Layer: kernel

Module: bootloader

Description:

Policy for the kernel modules, kernel image, and bootloader.

Interfaces:

bootloader_create_kernel(
	
		domain
		
	)

Description

Install a kernel into the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_create_kernel_symbol_table(
	
		domain
		
	)

Description

Install a system.map into the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_create_runtime_file(
	
		domain
		
	)

Description

Read and write the bootloader temporary data in /tmp.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_delete_kernel(
	
		domain
		
	)

Description

Delete a kernel from /boot.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_delete_kernel_symbol_table(
	
		domain
		
	)

Description

Delete a system.map in the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_domtrans(
	
		domain
		
	)

Description

Execute bootloader in the bootloader domain.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_dontaudit_search_boot(
	
		domain
		
	)

Description

Do not audit attempts to search the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_list_kernel_modules(
	
		domain
		
	)

Description

List the contents of the kernel module directories.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_manage_kernel_modules(
	
		domain
		
	)

Description

Create, read, write, and delete kernel module files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_read_config(
	
		domain
		
	)

Description

Read the bootloader configuration file.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_read_kernel_modules(
	
		domain
		
	)

Description

Read kernel module files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_read_kernel_symbol_table(
	
		domain
		
	)

Description

Read system.map in the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_run(
	
		domain
		
			,
		
		role
		
			,
		
		terminal
		
	)

Description

Execute bootloader interactively and do a domain transition to the bootloader domain.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No
role	The role to be allowed the bootloader domain.	No
terminal	The type of the terminal allow the bootloader domain to use.	No

bootloader_rw_boot_symlinks(
	
		domain
		
	)

Description

Read and write symbolic links in the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_rw_config(
	
		domain
		
	)

Description

Read and write the bootloader configuration file.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_rw_tmp_file(
	
		domain
		
	)

Description

Read and write the bootloader temporary data in /tmp.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_search_boot_dir(
	
		domain
		
	)

Description

Search the /boot directory.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No

bootloader_write_kernel_modules(
	
		domain
		
	)

Description

Write kernel module files.

Parameters

Parameter:	Description:	Optional:
domain	The type of the process performing this action.	No