Layer: system

Module: corecommands

Description:

Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin.

This module is required to be included in all policies.

Interfaces:

corecmd_bin_domtrans( domain , target_domain )
Summary

Execute a file in a bin directory in the specified domain.

Description

Execute a file in a bin directory in the specified domain. This allows the specified domain to execute any file on these filesystems in the specified domain. This is not suggested.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

This interface was added to handle the ssh-agent policy.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
target_domain The type of the new process. No
corecmd_dontaudit_getattr_sbin_file( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_exec_bin( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_exec_chroot( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_exec_ls( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_exec_sbin( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_exec_shell( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_getattr_bin_file( domain )
Summary

Get the attributes of files in bin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_getattr_sbin_file( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_list_bin( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_list_sbin( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_read_bin_file( domain )
Summary

Read files in bin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_bin_pipe( domain )
Summary

Read pipes in bin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_bin_socket( domain )
Summary

Read named sockets in bin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_bin_symlink( domain )
Summary

Read symbolic links in bin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_sbin_file( domain )
Summary

Read files in sbin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_sbin_pipe( domain )
Summary

Read named pipes in sbin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_sbin_socket( domain )
Summary

Read named sockets in sbin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_read_sbin_symlink( domain )
Summary

Read symbolic links in sbin directories.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
corecmd_sbin_domtrans( domain , target_domain )
Summary

Execute a file in a sbin directory in the specified domain.

Description

Execute a file in a sbin directory in the specified domain. This allows the specified domain to execute any file on these filesystems in the specified domain. This is not suggested.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

This interface was added to handle the ssh-agent policy.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
target_domain The type of the new process. No
corecmd_search_bin( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_search_sbin( ? )
Summary

Summary is missing!

Parameters
Parameter:Description:Optional:
? Parameter descriptions are missing! No
corecmd_shell_domtrans( domain , target_domain )
Summary

Execute a shell in the specified domain.

Description

Execute a shell in the specified domain.

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
target_domain The type of the shell process. No
corecmd_shell_entry_type( domain )
Summary

Make the shell an entrypoint for the specified domain.

Parameters
Parameter:Description:Optional:
domain The domain for which the shell is an entrypoint. No
corecmd_shell_spec_domtrans( domain , target_domain )
Summary

Execute a shell in the target domain. This is an explicit transition, requiring the caller to use setexeccon().

Description

Execute a shell in the target domain. This is an explicit transition, requiring the caller to use setexeccon().

No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.

Parameters
Parameter:Description:Optional:
domain The type of the process performing this action. No
target_domain The type of the shell process. No
Return