# # This file contains a listing of available modules. # To prevent a module from being used in policy # creation, set the module name to "off". # # For monolithic policies, modules set to "base" and "module" # will be built into the policy. # # For modular policies, modules set to "base" will be # included in the base module. "module" will be compiled # as individual loadable modules. # # Layer: services # Module: accountsd # # An application to view and modify user accounts information # accountsd = module # Layer: admin # Module: acct # # Berkeley process accounting # acct = module # Layer: admin # Module: alsa # # Ainit ALSA configuration tool # alsa = module # Layer: services # Module: cachefilesd # # CacheFiles userspace management daemon # cachefilesd = module # Layer: services # Module: colord # # color device daemon # colord = module # Layer: apps # Module: cpufreqselector # # cpufreqselector executable # cpufreqselector = module # Layer: apps # Module: chrome # # chrome sandbox # chrome = module # Layer: modules # Module: awstats # # awstats executable # awstats = module # Layer: admin # Module: amanda # # Automated backup program. # amanda = module # Layer: services # Module: afs # # Andrew Filesystem server # afs = module # Layer: services # Module: amavis # # Anti-virus # amavis = module # Layer: admin # Module: anaconda # # Policy for the Anaconda installer. # anaconda = module # Layer: services # Module: apache # # Apache web server # apache = module # Layer: services # Module: apm # # Advanced power management daemon # apm = module # Layer: system # Module: application # Required in base # # Defines attributs and interfaces for all user applications # application = module # Layer: services # Module: arpwatch # # Ethernet activity monitor. # arpwatch = module # Layer: services # Module: entropy # # Generate entropy from audio input # entropyd = module # Layer: system # Module: authlogin # # Common policy for authentication and user login. # authlogin = module # Layer: services # Module: automount # # Filesystem automounter service. # automount = module # Layer: services # Module: avahi # # mDNS/DNS-SD daemon implementing Apple ZeroConf architecture # avahi = module # Layer: services # Module: boinc # # Berkeley Open Infrastructure for Network Computing # boinc = module # Layer: services # Module: bind # # Berkeley internet name domain DNS server. # bind = module # Layer: services # Module: bugzilla # # Bugzilla server # bugzilla = module # Layer: services # Module: dnsmasq # # A lightweight DHCP and caching DNS server. # dnsmasq = module # Layer: services # Module: bluetooth # # Bluetooth tools and system services. # bluetooth = module # Layer: kernel # Module: ubac # # # ubac = base # # Layer: kernel # Module: bootloader # # Policy for the kernel modules, kernel image, and bootloader. # bootloader = module # Layer: services # Module: canna # # Canna - kana-kanji conversion server # canna = module # Layer: services # Module: ccs # # policy for ccs # ccs = module # Layer: apps # Module: calamaris # # # Squid log analysis # calamaris = module # Layer: apps # Module: cdrecord # # Policy for cdrecord # cdrecord = module # Layer: admin # Module: certwatch # # Digital Certificate Tracking # certwatch = module # Layer: admin # Module: certmaster # # Digital Certificate master # certmaster = module # Layer: services # Module: certmonger # # Certificate status monitor and PKI enrollment client # certmonger = module # Layer: services # Module: chronyd # # Daemon for maintaining clock time # chronyd = module q# Layer: services # Module: cipe # # Encrypted tunnel daemon # cipe = module # Layer: services # Module: comsat # # Comsat, a biff server. # comsat = module # Layer: services # Module: corosync # # Corosync Cluster Engine Executive # corosync = module # Layer: services # Module: clamav # # ClamAV Virus Scanner # clamav = module # Layer: system # Module: clock # # Policy for reading and setting the hardware clock. # clock = module # Layer: services # Module: consolekit # # ConsoleKit is a system daemon for tracking what users are logged # consolekit = module # Layer: admin # Module: consoletype # # Determine of the console connected to the controlling terminal. # consoletype = module # Layer: kernel # Module: corecommands # Required in base # # Core policy for shells, and generic programs # in /bin, /sbin, /usr/bin, and /usr/sbin. # corecommands = base # Layer: kernel # Module: corenetwork # Required in base # # Policy controlling access to network objects # corenetwork = base # Layer: services # Module: cpucontrol # # Services for loading CPU microcode and CPU frequency scaling. # cpucontrol = module # Layer: services # Module: cron # # Periodic execution of scheduled commands. # cron = module # Layer: services # Module: cups # # Common UNIX printing system # cups = module # Layer: services # Module: cvs # # Concurrent versions system # cvs = module # Layer: services # Module: cyphesis # # cyphesis game server # cyphesis = module # Layer: services # Module: cyrus # # Cyrus is an IMAP service intended to be run on sealed servers # cyrus = module # Layer: system # Module: daemontools # # Collection of tools for managing UNIX services # daemontools = module # Layer: services # Module: dbskk # # Dictionary server for the SKK Japanese input method system. # dbskk = module # Layer: services # Module: dbus # # Desktop messaging bus # dbus = module # Layer: services # Module: dcc # # A distributed, collaborative, spam detection and filtering network. # dcc = module # Layer: admin # Module: ddcprobe # # ddcprobe retrieves monitor and graphics card information # ddcprobe = off # Layer: services # Module: devicekit # # devicekit-daemon # devicekit = module # Layer: kernel # Module: devices # Required in base # # Device nodes and interfaces for many basic system devices. # devices = base # Layer: services # Module: dhcp # # Dynamic host configuration protocol (DHCP) server # dhcp = module # Layer: services # Module: dictd # # Dictionary daemon # dictd = module # Layer: services # Module: distcc # # Distributed compiler daemon # distcc = off # Layer: admin # Module: dmesg # # Policy for dmesg. # dmesg = module # Layer: admin # Module: dmidecode # # Decode DMI data for x86/ia64 bioses. # dmidecode = module # Layer: system # Module: domain # Required in base # # Core policy for domains. # domain = base # Layer: services # Module: dovecot # # Dovecot POP and IMAP mail server # dovecot = module # Layer: services # Module: git # # Policy for the stupid content tracker # git = module # Layer: apps # Module: gitosis # # Policy for gitosis # gitosis = module # Layer: services # Module: glance # # Policy for glance # glance = module # Layer: apps # Module: gpg # # Policy for GNU Privacy Guard and related programs. # gpg = module # Layer: services # Module: gpsd # # gpsd monitor daemon # # gpsd = module # Layer: services # Module: gpm # # General Purpose Mouse driver # gpm = module # Layer: services # Module: fail2ban # # daiemon that bans IP that makes too many password failures # fail2ban = module # Layer: services # Module: fetchmail # # Remote-mail retrieval and forwarding utility # fetchmail = module # Layer: kernel # Module: files # Required in base # # Basic filesystem types and interfaces. # files = base # Layer: kernel # Module: filesystem # Required in base # # Policy for filesystems. # filesystem = base # Layer: services # Module: finger # # Finger user information service. # finger = module # Layer: admin # Module: firstboot # # Final system configuration run during the first boot # after installation of Red Hat/Fedora systems. # firstboot = module # Layer: apps # Module: firewallgui # # policy for system-config-firewall # firewallgui = module # Layer: services # Module: fprintd # # finger print server # fprintd = module # Layer: system # Module: fstools # # Tools for filesystem management, such as mkfs and fsck. # fstools = module # Layer: services # Module: ftp # # File transfer protocol service # ftp = module # Layer: apps # Module: games # # The Open Group Pegasus CIM/WBEM Server. # games = module # Layer: system # Module: getty # # Policy for getty. # getty = module # Layer: apps # Module: gnome # # gnome session and gconf # gnome = module # Layer: services # Module: gnomeclock # # gnomeclock used by dbus/polkit to set time # gnomeclock = module # Layer: services # Module: plymouthd # # Plymouth # plymouthd = module # Layer: services # Module: policykit # # Hardware abstraction layer # policykit = module # Layer: apps # Module: ptchown # # helper function for grantpt(3), changes ownship and permissions of pseudotty # ptchown = module # Layer: services # Module: psad # # Analyze iptables log for hostile traffic # psad = module # Layer: system # Module: hostname # # Policy for changing the system host name. # hostname = module # Layer: services # Module: inetd # # Internet services daemon. # inetd = module # Layer: system # Module: init # # System initialization programs (init and init scripts). # init = module # Layer: services # Module: inn # # Internet News NNTP server # inn = module # Layer: system # Module: iptables # # Policy for iptables. # iptables = module # Layer: system # Module: ipsec # # TCP/IP encryption # ipsec = module # Layer: apps # Module: irc # # IRC client policy # irc = module # Layer: services # Module: irqbalance # # IRQ balancing daemon # irqbalance = module # Layer: system # Module: iscsi # # Open-iSCSI daemon # iscsi = module # Layer: services # Module: i18n_input # # IIIMF htt server # i18n_input = off # Layer: services # Module: jabber # # Jabber instant messaging server # jabber = module # Layer: admin # Module: kdump # # kdump is kernel crash dumping mechanism # kdump = module # Layer: apps # Module: kdumpgui # # system-config-kdump policy # kdumpgui = module # Layer: services # Module: ksmtuned # # Kernel Samepage Merging (KSM) Tuning Daemon # ksmtuned = module # Layer: services # Module: kerberos # # MIT Kerberos admin and KDC # kerberos = module # Layer: kernel # Module: kernel # Required in base # # Policy for kernel threads, proc filesystem,and unlabeled processes and objects. # kernel = base # Layer: services # Module: ktalk # # KDE Talk daemon # ktalk = module # Layer: services # Module: lircd # # LIRC daemon - decodes infrared signals and provides them on a Unix domain socket. # lircd = module # Layer: services # Module: ldap # # OpenLDAP directory server # ldap = module # Layer: system # Module: libraries # # Policy for system libraries. # libraries = module # Layer: apps # Module: loadkeys # # Load keyboard mappings. # loadkeys = module # Layer: system # Module: locallogin # # Policy for local logins. # locallogin = module # Layer: apps # Module: lockdev # # device locking policy for lockdev # lockdev = module # Layer: system # Module: logging # # Policy for the kernel message logger and system logging daemon. # logging = module # Layer: admin # Module: logrotate # # Rotate and archive system logs # logrotate = module # Layer: services # Module: logwatch # # logwatch executable # logwatch = module # Layer: services # Module: lpd # # Line printer daemon # lpd = module # Layer: system # Module: lvm # # Policy for logical volume management programs. # lvm = module # Layer: services # Module: matahari # # Matahari system maangement tools # matahari = module # Layer: admin # Module: mcelog # # mcelog is a daemon that collects and decodes Machine Check Exception data on x86-64 machines. # mcelog = module # Layer: services # Module: mailman # # Mailman is for managing electronic mail discussion and e-newsletter lists # mailman = module # Layer: kernel # Module: mcs # Required in base # # MultiCategory security policy # mcs = base # Layer: system # Module: miscfiles # # Miscelaneous files. # miscfiles = module # Layer: kernel # Module: mls # Required in base # # Multilevel security policy # mls = base # Layer: services # Module: modemmanager # # Manager for dynamically switching between modems. # modemmanager = module # Layer: system # Module: modutils # # Policy for kernel module utilities # modutils = module # Layer: services # Module: mojomojo # # Wiki server # mojomojo = module # Layer: system # Module: mount # # Policy for mount. # mount = module # Layer: apps # Module: mozilla # # Policy for Mozilla and related web browsers # mozilla = module # Layer: services # Module: ntop # # Policy for ntop # ntop = module # Layer: services # Module: nslcd # # Policy for nslcd # nslcd = module # Layer: apps # Module: mplayer # # Policy for Mozilla and related web browsers # mplayer = module # Layer: apps # Module: gpg # # Policy for Mozilla and related web browsers # gpg = module # Layer: admin # Module: mrtg # # Network traffic graphing # mrtg = module # Layer: services # Module: mta # # Policy common to all email tranfer agents. # mta = module # Layer: services # Module: mysql # # Policy for MySQL # mysql = module # Layer: services # Module: nagios # # policy for nagios Host/service/network monitoring program # nagios = module # Layer: admin # Module: ncftool # # Tool to modify the network configuration of a system # ncftool = module # Layer: admin # Module: netutils # # Network analysis utilities # netutils = module # Layer: services # Module: networkmanager # # Manager for dynamically switching between networks. # networkmanager = module # Layer: services # Module: nis # # Policy for NIS (YP) servers and clients # nis = module # Layer: services # Module: nscd # # Name service cache daemon # nscd = module # Layer: services # Module: ntp # # Network time protocol daemon # ntp = module # Layer: services # Module: nx # # NX Remote Desktop # nx = module # Layer: services # Module: oddjob # # policy for oddjob # oddjob = module # Layer: services # Module: openct # # Service for handling smart card readers. # openct = off # Layer: services # Module: openvpn # # Policy for OPENVPN full-featured SSL VPN solution # openvpn = module # Layer: service # Module: pcscd # # PC/SC Smart Card Daemon # pcscd = module # Layer: service # Module: openct # # Middleware framework for smart card terminals # openct = module # Layer: system # Module: pcmcia # # PCMCIA card management services # pcmcia = module # Layer: services # Module: pegasus # # The Open Group Pegasus CIM/WBEM Server. # pegasus = module # Layer: services # Module: piranha # # piranha - various tools to administer and configure the Linux Virtual Server # piranha = module # Layer: services # Module: postgresql # # PostgreSQL relational database # postgresql = module # Layer: services # Module: portmap # # RPC port mapping service. # portmap = module # Layer: services # Module: postfix # # Postfix email server # postfix = module o# Layer: services # Module: postgrey # # email scanner # postgrey = module # Layer: services # Module: ppp # # Point to Point Protocol daemon creates links in ppp networks # ppp = module # Layer: admin # Module: prelink # # Manage temporary directory sizes and file ages # prelink = module # Layer: services # Module: procmail # # Procmail mail delivery agent # procmail = module # Layer: services # Module: privoxy # # Privacy enhancing web proxy. # privoxy = module # Layer: services # Module: publicfile # # publicfile supplies files to the public through HTTP and FTP # publicfile = module # Layer: apps # Module: pulseaudio # # The PulseAudio Sound System # pulseaudio = module # Layer: services # Module: qmail # # Policy for qmail # qmail = module # Layer: services # Module: qpidd # # Policy for qpidd # qpid = module # Layer: admin # Module: quota # # File system quota management # quota = module # Layer: system # Module: raid # # RAID array management tools # raid = module # Layer: services # Module: radius # # RADIUS authentication and accounting server. # radius = module # Layer: services # Module: radvd # # IPv6 router advertisement daemon # radvd = module # Layer: admin # Module: readahead # # Readahead, read files into page cache for improved performance # readahead = module # Layer: services # Module: rgmanager # # Red Hat Resource Group Manager # rgmanager = module # Layer: services # Module: rhgb # # X windows login display manager # rhgb = module # Layer: services # Module: rdisc # # Network router discovery daemon # rdisc = module # Layer: services # Module: remotelogin # # Policy for rshd, rlogind, and telnetd. # remotelogin = module # Layer: services # Module: ricci # # policy for ricci # ricci = module # Layer: services # Module: rlogin # # Remote login daemon # rlogin = module # Layer: services # Module: roundup # # Roundup Issue Tracking System policy # roundup = module # Layer: services # Module: rpc # # Remote Procedure Call Daemon for managment of network based process communication # rpc = module # Layer: admin # Module: rpm # # Policy for the RPM package manager. # rpm = module # Layer: services # Module: rshd # # Remote shell service. # rshd = module # Layer: services # Module: rsync # # Fast incremental file transfer for synchronization # rsync = module # Layer: services # Module: rtkit # # Real Time Kit Daemon # rtkit = module # Layer: services # Module: rwho # # who is logged in on local machines # rwho = module # Layer: services # Module: sasl # # SASL authentication server # sasl = module # Layer: services # Module: sendmail # # Policy for sendmail. # sendmail = module # Layer: apps # Module: seunshare # # seunshare executable # seunshare = module # Layer: services # Module: samba # # SMB and CIFS client/server programs for UNIX and # name Service Switch daemon for resolving names # from Windows NT servers. # samba = module # Layer: apps # Module: sandbox # # Experimental policy for running apps within a sandbox # sandbox = module # Layer: apps # Module: sambagui # # policy for system-config-samba # sambagui = module # Layer: apps # Module: screen # # GNU terminal multiplexer # screen = module # Layer: kernel # Module: selinux # Required in base # # Policy for kernel security interface, in particular, selinuxfs. # selinux = base # Layer: system # Module: selinuxutil # # Policy for SELinux policy and userland applications. # selinuxutil = module # Layer: system # Module: setrans # Required in base # # Policy for setrans # setrans = module # Layer: services # Module: setroubleshoot # # Policy for the SELinux troubleshooting utility # setroubleshoot = module # Layer: services # Module: slrnpull # # Service for downloading news feeds the slrn newsreader. # slrnpull = off # Layer: apps # Module: slocate # # Update database for mlocate # slocate = module # Layer: services # Module: smartmon # # Smart disk monitoring daemon policy # smartmon = module # Layer: services # Module: snmp # # Simple network management protocol services # snmp = module # Layer: services # Module: spamassassin # # Filter used for removing unsolicited email. # spamassassin = module # Layer: services # Module: squid # # Squid caching http proxy server # squid = module # Layer: services # Module: ssh # # Secure shell client and server policy. # ssh = module # Layer: services # Module: sssd # # System Security Services Daemon # sssd = module # Layer: kernel # Module: storage # # Policy controlling access to storage devices # storage = base # Layer: services # Module: stunnel # # SSL Tunneling Proxy # stunnel = module # Layer: admin # Module: su # # Run shells with substitute user and group # su = module # Layer: admin # Module: sudo # # Execute a command with a substitute user # sudo = module # Layer: system # Module: systemd # # Policy for systemd components # systemd = module # Layer: system # Module: sysnetwork # # Policy for network configuration: ifconfig and dhcp client. # sysnetwork = module # Layer: services # Module: sysstat # # Policy for sysstat. Reports on various system states # sysstat = module # Layer: services # Module: tcpd # # Policy for TCP daemon. # tcpd = module # Layer: services # Module: tcsd # # tcsd - daemon that manages Trusted Computing resources # tcsd = module # Layer: services # Module: tgtd # # Linux Target Framework Daemon. # tgtd = module # Layer: apps # Module: thumb # # Thumbnailer confinement # thumb = module # Layer: system # Module: udev # # Policy for udev. # udev = module # Layer: system # Module: userdomain # # Policy for user domains # userdomain = module # Layer: services # Module: ulogd # # # ulogd = module # Layer: apps # Module: wine # # wine executable # wine = module # Layer: apps # Module: wireshark # # wireshark executable # wireshark = module # Layer: apps # Module: userhelper # # A helper interface to pam. # userhelper = module # Layer: services # Module: tor # # TOR, the onion router # tor = module # Layer: apps # Module: tvtime # # tvtime - a high quality television application # tvtime = module # Layer: apps # Module: uml # # Policy for UML # uml = module # Layer: admin # Module: usbmodules # # List kernel modules of USB devices # usbmodules = module # Layer: apps # Module: usernetctl # # User network interface configuration helper # usernetctl = module # Layer: system # Module: xen # # virtualization software # xen = module # Layer: services # Module: virt # # Virtualization libraries # virt = module # Layer: system # Module: brctl # # Utilities for configuring the linux ethernet bridge # brctl = module # Layer: services # Module: telnet # # Telnet daemon # telnet = module # Layer: services # Module: timidity # # MIDI to WAV converter and player configured as a service # timidity = off # Layer: services # Module: tftp # # Trivial file transfer protocol daemon # tftp = module # Layer: services # Module: tuned # # Dynamic adaptive system tuning daemon # tuned = module # Layer: services # Module: uucp # # Unix to Unix Copy # uucp = module # Layer: services # Module: vbetool # # run real-mode video BIOS code to alter hardware state # vbetool = module # Layer: apps # Module: webalizer # # Web server log analysis # webalizer = module # Layer: services # Module: xfs # # X Windows Font Server # xfs = module # Layer: services # Module: xserver # # X windows login display manager # xserver = module # Layer: services # Module: zebra # # Zebra border gateway protocol network routing service # zebra = module # Layer: admin # Module: usermanage # # Policy for managing user accounts. # usermanage = module # Layer: admin # Module: updfstab # # Red Hat utility to change /etc/fstab. # updfstab = module # Layer: admin # Module: vpn # # Virtual Private Networking client # vpn = module # Layer: admin # Module: vbetool # # run real-mode video BIOS code to alter hardware state # vbetool = module # Layer: kernel # Module: terminal # Required in base # # Policy for terminals. # terminal = base # Layer: admin # Module: tmpreaper # # Manage temporary directory sizes and file ages # tmpreaper = module # Layer: admin # Module: amtu # # Abstract Machine Test Utility (AMTU) # amtu = module # Layer: services # Module: zabbix # # Open-source monitoring solution for your IT infrastructure # zabbix = module # Layer: services # Module: apcupsd # # daemon for most APC’s UPS for Linux # apcupsd = module # Layer: services # Module: aide # # Policy for aide # aide = module # Layer: services # Module: w3c # # w3c # w3c = module # Layer: services # Module: portreserve # # reserve ports to prevent portmap mapping them # portreserve = module # Layer: services # Module: rpcbind # # universal addresses to RPC program number mapper # rpcbind = module # Layer: apps # Module: telepathy # # telepathy - Policy for Telepathy framework # telepathy = module # Layer: apps # Module: vmware # # VMWare Workstation virtual machines # vmware = module # Layer: role # Module: dbadm # # Minimally prived root role for managing databases # dbadm = module # Layer: role # Module: logadm # # Minimally prived root role for managing logging system # logadm = module # Layer: role # Module: webadm # # Minimally prived root role for managing apache # webadm = module # # Layer: services # Module: exim # # exim mail server # exim = module # Layer: services # Module: kismet # # Wireless sniffing and monitoring # kismet = module # Layer: services # Module: munin # # Munin # munin = module # Layer: services # Module: bitlbee # # An IRC to other chat networks gateway # bitlbee = module # Layer: admin # Module: sosreport # # sosreport debuggin information generator # sosreport = module # Layer: services # Module: soundserver # # sound server for network audio server programs, nasd, yiff, etc # soundserver = module # Layer:role # Module: staff # # admin account # staff = module # Layer:role # Module: sysadm # # System Administrator # sysadm = module # Layer: role # Module: unprivuser # # Minimally privs guest account on tty logins # unprivuser = module # Layer: services # Module: prelude # prelude = module # Layer: services # Module: pads # pads = module # Layer: apps # Module: podsleuth # # Podsleuth probes, identifies, and exposes properties and metadata bound to iPods. # podsleuth = module # Layer: role # Module: logadm # # logadm account on tty logins # logadm = module # Layer: role # Module: secadm # # secadm account on tty logins # secadm = module # Layer: role # Module: auditadm # # auditadm account on tty logins # auditadm = module # # Layer: role # Module: guest # # Minimally privs guest account on tty logins # guest = module # Layer: role # Module: xguest # # Minimally privs guest account on X Windows logins # xguest = module # Layer: services # Module: cgroup # # Tools and libraries to control and monitor control groups # cgroup = module # Layer: services # Module: courier # # IMAP and POP3 email servers # courier = module # Layer: services # Module: snort # # Snort network intrusion detection system # snort = module # Layer: services # Module: memcached # # high-performance memory object caching system # memcached = module # Layer: system # Module: netlabel # # Basic netlabel types and interfaces. # netlabel = module # Layer: services # Module: zosremote # # policy for z/OS Remote-services Audit dispatcher plugin # zosremote = module # Layer: services # Module: pingd # # pingd = module # Layer: services # Module: milter # # # milter = module # Layer: apps # Module: wm # # X windows window manager # wm = module # Layer: services # Module: aisexec # # RHCS - Red Hat Cluster Suite # aisexec = module # Layer: services # Module: rgmanager # # rgmanager # rgmanager = module # Layer: services # Module: clogd # # clogd - clustered mirror log server # clogd = module # Layer: services # Module: cmirrord # # cmirrord - daemon providing device-mapper-base mirrors in a shared-storege cluster # cmirrord = module # Layer: services # Module: ricci # # policy for ricci # ricci = module # Layer: services # Module: rhcs # # RHCS - Red Hat Cluster Suite # rhcs = module # Layer: admin # Module: shorewall # # Policy for shorewall # shorewall = module # Layer: admin # Module: shutdown # # Policy for shutdown # shutdown = module # Layer: kernel # Module: unlabelednet # # The unlabelednet module. # unlabelednet = module # Layer: apps # Module: namespace # # policy for namespace.init script # namespace = module # Layer: services # Module: polipo # # polipo # polipo = module