td> <a href='kernel_terminal.html'> terminal</a></td> <td><p>Policy for terminals.</p></td> </td></tr> </td></tr> </td></tr> </table> <p/><br/><br/> <h1>Layer: apps</h1><p/> <p><p>Policy modules for applications</p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> <tr><td> <a href='apps_gpg.html'> gpg</a></td> <td><p>Policy for GNU Privacy Guard and related programs.</p></td> <tr><td> <a href='apps_loadkeys.html'> loadkeys</a></td> <td><p>Load keyboard mappings.</p></td> </td></tr> </td></tr> </td></tr> </td></tr> </table> <p/><br/><br/> <h1>Layer: system</h1><p/> <p><p> Policy modules for system functions from init to multi-user login. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> </td></tr> </td></tr> </td></tr> <tr><td> <a href='system_authlogin.html'> authlogin</a></td> <td><p>Common policy for authentication and user login.</p></td> <tr><td> <a href='system_clock.html'> clock</a></td> <td><p>Policy for reading and setting the hardware clock.</p></td> <tr><td> <a href='system_corecommands.html'> corecommands</a></td> <td><p> Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin. </p></td> <tr><td> <a href='system_domain.html'> domain</a></td> <td><p>Core policy for domains.</p></td> <tr><td> <a href='system_files.html'> files</a></td> <td><p> Basic filesystem types and interfaces. </p></td> <tr><td> <a href='system_fstools.html'> fstools</a></td> <td><p>Tools for filesystem management, such as mkfs and fsck.</p></td> <tr><td> <a href='system_getty.html'> getty</a></td> <td><p>Policy for getty.</p></td> <tr><td> <a href='system_hostname.html'> hostname</a></td> <td><p>Policy for changing the system host name.</p></td> <tr><td> <a href='system_hotplug.html'> hotplug</a></td> <td><p> Policy for hotplug system, for supporting the connection and disconnection of devices at runtime. </p></td> <tr><td> <a href='system_init.html'> init</a></td> <td><p>System initialization programs (init and init scripts).</p></td> <tr><td> <a href='system_ipsec.html'> ipsec</a></td> <td><p>TCP/IP encryption</p></td> <tr><td> <a href='system_iptables.html'> iptables</a></td> <td><p>Policy for iptables.</p></td> <tr><td> <a href='system_libraries.html'> libraries</a></td> <td><p>Policy for system libraries.</p></td> <tr><td> <a href='system_locallogin.html'> locallogin</a></td> <td><p>Policy for local logins.</p></td> <tr><td> <a href='system_logging.html'> logging</a></td> <td><p>Policy for the kernel message logger and system logging daemon.</p></td> <tr><td> <a href='system_lvm.html'> lvm</a></td> <td><p>Policy for logical volume management programs.</p></td> <tr><td> <a href='system_miscfiles.html'> miscfiles</a></td> <td><p>Miscelaneous files.</p></td> <tr><td> <a href='system_modutils.html'> modutils</a></td> <td><p>Policy for kernel module utilities</p></td> <tr><td> <a href='system_mount.html'> mount</a></td> <td><p>Policy for mount.</p></td> <tr><td> <a href='system_pcmcia.html'> pcmcia</a></td> <td><p>PCMCIA card management services</p></td> <tr><td> <a href='system_raid.html'> raid</a></td> <td><p>RAID array management tools</p></td> <tr><td> <a href='system_selinuxutil.html'> selinuxutil</a></td> <td><p>Policy for SELinux policy and userland applications.</p></td> <tr><td> <a href='system_sysnetwork.html'> sysnetwork</a></td> <td><p>Policy for network configuration: ifconfig and dhcp client.</p></td> <tr><td> <a href='system_udev.html'> udev</a></td> <td><p>Policy for udev.</p></td> <tr><td> <a href='system_unconfined.html'> unconfined</a></td> <td><p>The unconfined domain.</p></td> <tr><td> <a href='system_userdomain.html'> userdomain</a></td> <td><p>Policy for user domains</p></td> </td></tr> </table> <p/><br/><br/> <h1>Layer: services</h1><p/> <p><p> Policy modules for system services, like cron, and network services, like sshd. </p></p><br/> <table border="1" cellspacing="0" cellpadding="3" width="75%"> <tr><td class="title">Module:</td><td class="title">Description:</td></tr> </td></tr> </td></tr> </td></tr> <tr><td> <a href='services_bind.html'> bind</a></td> <td><p>Berkeley internet name domain DNS server.</p></td> <tr><td> <a href='services_comsat.html'> comsat</a></td> <td><p>Comsat, a biff server.</p></td> <tr><td> <a href='services_cpucontrol.html'> cpucontrol</a></td> <td><p>Services for loading CPU microcode and CPU frequency scaling.</p></td> <tr><td> <a href='services_cron.html'> cron</a></td> <td><p>Periodic execution of scheduled commands.</p></td> <tr><td> <a href='services_cvs.html'> cvs</a></td> <td><p>Concurrent versions system</p></td> <tr><td> <a href='services_dbus.html'> dbus</a></td> <td><p>Desktop messaging bus</p></td> <tr><td> <a href='services_dhcp.html'> dhcp</a></td> <td><p>Dynamic host configuration protocol (DHCP) server</p></td> <tr><td> <a href='services_dictd.html'> dictd</a></td> <td><p>Dictionary daemon</p></td> <tr><td> <a href='services_gpm.html'> gpm</a></td> <td><p>General Purpose Mouse driver</p></td> <tr><td> <a href='services_hal.html'> hal</a></td> <td><p>Hardware abstraction layer</p></td> <tr><td> <a href='services_howl.html'> howl</a></td> <td><p>Port of Apple Rendezvous multicast DNS</p></td> <tr><td> <a href='services_inetd.html'> inetd</a></td> <td><p>Internet services daemon.</p></td> <tr><td> <a href='services_inn.html'> inn</a></td> <td><p>Internet News NNTP server</p></td> <tr><td> <a href='services_kerberos.html'> kerberos</a></td> <td><p>MIT Kerberos admin and KDC</p></td> <tr><td> <a href='services_ktalk.html'> ktalk</a></td> <td><p>KDE Talk daemon</p></td> <tr><td> <a href='services_ldap.html'> ldap</a></td> <td><p>OpenLDAP directory server</p></td> <tr><td> <a href='services_mta.html'> mta</a></td> <td><p>Policy common to all email tranfer agents.</p></td> <tr><td> <a href='services_mysql.html'> mysql</a></td> <td><p>Policy for MySQL</p></td> <tr><td> <a href='services_nis.html'> nis</a></td> <td><p>Policy for NIS (YP) servers and clients</p></td> <tr><td> <a href='services_nscd.html'> nscd</a></td> <td><p>Name service cache daemon</p></td> <tr><td> <a href='services_ntp.html'> ntp</a></td> <td><p>Network time protocol daemon</p></td> <tr><td> <a href='services_portmap.html'> portmap</a></td> <td><p>RPC port mapping service.</p></td> <tr><td> <a href='services_postgresql.html'> postgresql</a></td> <td><p>PostgreSQL relational database</p></td> <tr><td> <a href='services_privoxy.html'> privoxy</a></td> <td><p>Privacy enhancing web proxy.</p></td> <tr><td> <a href='services_remotelogin.html'> remotelogin</a></td> <td><p>Policy for rshd, rlogind, and telnetd.</p></td> <tr><td> <a href='services_rlogin.html'> rlogin</a></td> <td><p>Remote login daemon</p></td> <tr><td> <a href='services_rshd.html'> rshd</a></td> <td><p>Remote shell service.</p></td> <tr><td> <a href='services_rsync.html'> rsync</a></td> <td><p>Fast incremental file transfer for synchronization</p></td> <tr><td> <a href='services_samba.html'> samba</a></td> <td><p>SMB and CIFS client/server programs for UNIX</p></td> <tr><td> <a href='services_sendmail.html'> sendmail</a></td> <td><p>Policy for sendmail.</p></td> <tr><td> <a href='services_snmp.html'> snmp</a></td> <td><p>Simple network management protocol services</p></td> <tr><td> <a href='services_squid.html'> squid</a></td> <td><p>Squid caching http proxy server</p></td> <tr><td> <a href='services_ssh.html'> ssh</a></td> <td><p>Secure shell client and server policy.</p></td> <tr><td> <a href='services_stunnel.html'> stunnel</a></td> <td><p>SSL Tunneling Proxy</p></td> <tr><td> <a href='services_tcpd.html'> tcpd</a></td> <td><p>Policy for TCP daemon.</p></td> <tr><td> <a href='services_telnet.html'> telnet</a></td> <td><p>Telnet daemon</p></td> <tr><td> <a href='services_tftp.html'> tftp</a></td> <td><p>Trivial file transfer protocol daemon</p></td> <tr><td> <a href='services_uucp.html'> uucp</a></td> <td><p>Unix to Unix Copy</p></td> <tr><td> <a href='services_zebra.html'> zebra</a></td> <td><p>Zebra border gateway protocol network routing service</p></td> </td></tr> </td></tr> </table> <p/><br/><br/> </div> </body> </html>