Layer: kernel

Module: selinux

Description:

Policy for kernel security interface, in particular, selinuxfs.

This module is required to be included in all policies.

Interfaces:

selinux_compute_access_vector(
	
		domain
		
	)

Description

Allows caller to compute an access vector.

Parameters

Parameter:	Description:	Optional:
domain	The process type allowed to compute an access vector.	No

selinux_compute_create_context(
	
		domain
		
	)

Description

Parameters

Parameter:	Description:	Optional:
domain		No

selinux_compute_relabel_context(
	
		domain
		
	)

Description

Parameters

Parameter:	Description:	Optional:
domain	The process type to	No

selinux_compute_user_contexts(
	
		domain
		
	)

Description

Allows caller to compute possible contexts for a user.

Parameters

Parameter:	Description:	Optional:
domain	The process type allowed to compute user contexts.	No

selinux_get_enforce_mode(
	
		domain
		
	)

Description

Allows the caller to get the mode of policy enforcement (enforcing or permissive mode).

Parameters

Parameter:	Description:	Optional:
domain	The process type to allow to get the enforcing mode.	No

selinux_get_fs_mount(
	
		domain
		
	)

Description

Gets the caller the mountpoint of the selinuxfs filesystem.

Parameters

Parameter:	Description:	Optional:
domain	The process type requesting the selinuxfs mountpoint.	No

selinux_load_policy(
	
		domain
		
	)

Description

Allow caller to load the policy into the kernel.

Parameters

Parameter:	Description:	Optional:
domain	The process type that will load the policy.	No

selinux_set_boolean(
	
		domain
		
			,
		
			[
		
		booltype
		
			]
		
	)

Description

Allow caller to set the state of Booleans to enable or disable conditional portions of the policy.

Parameters

Parameter:	Description:	Optional:
domain	The process type allowed to set the Boolean.	No
booltype	The type of Booleans the caller is allowed to set.	yes

selinux_set_enforce_mode(
	
		domain
		
	)

Description

Allow caller to set the mode of policy enforcement (enforcing or permissive mode).

Parameters

Parameter:	Description:	Optional:
domain	The process type to allow to set the enforcement mode.	No

selinux_set_parameters(
	
		domain
		
	)

Description

Allow caller to set selinux security parameters.

Parameters

Parameter:	Description:	Optional:
domain	The process type to allow to set security parameters.	No

selinux_unconfined(
	
		domain
		
	)

Description

Unconfined access to the SELinux security server.

Parameters

Parameter:	Description:	Optional:
domain	Domain allowed access.	No

selinux_validate_context(
	
		domain
		
	)

Description

Allows caller to validate security contexts.

Parameters

Parameter:	Description:	Optional:
domain	The process type permitted to validate contexts.	No

Return