selinux-policy/modules-targeted.conf
Dan Walsh f1bc73d0ef Allow logrotate setuid and setgid since logrotate is supposed to do it
Fixes for thumb policy by grift
Add new nfsd ports
Added fix to allow confined apps to execmod on chrome
Add labeling for additional vdsm directories
Allow Exim and Dovecot SASL
Add label for /var/run/nmbd
Add fixes to make virsh and xen working together
Colord executes ls
/var/spool/cron  is now labeled as user_cron_spool_t
2011-10-04 10:50:39 -04:00

2470 lines
33 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#
# This file contains a listing of available modules.
# To prevent a module from being used in policy
# creation, set the module name to "off".
#
# For monolithic policies, modules set to "base" and "module"
# will be built into the policy.
#
# For modular policies, modules set to "base" will be
# included in the base module. "module" will be compiled
# as individual loadable modules.
#
# Layer: services
# Module: accountsd
#
# An application to view and modify user accounts information
#
accountsd = module
# Layer: admin
# Module: acct
#
# Berkeley process accounting
#
acct = module
# Layer: services
# Module: ajaxterm
#
# Web Based Terminal
#
ajaxterm = module
# Layer: admin
# Module: alsa
#
# Ainit ALSA configuration tool
#
alsa = module
# Layer: apps
# Module: ada
#
# ada executable
#
ada = module
# Layer: services
# Module: callweaver
#
# callweaver telephony sever
#
callweaver = module
# Layer: services
# Module: cachefilesd
#
# CacheFiles userspace management daemon
#
cachefilesd = module
# Layer: services
# Module: collectd
#
# Statistics collection daemon for filling RRD files
#
collectd = module
# Layer: services
# Module: colord
#
# color device daemon
#
colord = module
# Layer: apps
# Module: cpufreqselector
#
# cpufreqselector executable
#
cpufreqselector = module
# Layer: apps
# Module: chrome
#
# chrome sandbox
#
chrome = module
# Layer: module
# Module: awstats
#
# awstats executable
#
awstats = module
# Layer: services
# Module: abrt
#
# Automatic bug detection and reporting tool
#
abrt = module
# Layer: services
# Module: aiccu
#
# SixXS Automatic IPv6 Connectivity Client Utility
#
aiccu = module
# Layer: admin
# Module: amanda
#
# Automated backup program.
#
amanda = module
# Layer: services
# Module: afs
#
# Andrew Filesystem server
#
afs = module
# Layer: services
# Module: amavis
#
# Anti-virus
#
amavis = module
# Layer: admin
# Module: anaconda
#
# Policy for the Anaconda installer.
#
anaconda = module
# Layer: services
# Module: apache
#
# Apache web server
#
apache = module
# Layer: services
# Module: apm
#
# Advanced power management daemon
#
apm = module
# Layer: system
# Module: application
# Required in base
#
# Defines attributs and interfaces for all user applications
#
application = module
# Layer: services
# Module: arpwatch
#
# Ethernet activity monitor.
#
arpwatch = module
# Layer: services
# Module: audioentropy
#
# Generate entropy from audio input
#
audioentropy = module
# Layer: system
# Module: authlogin
#
# Common policy for authentication and user login.
#
authlogin = module
# Layer: services
# Module: asterisk
#
# Asterisk IP telephony server
#
asterisk = module
# Layer: services
# Module: automount
#
# Filesystem automounter service.
#
automount = module
# Layer: services
# Module: avahi
#
# mDNS/DNS-SD daemon implementing Apple ZeroConf architecture
#
avahi = module
# Layer: services
# Module: boinc
#
# Berkeley Open Infrastructure for Network Computing
#
boinc = module
# Layer: services
# Module: bind
#
# Berkeley internet name domain DNS server.
#
bind = module
# Layer: services
# Module: bugzilla
#
# Bugzilla server
#
bugzilla = module
# Layer: services
# Module: dirsrv
#
# An 309 directory server
#
dirsrv = module
# Layer: services
# Module: dirsrv-admin
#
# An 309 directory admin server
#
dirsrv-admin = module
# Layer: services
# Module: dnsmasq
#
# A lightweight DHCP and caching DNS server.
#
dnsmasq = module
# Layer: services
# Module: bluetooth
#
# Bluetooth tools and system services.
#
bluetooth = module
# Layer: kernel
# Module: ubac
#
#
#
ubac = base
#
# Layer: kernel
# Module: bootloader
#
# Policy for the kernel modules, kernel image, and bootloader.
#
bootloader = module
# Layer: services
# Module: canna
#
# Canna - kana-kanji conversion server
#
canna = module
# Layer: services
# Module: ccs
#
# policy for ccs
#
ccs = module
# Layer: apps
# Module: calamaris
#
#
# Squid log analysis
#
calamaris = module
# Layer: apps
# Module: cdrecord
#
# Policy for cdrecord
#
cdrecord = module
# Layer: admin
# Module: certwatch
#
# Digital Certificate Tracking
#
certwatch = module
# Layer: admin
# Module: certmaster
#
# Digital Certificate master
#
certmaster = module
# Layer: services
# Module: certmonger
#
# Certificate status monitor and PKI enrollment client
#
certmonger = module
# Layer: services
# Module: cipe
#
# Encrypted tunnel daemon
#
cipe = module
# Layer: services
# Module: chronyd
#
# Daemon for maintaining clock time
#
chronyd = module
# Layer: services
# Module: cobbler
#
# cobbler
#
cobbler = module
# Layer: services
# Module: comsat
#
# Comsat, a biff server.
#
comsat = module
# Layer: services
# Module: corosync
#
# Corosync Cluster Engine Executive
#
corosync = module
# Layer: services
# Module: clamav
#
# ClamAV Virus Scanner
#
clamav = module
# Layer: system
# Module: clock
#
# Policy for reading and setting the hardware clock.
#
clock = module
# Layer: services
# Module: consolekit
#
# ConsoleKit is a system daemon for tracking what users are logged
#
consolekit = module
# Layer: admin
# Module: consoletype
#
# Determine of the console connected to the controlling terminal.
#
consoletype = module
# Layer: kernel
# Module: corecommands
# Required in base
#
# Core policy for shells, and generic programs
# in /bin, /sbin, /usr/bin, and /usr/sbin.
#
corecommands = base
# Layer: kernel
# Module: corenetwork
# Required in base
#
# Policy controlling access to network objects
#
corenetwork = base
# Layer: services
# Module: cpucontrol
#
# Services for loading CPU microcode and CPU frequency scaling.
#
cpucontrol = module
# Layer: services
# Module: cron
#
# Periodic execution of scheduled commands.
#
cron = module
# Layer: services
# Module: ctdbd
#
# Cluster Daemon
#
ctdbd = module
# Layer: services
# Module: cups
#
# Common UNIX printing system
#
cups = module
# Layer: services
# Module: cvs
#
# Concurrent versions system
#
cvs = module
# Layer: services
# Module: cyphesis
#
# cyphesis game server
#
cyphesis = module
# Layer: services
# Module: cyrus
#
# Cyrus is an IMAP service intended to be run on sealed servers
#
cyrus = module
# Layer: system
# Module: daemontools
#
# Collection of tools for managing UNIX services
#
daemontools = module
# Layer: services
# Module: dbskk
#
# Dictionary server for the SKK Japanese input method system.
#
dbskk = module
# Layer: services
# Module: dbus
#
# Desktop messaging bus
#
dbus = module
# Layer: services
# Module: dcc
#
# A distributed, collaborative, spam detection and filtering network.
#
dcc = module
# Layer: admin
# Module: ddcprobe
#
# ddcprobe retrieves monitor and graphics card information
#
ddcprobe = off
# Layer: services
# Module: devicekit
#
# devicekit-daemon
#
devicekit = module
# Layer: kernel
# Module: devices
# Required in base
#
# Device nodes and interfaces for many basic system devices.
#
devices = base
# Layer: services
# Module: dhcp
#
# Dynamic host configuration protocol (DHCP) server
#
dhcp = module
# Layer: services
# Module: dictd
#
# Dictionary daemon
#
dictd = module
# Layer: services
# Module: distcc
#
# Distributed compiler daemon
#
distcc = off
# Layer: admin
# Module: dmesg
#
# Policy for dmesg.
#
dmesg = module
# Layer: admin
# Module: dmidecode
#
# Decode DMI data for x86/ia64 bioses.
#
dmidecode = module
# Layer: kernel
# Module: domain
# Required in base
#
# Core policy for domains.
#
domain = base
# Layer: services
# Module: drbd
#
# DRBD mirrors a block device over the network to another machine.
#
drbd = module
# Layer: services
# Module: ddclient
#
# Update dynamic IP address at DynDNS.org
#
ddclient = module
# Layer: services
# Module: dovecot
#
# Dovecot POP and IMAP mail server
#
dovecot = module
# Layer: apps
# Module: gitosis
#
# Policy for gitosis
#
gitosis = module
# Layer: services
# Module: glance
#
# Policy for glance
#
glance = module
# Layer: apps
# Module: gpg
#
# Policy for GNU Privacy Guard and related programs.
#
gpg = module
# Layer: services
# Module: gpsd
#
# gpsd monitor daemon
#
#
gpsd = module
# Layer: services
# Module: git
#
# Policy for the stupid content tracker
#
git = module
# Layer: services
# Module: gpm
#
# General Purpose Mouse driver
#
gpm = module
# Layer: services
# Module: fail2ban
#
# daiemon that bans IP that makes too many password failures
#
fail2ban = module
# Layer: services
# Module: fetchmail
#
# Remote-mail retrieval and forwarding utility
#
fetchmail = module
# Layer: kernel
# Module: files
# Required in base
#
# Basic filesystem types and interfaces.
#
files = base
# Layer: kernel
# Module: filesystem
# Required in base
#
# Policy for filesystems.
#
filesystem = base
# Layer: services
# Module: finger
#
# Finger user information service.
#
finger = module
# Layer: admin
# Module: firstboot
#
# Final system configuration run during the first boot
# after installation of Red Hat/Fedora systems.
#
firstboot = module
# Layer: apps
# Module: firewallgui
#
# policy for system-config-firewall
#
firewallgui = module
# Layer: services
# Module: fprintd
#
# finger print server
#
fprintd = module
# Layer: system
# Module: fstools
#
# Tools for filesystem management, such as mkfs and fsck.
#
fstools = module
# Layer: services
# Module: ftp
#
# File transfer protocol service
#
ftp = module
# Layer: apps
# Module: games
#
# The Open Group Pegasus CIM/WBEM Server.
#
games = module
# Layer: system
# Module: getty
#
# Policy for getty.
#
getty = module
# Layer: apps
# Module: gnome
#
# gnome session and gconf
#
gnome = module
# Layer: services
# Module: gnomeclock
#
# gnomeclock used by dbus/polkit to set time
#
gnomeclock = module
# Layer: services
# Module: hal
#
# Hardware abstraction layer
#
hal = module
# Layer: services
# Module: hddtemp
#
# hddtemp hard disk temperature tool running as a daemon
#
hddtemp = module
# Layer: services
# Module: passenger
#
# Passenger
#
passenger = module
# Layer: admin
# Module: permissivedomains
#
# Contains all permissivedomains shipped by distribution
#
permissivedomains = module
# Layer: services
# Module: policykit
#
# Hardware abstraction layer
#
policykit = module
# Layer: services
# Module: puppet
#
# A network tool for managing many disparate systems
#
puppet = module
# Layer: apps
# Module: ptchown
#
# helper function for grantpt(3), changes ownship and permissions of pseudotty
#
ptchown = module
# Layer: services
# Module: psad
#
# Analyze iptables log for hostile traffic
#
psad = module
# Layer: system
# Module: hostname
#
# Policy for changing the system host name.
#
hostname = module
# Layer: services
# Module: inetd
#
# Internet services daemon.
#
inetd = module
# Layer: system
# Module: init
#
# System initialization programs (init and init scripts).
#
init = module
# Layer: services
# Module: inn
#
# Internet News NNTP server
#
inn = module
# Layer: system
# Module: iptables
#
# Policy for iptables.
#
iptables = module
# Layer: system
# Module: ipsec
#
# TCP/IP encryption
#
ipsec = module
# Layer: apps
# Module: irc
#
# IRC client policy
#
irc = module
# Layer: services
# Module: irqbalance
#
# IRQ balancing daemon
#
irqbalance = module
# Layer: system
# Module: iscsi
#
# Open-iSCSI daemon
#
iscsi = module
# Layer: services
# Module: icecast
#
# ShoutCast compatible streaming media server
#
icecast = module
# Layer: services
# Module: i18n_input
#
# IIIMF htt server
#
i18n_input = off
# Layer: services
# Module: jabber
#
# Jabber instant messaging server
#
jabber = module
# Layer: apps
# Module: execmem
#
# execmem executable
#
execmem = module
# Layer: admin
# Module: kdump
#
# kdump is kernel crash dumping mechanism
#
kdump = module
# Layer: apps
# Module: kdumpgui
#
# system-config-kdump policy
#
kdumpgui = module
# Layer: services
# Module: ksmtuned
#
# Kernel Samepage Merging (KSM) Tuning Daemon
#
ksmtuned = module
# Layer: services
# Module: kerberos
#
# MIT Kerberos admin and KDC
#
kerberos = module
# Layer: kernel
# Module: kernel
# Required in base
#
# Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
#
kernel = base
# Layer: services
# Module: ktalk
#
# KDE Talk daemon
#
ktalk = module
# Layer: services
# Module: l2ltpd
#
# Layer 2 Tunnelling Protocol Daemon
#
l2tpd = module
# Layer: services
# Module: ldap
#
# OpenLDAP directory server
#
ldap = module
# Layer: services
# Module: likewise
#
# Likewise Active Directory support for UNIX
#
likewise = module
# Layer: system
# Module: libraries
#
# Policy for system libraries.
#
libraries = module
# Layer: apps
# Module: loadkeys
#
# Load keyboard mappings.
#
loadkeys = module
# Layer: system
# Module: locallogin
#
# Policy for local logins.
#
locallogin = module
# Layer: apps
# Module: lockdev
#
# device locking policy for lockdev
#
lockdev = module
# Layer: system
# Module: logging
#
# Policy for the kernel message logger and system logging daemon.
#
logging = module
# Layer: admin
# Module: logrotate
#
# Rotate and archive system logs
#
logrotate = module
# Layer: services
# Module: logwatch
#
# logwatch executable
#
logwatch = module
# Layer: services
# Module: lpd
#
# Line printer daemon
#
lpd = module
# Layer: services
# Module: lircd
#
# LIRC daemon - decodes infrared signals and provides them on a Unix domain socket.
#
lircd = module
# Layer: system
# Module: lvm
#
# Policy for logical volume management programs.
#
lvm = module
# Layer: services
# Module: mailman
#
# Mailman is for managing electronic mail discussion and e-newsletter lists
#
mailman = module
# Layer: services
# Module: mailman
#
# Policy for mailscanner
#
mailscanner = module
# Layer: services
# Module: matahari
#
# Matahari system maangement tools
#
matahari = module
# Layer: admin
# Module: mcelog
#
# Policy for mcelog.
#
mcelog = module
# Layer: kernel
# Module: mcs
# Required in base
#
# MultiCategory security policy
#
mcs = base
# Layer: apps
# Module: mediawiki
#
# mediawiki
#
mediawiki = module
# Layer: system
# Module: miscfiles
#
# Miscelaneous files.
#
miscfiles = module
# Layer: kernel
# Module: mls
# Required in base
#
# Multilevel security policy
#
mls = base
# Layer: services
# Module: mock
#
# Policy for mock rpm builder
#
mock = module
# Layer: services
# Module: mojomojo
#
# Wiki server
#
mojomojo = module
# Layer: system
# Module: modutils
#
# Policy for kernel module utilities
#
modutils = module
# Layer: system
# Module: mount
#
# Policy for mount.
#
mount = module
# Layer: apps
# Module: mozilla
#
# Policy for Mozilla and related web browsers
#
mozilla = module
# Layer: services
# Module: ntop
#
# Policy for ntop
#
ntop = module
# Layer: services
# Module: nslcd
#
# Policy for nslcd
#
nslcd = module
# Layer: apps
# Module: nsplugin
#
# Policy for nspluginwrapper
#
nsplugin = module
# Layer: services
# Module: modemmanager
#
# Manager for dynamically switching between modems.
#
modemmanager = module
# Layer: services
# Module: mpd
#
# mpd - daemon for playing music
#
mpd = module
# Layer: apps
# Module: mplayer
#
# Policy for Mozilla and related web browsers
#
mplayer = module
# Layer: apps
# Module: gpg
#
# Policy for Mozilla and related web browsers
#
gpg = module
# Layer: admin
# Module: mrtg
#
# Network traffic graphing
#
mrtg = module
# Layer: services
# Module: mta
#
# Policy common to all email tranfer agents.
#
mta = module
# Layer: services
# Module: mysql
#
# Policy for MySQL
#
mysql = module
# Layer: services
# Module: nagios
#
# policy for nagios Host/service/network monitoring program
#
nagios = module
# Layer: admin
# Module: ncftool
#
# Tool to modify the network configuration of a system
#
ncftool = module
# Layer: admin
# Module: ncftool
#
# Tool to modify the network configuration of a system
#
ncftool = module
# Layer: admin
# Module: netutils
#
# Network analysis utilities
#
netutils = module
# Layer: services
# Module: networkmanager
#
# Manager for dynamically switching between networks.
#
networkmanager = module
# Layer: services
# Module: nis
#
# Policy for NIS (YP) servers and clients
#
nis = module
# Layer: services
# Module: nscd
#
# Name service cache daemon
#
nscd = module
# Layer: services
# Module: ntp
#
# Network time protocol daemon
#
ntp = module
# Layer: services
# Module: nut
#
# nut - Network UPS Tools
#
nut = module
# Layer: services
# Module: nx
#
# NX Remote Desktop
#
nx = module
# Layer: services
# Module: oddjob
#
# policy for oddjob
#
oddjob = module
# Layer: services
# Module: openct
#
# Service for handling smart card readers.
#
openct = off
# Layer: services
# Module: openvpn
#
# Policy for OPENVPN full-featured SSL VPN solution
#
openvpn = module
# Layer: service
# Module: pcscd
#
# PC/SC Smart Card Daemon
#
pcscd = module
# Layer: service
# Module: openct
#
# Middleware framework for smart card terminals
#
openct = module
# Layer: system
# Module: pcmcia
#
# PCMCIA card management services
#
pcmcia = module
# Layer: services
# Module: pegasus
#
# The Open Group Pegasus CIM/WBEM Server.
#
pegasus = module
# Layer: services
# Module: piranha
#
# piranha - various tools to administer and configure the Linux Virtual Server
#
piranha = module
# Layer: services
# Module: postgresql
#
# PostgreSQL relational database
#
postgresql = module
# Layer: services
# Module: portmap
#
# RPC port mapping service.
#
portmap = module
# Layer: services
# Module: postfix
#
# Postfix email server
#
postfix = module
# Layer: services
# Module: postgrey
#
# email scanner
#
postgrey = module
# Layer: services
# Module: ppp
#
# Point to Point Protocol daemon creates links in ppp networks
#
ppp = module
# Layer: admin
# Module: prelink
#
# Manage temporary directory sizes and file ages
#
prelink = module
# Layer: services
# Module: procmail
#
# Procmail mail delivery agent
#
procmail = module
# Layer: services
# Module: privoxy
#
# Privacy enhancing web proxy.
#
privoxy = module
# Layer: services
# Module: publicfile
#
# publicfile supplies files to the public through HTTP and FTP
#
publicfile = module
# Layer: apps
# Module: pulseaudio
#
# The PulseAudio Sound System
#
pulseaudio = module
# Layer: services
# Module: pyzor
#
# Spam Blocker
#
pyzor = module
# Layer: services
# Module: qmail
#
# Policy for qmail
#
qmail = module
# Layer: services
# Module: qpidd
#
# Policy for qpidd
#
qpid = module
# Layer: admin
# Module: quota
#
# File system quota management
#
quota = module
# Layer: system
# Module: raid
#
# RAID array management tools
#
raid = module
# Layer: services
# Module: radius
#
# RADIUS authentication and accounting server.
#
radius = module
# Layer: services
# Module: radvd
#
# IPv6 router advertisement daemon
#
radvd = module
# Layer: services
# Module: razor
#
# A distributed, collaborative, spam detection and filtering network.
#
razor = module
# Layer: admin
# Module: readahead
#
# Readahead, read files into page cache for improved performance
#
readahead = module
# Layer: services
# Module: rgmanager
#
# Red Hat Resource Group Manager
#
rgmanager = module
# Layer: services
# Module: rhcs
#
# RHCS - Red Hat Cluster Suite
#
rhcs = module
# Layer: services
# Module: aisexec
#
# RHCS - Red Hat Cluster Suite
#
aisexec = module
# Layer: services
# Module: rgmanager
#
# rgmanager
#
rgmanager = module
# Layer: services
# Module: clogd
#
# clogd - clustered mirror log server
#
clogd = module
# Layer: services
# Module: cmirrord
#
# cmirrord - daemon providing device-mapper-base mirrors in a shared-storege cluster
#
cmirrord = module
# Layer: services
# Module: rhgb
#
# X windows login display manager
#
rhgb = module
# Layer: services
# Module: rdisc
#
# Network router discovery daemon
#
rdisc = module
# Layer: services
# Module: remotelogin
#
# Policy for rshd, rlogind, and telnetd.
#
remotelogin = module
# Layer: services
# Module: ricci
#
# policy for ricci
#
ricci = module
# Layer: services
# Module: rlogin
#
# Remote login daemon
#
rlogin = module
# Layer: services
# Module: roundup
#
# Roundup Issue Tracking System policy
#
roundup = module
# Layer: services
# Module: rpc
#
# Remote Procedure Call Daemon for managment of network based process communication
#
rpc = module
# Layer: admin
# Module: rpm
#
# Policy for the RPM package manager.
#
rpm = module
# Layer: services
# Module: rshd
#
# Remote shell service.
#
rshd = module
# Layer: services
# Module: rsync
#
# Fast incremental file transfer for synchronization
#
rsync = module
# Layer: services
# Module: rtkit
#
# Real Time Kit Daemon
#
rtkit = module
# Layer: services
# Module: rwho
#
# who is logged in on local machines
#
rwho = module
# Layer: services
# Module: samba
#
# SMB and CIFS client/server programs for UNIX and
# name Service Switch daemon for resolving names
# from Windows NT servers.
#
samba = module
# Layer: apps
# Module: sambagui
#
# policy for system-config-samba
#
sambagui = module
# Layer: apps
# Module: sandbox
#
# Experimental policy for running apps within a sandbox
#
sandbox = module
# Layer: services
# Module: sanlock
#
# sanlock policy
#
sanlock = module
# Layer: services
# Module: sasl
#
# SASL authentication server
#
sasl = module
# Layer: apps
# Module: screen
#
# GNU terminal multiplexer
#
screen = module
# Layer: kernel
# Module: selinux
# Required in base
#
# Policy for kernel security interface, in particular, selinuxfs.
#
selinux = base
# Layer: system
# Module: selinuxutil
#
# Policy for SELinux policy and userland applications.
#
selinuxutil = module
# Layer: services
# Module: sendmail
#
# Policy for sendmail.
#
sendmail = module
# Layer: apps
# Module: seunshare
#
# seunshare executable
#
seunshare = module
# Layer: admin
# Module: shorewall
#
# Policy for shorewall
#
shorewall = module
# Layer: admin
# Module: shutdown
#
# Policy for shutdown
#
shutdown = module
# Layer: admin
# Module: sectoolm
#
# Policy for sectool-mechanism
#
sectoolm = module
# Layer: system
# Module: setrans
# Required in base
#
# Policy for setrans
#
setrans = module
# Layer: services
# Module: setroubleshoot
#
# Policy for the SELinux troubleshooting utility
#
setroubleshoot = module
# Layer: services
# Module: slrnpull
#
# Service for downloading news feeds the slrn newsreader.
#
slrnpull = off
# Layer: apps
# Module: slocate
#
# Update database for mlocate
#
slocate = module
# Layer: services
# Module: smartmon
#
# Smart disk monitoring daemon policy
#
smartmon = module
# Layer: services
# Module: smokeping
#
# Latency Logging and Graphing System
#
smokeping = module
# Layer: admin
# Module: smoltclient
#
#The Fedora hardware profiler client
#
smoltclient = module
# Layer: services
# Module: snmp
#
# Simple network management protocol services
#
snmp = module
# Layer: services
# Module: spamassassin
#
# Filter used for removing unsolicited email.
#
spamassassin = module
# Layer: services
# Module: squid
#
# Squid caching http proxy server
#
squid = module
# Layer: services
# Module: ssh
#
# Secure shell client and server policy.
#
ssh = module
# Layer: services
# Module: sssd
#
# System Security Services Daemon
#
sssd = module
# Layer: kernel
# Module: storage
#
# Policy controlling access to storage devices
#
storage = base
# Layer: services
# Module: stunnel
#
# SSL Tunneling Proxy
#
stunnel = module
# Layer: admin
# Module: su
#
# Run shells with substitute user and group
#
su = module
# Layer: admin
# Module: sudo
#
# Execute a command with a substitute user
#
sudo = module
# Layer: system
# Module: systemd
#
# Policy for systemd components
#
systemd = module
# Layer: system
# Module: sysnetwork
#
# Policy for network configuration: ifconfig and dhcp client.
#
sysnetwork = module
# Layer: services
# Module: sysstat
#
# Policy for sysstat. Reports on various system states
#
sysstat = module
# Layer: services
# Module: tcpd
#
# Policy for TCP daemon.
#
tcpd = module
# Layer: services
# Module: tcsd
#
# tcsd - daemon that manages Trusted Computing resources
#
tcsd = module
# Layer: services
# Module: tgtd
#
# Linux Target Framework Daemon.
#
tgtd = module
# Layer: apps
# Module: thumb
#
# Thumbnailer confinement
#
thumb = module
# Layer: system
# Module: udev
#
# Policy for udev.
#
udev = module
# Layer: services
# Module: usbmuxd
#
# Daemon for communicating with Apple's iPod Touch and iPhone
#
usbmuxd = module
# Layer: system
# Module: userdomain
#
# Policy for user domains
#
userdomain = module
# Layer: system
# Module: unconfined
#
# The unconfined domain.
#
unconfined = module
# Layer: kernel
# Module: unconfined
#
# The unlabelednet module.
#
unlabelednet = module
# Layer: services
# Module: ulogd
#
# netfilter/iptables ULOG daemon
#
ulogd = module
# Layer: services
# Module: vdagent
#
# vdagent
#
vdagent = module
# Layer: services
# Module: vhostmd
#
# vhostmd - spice guest agent daemon.
#
vhostmd = module
# Layer: apps
# Module: vhostmd
#
# vlock - Virtual Console lock program
#
vlock = module
# Layer: services
# Module: wdmd
#
# wdmd policy
#
wdmd = module
# Layer: apps
# Module: wine
#
# wine executable
#
wine = module
# Layer: apps
# Module: wireshark
#
# wireshark executable
#
wireshark = module
# Layer: apps
# Module: telepathy
#
# telepathy - Policy for Telepathy framework
#
telepathy = module
# Layer: admin
# Module: tzdata
#
# Policy for tzdata-update
#
tzdata = module
# Layer: apps
# Module: userhelper
#
# A helper interface to pam.
#
userhelper = module
# Layer: services
# Module: tor
#
# TOR, the onion router
#
tor = module
# Layer: apps
# Module: tvtime
#
# tvtime - a high quality television application
#
tvtime = module
# Layer: apps
# Module: uml
#
# Policy for UML
#
uml = module
# Layer: admin
# Module: usbmodules
#
# List kernel modules of USB devices
#
usbmodules = module
# Layer: apps
# Module: usernetctl
#
# User network interface configuration helper
#
usernetctl = module
# Layer: system
# Module: xen
#
# virtualization software
#
xen = module
# Layer: services
# Module: varnishd
#
# Varnishd http accelerator daemon
#
varnishd = module
# Layer: services
# Module: virt
#
# Virtualization libraries
#
virt = module
# Layer: services
# Module: vnstatd
#
# Network traffic Monitor
#
vnstatd = module
# Layer: apps
# Module: qemu
#
# Virtualization emulator
#
qemu = module
# Layer: system
# Module: brctl
#
# Utilities for configuring the linux ethernet bridge
#
brctl = module
# Layer: services
# Module: telnet
#
# Telnet daemon
#
telnet = module
# Layer: services
# Module: timidity
#
# MIDI to WAV converter and player configured as a service
#
timidity = off
# Layer: services
# Module: tftp
#
# Trivial file transfer protocol daemon
#
tftp = module
# Layer: services
# Module: tuned
#
# Dynamic adaptive system tuning daemon
#
tuned = module
# Layer: services
# Module: uucp
#
# Unix to Unix Copy
#
uucp = module
# Layer: services
# Module: uuidd
#
# UUID generation daemon
#
uuidd = module
# Layer: services
# Module: vbetool
#
# run real-mode video BIOS code to alter hardware state
#
vbetool = module
# Layer: apps
# Module: webalizer
#
# Web server log analysis
#
webalizer = module
# Layer: services
# Module: xfs
#
# X Windows Font Server
#
xfs = module
# Layer: services
# Module: xserver
#
# X windows login display manager
#
xserver = module
# Layer: services
# Module: zarafa
#
# Zarafa Collaboration Platform
#
zarafa = module
# Layer: services
# Module: zebra
#
# Zebra border gateway protocol network routing service
#
zebra = module
# Layer: admin
# Module: usermanage
#
# Policy for managing user accounts.
#
usermanage = module
# Layer: admin
# Module: updfstab
#
# Red Hat utility to change /etc/fstab.
#
updfstab = module
# Layer: admin
# Module: vpn
#
# Virtual Private Networking client
#
vpn = module
# Layer: admin
# Module: vbetool
#
# run real-mode video BIOS code to alter hardware state
#
vbetool = module
# Layer: kernel
# Module: terminal
# Required in base
#
# Policy for terminals.
#
terminal = base
# Layer: admin
# Module: tmpreaper
#
# Manage temporary directory sizes and file ages
#
tmpreaper = module
# Layer: admin
# Module: amtu
#
# Abstract Machine Test Utility (AMTU)
#
amtu = module
# Layer: services
# Module: zabbix
#
# Open-source monitoring solution for your IT infrastructure
#
zabbix = module
# Layer: services
# Module: apcupsd
#
# daemon for most APCs UPS for Linux
#
apcupsd = module
# Layer: services
# Module: aide
#
# Policy for aide
#
aide = module
# Layer: services
# Module: w3c
#
# w3c
#
w3c = module
# Layer: services
# Module: plymouthd
#
# Plymouth
#
plymouthd = module
# Layer: services
# Module: portreserve
#
# reserve ports to prevent portmap mapping them
#
portreserve = module
# Layer: services
# Module: rpcbind
#
# universal addresses to RPC program number mapper
#
rpcbind = module
# Layer: apps
# Module: rssh
#
# Restricted (scp/sftp) only shell
#
rssh = module
# Layer: apps
# Module: vmware
#
# VMWare Workstation virtual machines
#
vmware = module
# Layer: role
# Module: dbadm
#
# Minimally prived root role for managing databases
#
dbadm = module
# Layer: role
# Module: logadm
#
# Minimally prived root role for managing logging system
#
logadm = module
# Layer: role
# Module: webadm
#
# Minimally prived root role for managing apache
#
webadm = module
#
# Layer: services
# Module: exim
#
# exim mail server
#
exim = module
# Layer: services
# Module: kismet
#
# Wireless sniffing and monitoring
#
kismet = module
# Layer: services
# Module: munin
#
# Munin
#
munin = module
# Layer: services
# Module: bitlbee
#
# An IRC to other chat networks gateway
#
bitlbee = module
# Layer: admin
# Module: sosreport
#
# sosreport debuggin information generator
#
sosreport = module
# Layer: services
# Module: soundserver
#
# sound server for network audio server programs, nasd, yiff, etc</summary>
#
soundserver = module
# Layer: role
# Module: unconfineduser
#
# The unconfined user domain.
#
unconfineduser = module
# Module: staff
#
# admin account
#
staff = module
# Layer:role
# Module: sysadm
#
# System Administrator
#
sysadm = module
# Layer: role
# Module: unprivuser
#
# Minimally privs guest account on tty logins
#
unprivuser = module
# Layer: services
# Module: prelude
#
prelude = module
# Layer: services
# Module: pads
#
pads = module
# Layer: services
# Module: kerneloops
#
# program to collect and submit kernel oopses to kerneloops.org
#
kerneloops = module
# Layer: apps
# Module: openoffice
#
# openoffice executable
#
openoffice = module
# Layer: apps
# Module: podsleuth
#
# Podsleuth probes, identifies, and exposes properties and metadata bound to iPods.
#
podsleuth = module
# Layer: role
# Module: guest
#
# Minimally privs guest account on tty logins
#
guest = module
# Layer: role
# Module: xguest
#
# Minimally privs guest account on X Windows logins
#
xguest = module
# Layer: services
# Module: cgroup
#
# Tools and libraries to control and monitor control groups
#
cgroup = module
# Layer: services
# Module: courier
#
# IMAP and POP3 email servers
#
courier = module
# Layer: services
# Module: denyhosts
#
# script to help thwart ssh server attacks
#
denyhosts = module
# Layer: apps
# Module: livecd
#
# livecd creator
#
livecd = module
# Layer: services
# Module: snort
#
# Snort network intrusion detection system
#
snort = module
# Layer: services
# Module: memcached
#
# high-performance memory object caching system
#
memcached = module
# Layer: system
# Module: netlabel
#
# Basic netlabel types and interfaces.
#
netlabel = module
# Layer: services
# Module: zosremote
#
# policy for z/OS Remote-services Audit dispatcher plugin</summary>
#
zosremote = module
# Layer: services
# Module: pingd
#
#
pingd = module
# Layer: services
# Module: milter
#
#
#
milter = module
# Layer: services
# Module: keyboardd
#
# system-setup-keyboard is a keyboard layout daemon that monitors
# /etc/sysconfig/keyboard and writes out an xorg.conf.d snippet
#
keyboardd = module
# Layer: services
# Module: firewalld
#
# firewalld is firewall service daemon that provides dynamic customizable
#
firewalld = module
# Layer: apps
# Module: namespace
#
# policy for namespace.init script
#
namespace = module
# Layer: services
# Module: rhev
#
# rhev policy module contains policies for rhev apps
#
rhev = module
# Layer: services
# Module: dspam
#
# dspam - library and Mail Delivery Agent for Bayesian SPAM filtering
#
dspam = module
# Layer: services
# Module: lldpad
#
# lldpad - Link Layer Discovery Protocol (LLDP) agent daemon
#
lldpad = module
# Layer: services
# Module: rhsmcertd
#
# Subscription Management Certificate Daemon policy
#
rhsmcertd = module
# Layer: services
# Module: ctdbd
#
# ctdbd - The CTDB cluster daemon
#
ctdbd = module
# Layer: services
# Module: fcoemon
#
# fcoemon
#
fcoemon = module
# Layer: services
# Module: sblim
#
# sblim
#
sblim = module
# Layer: services
# Module: cfengine
#
# cfengine
#
cfengine = module
# Layer: services
# Module: polipo
#
# polipo
#
polipo = module