X Windows Server
Create a named socket in a XDM temporary directory.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
Do not audit attempts to write the X server log files.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain to not audit | No |
Execute the X server in the XDM X server domain.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
Do not audit attempts to write the X server log files.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain to not audit | No |
Read XDM pid files.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
Read xdm-writable configuration files.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
Set the attributes of XDM temporary directories.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
Connect to XDM over a unix domain stream socket.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
Make an X session script an entrypoint for the specified domain.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
The domain for which the shell is an entrypoint. | No |
Execute an X session in the target domain. This is an explicit transition, requiring the caller to use setexeccon().
Execute an Xsession in the target domain. This is an explicit transition, requiring the caller to use setexeccon().
No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.
| Parameter: | Description: | Optional: |
|---|---|---|
| domain |
Domain allowed access. | No |
| target_domain |
The type of the shell process. | No |
Template to create types and rules common to all X server domains.
| Parameter: | Description: | Optional: |
|---|---|---|
| prefix |
The prefix of the domain (e.g., user is the prefix for user_t). | No |
Transition to a user Xauthority domain.
Transition to a user Xauthority domain.
This is a templated interface, and should only be called from a per-userdomain template.
| Parameter: | Description: | Optional: |
|---|---|---|
| userdomain_prefix |
The prefix of the user domain (e.g., user is the prefix for user_t). | No |
| domain |
Domain allowed access. | No |
The per user domain template for the xserver module.
Define a derived domain for the X server when executed by a user domain (e.g. via startx). See the xdm module if using an X Display Manager.
This is invoked automatically for each user and generally does not need to be invoked directly by policy writers.
| Parameter: | Description: | Optional: |
|---|---|---|
| prefix |
The prefix of the user domain (e.g., user is the prefix for user_t). | No |
| user_domain |
The type of the user domain. | No |
| user_role |
The role associated with the user domain. | No |
Template for creating sessions on a prefix X server, with read-only access to the X server shared memory segments.
| Parameter: | Description: | Optional: |
|---|---|---|
| prefix |
The prefix of the domain (e.g., user is the prefix for user_t). | No |
| domain |
Domain allowed access. | No |
| tmpfs_type |
The type of the domain SYSV tmpfs files. | No |
Template for creating sessions on a prefix X server, with read and write access to the X server shared memory segments.
| Parameter: | Description: | Optional: |
|---|---|---|
| prefix |
The prefix of the domain (e.g., user is the prefix for user_t). | No |
| domain |
Domain allowed access. | No |
| tmpfs_type |
The type of the domain SYSV tmpfs files. | No |
Template for creating full client sessions on a user X server.
| Parameter: | Description: | Optional: |
|---|---|---|
| prefix |
The prefix of the domain (e.g., user is the prefix for user_t). | No |
| domain |
Domain allowed access. | No |
| tmpfs_type |
The type of the domain SYSV tmpfs files. | No |