ac73ffca09
Remove modules for packages retired from Fedora that are not present in refpolicy sources. There is no need to ship or build them as the associated software is not supported on Fedora nor RHEL (I checked). References: https://src.fedoraproject.org/rpms/Ajaxterm https://src.fedoraproject.org/rpms/authconfig https://docs.fedoraproject.org/en-US/quick-docs/bumblebee/ https://src.fedoraproject.org/rpms/389-admin https://src.fedoraproject.org/rpms/kmscon mip6d - not much info can be found, seems to predate RHEL-7 https://src.fedoraproject.org/rpms/mirrormanager naemon - https://bugzilla.redhat.com/show_bug.cgi?id=1069988 https://src.fedoraproject.org/rpms/piranha pkcs11proxyd - https://src.fedoraproject.org/rpms/caml-crush https://src.fedoraproject.org/rpms/rkt https://src.fedoraproject.org/rpms/rolekit sge - https://src.fedoraproject.org/rpms/gridengine smsd - https://src.fedoraproject.org/rpms/smstools https://src.fedoraproject.org/rpms/timedatex Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Related: RHEL-54303
1953 lines
26 KiB
Plaintext
1953 lines
26 KiB
Plaintext
# Layer: kernel
|
||
# Module: bootloader
|
||
#
|
||
# Policy for the kernel modules, kernel image, and bootloader.
|
||
#
|
||
bootloader = module
|
||
|
||
# Layer: kernel
|
||
# Module: corenetwork
|
||
# Required in base
|
||
#
|
||
# Policy controlling access to network objects
|
||
#
|
||
corenetwork = base
|
||
|
||
# Layer: admin
|
||
# Module: dmesg
|
||
#
|
||
# Policy for dmesg.
|
||
#
|
||
dmesg = module
|
||
|
||
# Layer: admin
|
||
# Module: netutils
|
||
#
|
||
# Network analysis utilities
|
||
#
|
||
netutils = module
|
||
|
||
# Layer: admin
|
||
# Module: sudo
|
||
#
|
||
# Execute a command with a substitute user
|
||
#
|
||
sudo = module
|
||
|
||
# Layer: admin
|
||
# Module: su
|
||
#
|
||
# Run shells with substitute user and group
|
||
#
|
||
su = module
|
||
|
||
# Layer: admin
|
||
# Module: usermanage
|
||
#
|
||
# Policy for managing user accounts.
|
||
#
|
||
usermanage = module
|
||
|
||
# Layer: apps
|
||
# Module: seunshare
|
||
#
|
||
# seunshare executable
|
||
#
|
||
seunshare = module
|
||
|
||
# Layer: kernel
|
||
# Module: corecommands
|
||
# Required in base
|
||
#
|
||
# Core policy for shells, and generic programs
|
||
# in /bin, /sbin, /usr/bin, and /usr/sbin.
|
||
#
|
||
corecommands = base
|
||
|
||
# Module: devices
|
||
# Required in base
|
||
#
|
||
# Device nodes and interfaces for many basic system devices.
|
||
#
|
||
devices = base
|
||
|
||
# Module: domain
|
||
# Required in base
|
||
#
|
||
# Core policy for domains.
|
||
#
|
||
domain = base
|
||
|
||
# Layer: system
|
||
# Module: userdomain
|
||
#
|
||
# Policy for user domains
|
||
#
|
||
userdomain = module
|
||
|
||
# Module: files
|
||
# Required in base
|
||
#
|
||
# Basic filesystem types and interfaces.
|
||
#
|
||
files = base
|
||
|
||
# Module: filesystem
|
||
# Required in base
|
||
#
|
||
# Policy for filesystems.
|
||
#
|
||
filesystem = base
|
||
|
||
# Module: kernel
|
||
# Required in base
|
||
#
|
||
# Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
|
||
#
|
||
kernel = base
|
||
|
||
# Module: mcs
|
||
# Required in base
|
||
#
|
||
# MultiCategory security policy
|
||
#
|
||
mcs = base
|
||
|
||
# Module: mls
|
||
# Required in base
|
||
#
|
||
# Multilevel security policy
|
||
#
|
||
mls = base
|
||
|
||
# Module: selinux
|
||
# Required in base
|
||
#
|
||
# Policy for kernel security interface, in particular, selinuxfs.
|
||
#
|
||
selinux = base
|
||
|
||
# Layer: kernel
|
||
# Module: storage
|
||
#
|
||
# Policy controlling access to storage devices
|
||
#
|
||
storage = base
|
||
|
||
# Module: terminal
|
||
# Required in base
|
||
#
|
||
# Policy for terminals.
|
||
#
|
||
terminal = base
|
||
|
||
# Layer: kernel
|
||
# Module: ubac
|
||
#
|
||
#
|
||
#
|
||
ubac = base
|
||
|
||
# Layer: kernel
|
||
# Module: unlabelednet
|
||
#
|
||
# The unlabelednet module.
|
||
#
|
||
unlabelednet = module
|
||
|
||
# Layer: role
|
||
# Module: auditadm
|
||
#
|
||
# auditadm account on tty logins
|
||
#
|
||
auditadm = module
|
||
|
||
# Layer: role
|
||
# Module: logadm
|
||
#
|
||
# Minimally prived root role for managing logging system
|
||
#
|
||
logadm = module
|
||
|
||
# Layer: role
|
||
# Module: secadm
|
||
#
|
||
# secadm account on tty logins
|
||
#
|
||
secadm = module
|
||
|
||
# Layer:role
|
||
# Module: staff
|
||
#
|
||
# admin account
|
||
#
|
||
staff = module
|
||
|
||
# Layer:role
|
||
# Module: sysadm_secadm
|
||
#
|
||
# System Administrator with Security Admin rules
|
||
#
|
||
sysadm_secadm = module
|
||
|
||
# Layer:role
|
||
# Module: sysadm
|
||
#
|
||
# System Administrator
|
||
#
|
||
sysadm = module
|
||
|
||
# Layer: role
|
||
# Module: unprivuser
|
||
#
|
||
# Minimally privs guest account on tty logins
|
||
#
|
||
unprivuser = module
|
||
|
||
# Layer: services
|
||
# Module: postgresql
|
||
#
|
||
# PostgreSQL relational database
|
||
#
|
||
postgresql = module
|
||
|
||
# Layer: services
|
||
# Module: ssh
|
||
#
|
||
# Secure shell client and server policy.
|
||
#
|
||
ssh = module
|
||
|
||
# Layer: services
|
||
# Module: xserver
|
||
#
|
||
# X windows login display manager
|
||
#
|
||
xserver = module
|
||
|
||
# Module: application
|
||
# Required in base
|
||
#
|
||
# Defines attributs and interfaces for all user applications
|
||
#
|
||
application = module
|
||
|
||
# Layer: system
|
||
# Module: authlogin
|
||
#
|
||
# Common policy for authentication and user login.
|
||
#
|
||
authlogin = module
|
||
|
||
# Layer: system
|
||
# Module: clock
|
||
#
|
||
# Policy for reading and setting the hardware clock.
|
||
#
|
||
clock = module
|
||
|
||
# Layer: system
|
||
# Module: fstools
|
||
#
|
||
# Tools for filesystem management, such as mkfs and fsck.
|
||
#
|
||
fstools = module
|
||
|
||
# Layer: system
|
||
# Module: getty
|
||
#
|
||
# Policy for getty.
|
||
#
|
||
getty = module
|
||
|
||
# Layer: system
|
||
# Module: hostname
|
||
#
|
||
# Policy for changing the system host name.
|
||
#
|
||
hostname = module
|
||
|
||
# Layer: system
|
||
# Module: init
|
||
#
|
||
# System initialization programs (init and init scripts).
|
||
#
|
||
init = module
|
||
|
||
# Layer: system
|
||
# Module: ipsec
|
||
#
|
||
# TCP/IP encryption
|
||
#
|
||
ipsec = module
|
||
|
||
# Layer: system
|
||
# Module: iptables
|
||
#
|
||
# Policy for iptables.
|
||
#
|
||
iptables = module
|
||
|
||
# Layer: system
|
||
# Module: libraries
|
||
#
|
||
# Policy for system libraries.
|
||
#
|
||
libraries = module
|
||
|
||
# Layer: system
|
||
# Module: locallogin
|
||
#
|
||
# Policy for local logins.
|
||
#
|
||
locallogin = module
|
||
|
||
# Layer: system
|
||
# Module: logging
|
||
#
|
||
# Policy for the kernel message logger and system logging daemon.
|
||
#
|
||
logging = module
|
||
|
||
# Layer: system
|
||
# Module: lvm
|
||
#
|
||
# Policy for logical volume management programs.
|
||
#
|
||
lvm = module
|
||
|
||
# Layer: system
|
||
# Module: miscfiles
|
||
#
|
||
# Miscelaneous files.
|
||
#
|
||
miscfiles = module
|
||
|
||
# Layer: system
|
||
# Module: modutils
|
||
#
|
||
# Policy for kernel module utilities
|
||
#
|
||
modutils = module
|
||
|
||
# Layer: system
|
||
# Module: mount
|
||
#
|
||
# Policy for mount.
|
||
#
|
||
mount = module
|
||
|
||
# Layer: system
|
||
# Module: netlabel
|
||
#
|
||
# Basic netlabel types and interfaces.
|
||
#
|
||
netlabel = module
|
||
|
||
# Layer: system
|
||
# Module: selinuxutil
|
||
#
|
||
# Policy for SELinux policy and userland applications.
|
||
#
|
||
selinuxutil = module
|
||
|
||
# Module: setrans
|
||
# Required in base
|
||
#
|
||
# Policy for setrans
|
||
#
|
||
setrans = module
|
||
|
||
# Layer: system
|
||
# Module: sysnetwork
|
||
#
|
||
# Policy for network configuration: ifconfig and dhcp client.
|
||
#
|
||
sysnetwork = module
|
||
|
||
# Layer: system
|
||
# Module: systemd
|
||
#
|
||
# Policy for systemd components
|
||
#
|
||
systemd = module
|
||
|
||
# Layer: system
|
||
# Module: udev
|
||
#
|
||
# Policy for udev.
|
||
#
|
||
udev = module
|
||
# Layer: services
|
||
# Module: accountsd
|
||
#
|
||
# An application to view and modify user accounts information
|
||
#
|
||
accountsd = module
|
||
|
||
# Layer: admin
|
||
# Module: acct
|
||
#
|
||
# Berkeley process accounting
|
||
#
|
||
acct = module
|
||
|
||
# Layer: services
|
||
# Module: afs
|
||
#
|
||
# Andrew Filesystem server
|
||
#
|
||
afs = module
|
||
|
||
# Layer: services
|
||
# Module: aide
|
||
#
|
||
# Policy for aide
|
||
#
|
||
aide = module
|
||
|
||
# Layer: admin
|
||
# Module: alsa
|
||
#
|
||
# Ainit ALSA configuration tool
|
||
#
|
||
alsa = module
|
||
|
||
# Layer: admin
|
||
# Module: amanda
|
||
#
|
||
# Automated backup program.
|
||
#
|
||
amanda = module
|
||
|
||
# Layer: contrib
|
||
# Module: antivirus
|
||
#
|
||
# Anti-virus
|
||
#
|
||
antivirus = module
|
||
|
||
# Layer: admin
|
||
# Module: amtu
|
||
#
|
||
# Abstract Machine Test Utility (AMTU)
|
||
#
|
||
amtu = module
|
||
|
||
# Layer: admin
|
||
# Module: anaconda
|
||
#
|
||
# Policy for the Anaconda installer.
|
||
#
|
||
anaconda = module
|
||
|
||
# Layer: services
|
||
# Module: apache
|
||
#
|
||
# Apache web server
|
||
#
|
||
apache = module
|
||
|
||
# Layer: services
|
||
# Module: apcupsd
|
||
#
|
||
# daemon for most APC’s UPS for Linux
|
||
#
|
||
apcupsd = module
|
||
|
||
# Layer: services
|
||
# Module: apm
|
||
#
|
||
# Advanced power management daemon
|
||
#
|
||
apm = module
|
||
|
||
# Layer: services
|
||
# Module: arpwatch
|
||
#
|
||
# Ethernet activity monitor.
|
||
#
|
||
arpwatch = module
|
||
|
||
# Layer: services
|
||
# Module: automount
|
||
#
|
||
# Filesystem automounter service.
|
||
#
|
||
automount = module
|
||
|
||
# Layer: services
|
||
# Module: avahi
|
||
#
|
||
# mDNS/DNS-SD daemon implementing Apple ZeroConf architecture
|
||
#
|
||
avahi = module
|
||
|
||
# Layer: modules
|
||
# Module: awstats
|
||
#
|
||
# awstats executable
|
||
#
|
||
awstats = module
|
||
|
||
# Layer: services
|
||
# Module: bind
|
||
#
|
||
# Berkeley internet name domain DNS server.
|
||
#
|
||
bind = module
|
||
|
||
# Layer: services
|
||
# Module: bitlbee
|
||
#
|
||
# An IRC to other chat networks gateway
|
||
#
|
||
bitlbee = module
|
||
|
||
# Layer: services
|
||
# Module: bluetooth
|
||
#
|
||
# Bluetooth tools and system services.
|
||
#
|
||
bluetooth = module
|
||
|
||
# Layer: services
|
||
# Module: boinc
|
||
#
|
||
# Berkeley Open Infrastructure for Network Computing
|
||
#
|
||
boinc = module
|
||
|
||
# Layer: system
|
||
# Module: brctl
|
||
#
|
||
# Utilities for configuring the linux ethernet bridge
|
||
#
|
||
brctl = module
|
||
|
||
# Layer: services
|
||
# Module: bugzilla
|
||
#
|
||
# Bugzilla server
|
||
#
|
||
bugzilla = module
|
||
|
||
# Layer: services
|
||
# Module: cachefilesd
|
||
#
|
||
# CacheFiles userspace management daemon
|
||
#
|
||
cachefilesd = module
|
||
|
||
# Module: calamaris
|
||
#
|
||
#
|
||
# Squid log analysis
|
||
#
|
||
calamaris = module
|
||
|
||
# Layer: services
|
||
# Module: canna
|
||
#
|
||
# Canna - kana-kanji conversion server
|
||
#
|
||
canna = module
|
||
|
||
# Layer: services
|
||
# Module: ccs
|
||
#
|
||
# policy for ccs
|
||
#
|
||
ccs = module
|
||
|
||
# Layer: apps
|
||
# Module: cdrecord
|
||
#
|
||
# Policy for cdrecord
|
||
#
|
||
cdrecord = module
|
||
|
||
# Layer: admin
|
||
# Module: certmaster
|
||
#
|
||
# Digital Certificate master
|
||
#
|
||
certmaster = module
|
||
|
||
# Layer: services
|
||
# Module: certmonger
|
||
#
|
||
# Certificate status monitor and PKI enrollment client
|
||
#
|
||
certmonger = module
|
||
|
||
# Layer: admin
|
||
# Module: certwatch
|
||
#
|
||
# Digital Certificate Tracking
|
||
#
|
||
certwatch = module
|
||
|
||
# Layer: services
|
||
# Module: cgroup
|
||
#
|
||
# Tools and libraries to control and monitor control groups
|
||
#
|
||
cgroup = module
|
||
|
||
# Layer: apps
|
||
# Module: chrome
|
||
#
|
||
# chrome sandbox
|
||
#
|
||
chrome = module
|
||
|
||
# Layer: services
|
||
# Module: chronyd
|
||
#
|
||
# Daemon for maintaining clock time
|
||
#
|
||
chronyd = module
|
||
|
||
# Layer: services
|
||
# Module: cipe
|
||
#
|
||
# Encrypted tunnel daemon
|
||
#
|
||
cipe = module
|
||
|
||
# Layer: services
|
||
# Module: clogd
|
||
#
|
||
# clogd - clustered mirror log server
|
||
#
|
||
clogd = module
|
||
|
||
# Layer: services
|
||
# Module: cmirrord
|
||
#
|
||
# cmirrord - daemon providing device-mapper-base mirrors in a shared-storege cluster
|
||
#
|
||
cmirrord = module
|
||
|
||
# Layer: services
|
||
# Module: colord
|
||
#
|
||
# color device daemon
|
||
#
|
||
colord = module
|
||
|
||
# Layer: services
|
||
# Module: comsat
|
||
#
|
||
# Comsat, a biff server.
|
||
#
|
||
comsat = module
|
||
|
||
# Layer: services
|
||
# Module: courier
|
||
#
|
||
# IMAP and POP3 email servers
|
||
#
|
||
courier = module
|
||
|
||
# Layer: services
|
||
# Module: cpucontrol
|
||
#
|
||
# Services for loading CPU microcode and CPU frequency scaling.
|
||
#
|
||
cpucontrol = module
|
||
|
||
# Layer: apps
|
||
# Module: cpufreqselector
|
||
#
|
||
# cpufreqselector executable
|
||
#
|
||
cpufreqselector = module
|
||
|
||
# Layer: services
|
||
# Module: cron
|
||
#
|
||
# Periodic execution of scheduled commands.
|
||
#
|
||
cron = module
|
||
|
||
# Layer: services
|
||
# Module: cups
|
||
#
|
||
# Common UNIX printing system
|
||
#
|
||
cups = module
|
||
|
||
# Layer: services
|
||
# Module: cvs
|
||
#
|
||
# Concurrent versions system
|
||
#
|
||
cvs = module
|
||
|
||
# Layer: services
|
||
# Module: cyphesis
|
||
#
|
||
# cyphesis game server
|
||
#
|
||
cyphesis = module
|
||
|
||
# Layer: services
|
||
# Module: cyrus
|
||
#
|
||
# Cyrus is an IMAP service intended to be run on sealed servers
|
||
#
|
||
cyrus = module
|
||
|
||
# Layer: system
|
||
# Module: daemontools
|
||
#
|
||
# Collection of tools for managing UNIX services
|
||
#
|
||
daemontools = module
|
||
|
||
# Layer: role
|
||
# Module: dbadm
|
||
#
|
||
# Minimally prived root role for managing databases
|
||
#
|
||
dbadm = module
|
||
|
||
# Layer: services
|
||
# Module: dbskk
|
||
#
|
||
# Dictionary server for the SKK Japanese input method system.
|
||
#
|
||
dbskk = module
|
||
|
||
# Layer: services
|
||
# Module: dbus
|
||
#
|
||
# Desktop messaging bus
|
||
#
|
||
dbus = module
|
||
|
||
# Layer: services
|
||
# Module: dcc
|
||
#
|
||
# A distributed, collaborative, spam detection and filtering network.
|
||
#
|
||
dcc = module
|
||
|
||
# Layer: admin
|
||
# Module: ddcprobe
|
||
#
|
||
# ddcprobe retrieves monitor and graphics card information
|
||
#
|
||
ddcprobe = off
|
||
|
||
# Layer: services
|
||
# Module: devicekit
|
||
#
|
||
# devicekit-daemon
|
||
#
|
||
devicekit = module
|
||
|
||
# Layer: services
|
||
# Module: dhcp
|
||
#
|
||
# Dynamic host configuration protocol (DHCP) server
|
||
#
|
||
dhcp = module
|
||
|
||
# Layer: services
|
||
# Module: dictd
|
||
#
|
||
# Dictionary daemon
|
||
#
|
||
dictd = module
|
||
|
||
# Layer: services
|
||
# Module: distcc
|
||
#
|
||
# Distributed compiler daemon
|
||
#
|
||
distcc = off
|
||
|
||
# Layer: admin
|
||
# Module: dmidecode
|
||
#
|
||
# Decode DMI data for x86/ia64 bioses.
|
||
#
|
||
dmidecode = module
|
||
|
||
# Layer: services
|
||
# Module: dnsmasq
|
||
#
|
||
# A lightweight DHCP and caching DNS server.
|
||
#
|
||
dnsmasq = module
|
||
|
||
# Layer: services
|
||
# Module: dnssec
|
||
#
|
||
# A dnssec server application
|
||
#
|
||
dnssec = module
|
||
|
||
# Layer: services
|
||
# Module: dovecot
|
||
#
|
||
# Dovecot POP and IMAP mail server
|
||
#
|
||
dovecot = module
|
||
|
||
# Layer: services
|
||
# Module: entropy
|
||
#
|
||
# Generate entropy from audio input
|
||
#
|
||
entropyd = module
|
||
|
||
# Layer: services
|
||
# Module: exim
|
||
#
|
||
# exim mail server
|
||
#
|
||
exim = module
|
||
|
||
# Layer: services
|
||
# Module: fail2ban
|
||
#
|
||
# daiemon that bans IP that makes too many password failures
|
||
#
|
||
fail2ban = module
|
||
|
||
# Layer: services
|
||
# Module: fetchmail
|
||
#
|
||
# Remote-mail retrieval and forwarding utility
|
||
#
|
||
fetchmail = module
|
||
|
||
# Layer: services
|
||
# Module: finger
|
||
#
|
||
# Finger user information service.
|
||
#
|
||
finger = module
|
||
|
||
# Layer: services
|
||
# Module: firewalld
|
||
#
|
||
# firewalld is firewall service daemon that provides dynamic customizable
|
||
#
|
||
firewalld = module
|
||
|
||
# Layer: apps
|
||
# Module: firewallgui
|
||
#
|
||
# policy for system-config-firewall
|
||
#
|
||
firewallgui = module
|
||
|
||
# Module: firstboot
|
||
#
|
||
# Final system configuration run during the first boot
|
||
# after installation of Red Hat/Fedora systems.
|
||
#
|
||
firstboot = module
|
||
|
||
# Layer: services
|
||
# Module: fprintd
|
||
#
|
||
# finger print server
|
||
#
|
||
fprintd = module
|
||
|
||
# Layer: services
|
||
# Module: ftp
|
||
#
|
||
# File transfer protocol service
|
||
#
|
||
ftp = module
|
||
|
||
# Layer: apps
|
||
# Module: games
|
||
#
|
||
# The Open Group Pegasus CIM/WBEM Server.
|
||
#
|
||
games = module
|
||
|
||
# Layer: apps
|
||
# Module: gitosis
|
||
#
|
||
# Policy for gitosis
|
||
#
|
||
gitosis = module
|
||
|
||
# Layer: services
|
||
# Module: git
|
||
#
|
||
# Policy for the stupid content tracker
|
||
#
|
||
git = module
|
||
|
||
# Layer: services
|
||
# Module: glance
|
||
#
|
||
# Policy for glance
|
||
#
|
||
glance = module
|
||
|
||
# Layer: apps
|
||
# Module: gnome
|
||
#
|
||
# gnome session and gconf
|
||
#
|
||
gnome = module
|
||
|
||
# Layer: apps
|
||
# Module: gnome_remote_desktop
|
||
#
|
||
# gnome-remote-desktop
|
||
#
|
||
gnome_remote_desktop = module
|
||
|
||
# Layer: apps
|
||
# Module: gpg
|
||
#
|
||
# Policy for Mozilla and related web browsers
|
||
#
|
||
gpg = module
|
||
|
||
# Layer: services
|
||
# Module: gpm
|
||
#
|
||
# General Purpose Mouse driver
|
||
#
|
||
gpm = module
|
||
|
||
# Module: gpsd
|
||
#
|
||
# gpsd monitor daemon
|
||
#
|
||
#
|
||
gpsd = module
|
||
|
||
# Module: gssproxy
|
||
#
|
||
# A proxy for GSSAPI credential handling
|
||
#
|
||
#
|
||
gssproxy = module
|
||
|
||
# Layer: role
|
||
# Module: guest
|
||
#
|
||
# Minimally privs guest account on tty logins
|
||
#
|
||
guest = module
|
||
|
||
# Layer: services
|
||
# Module: i18n_input
|
||
#
|
||
# IIIMF htt server
|
||
#
|
||
i18n_input = off
|
||
|
||
# Layer: services
|
||
# Module: inetd
|
||
#
|
||
# Internet services daemon.
|
||
#
|
||
inetd = module
|
||
|
||
# Layer: services
|
||
# Module: inn
|
||
#
|
||
# Internet News NNTP server
|
||
#
|
||
inn = module
|
||
|
||
# Layer: apps
|
||
# Module: irc
|
||
#
|
||
# IRC client policy
|
||
#
|
||
irc = module
|
||
|
||
# Layer: services
|
||
# Module: irqbalance
|
||
#
|
||
# IRQ balancing daemon
|
||
#
|
||
irqbalance = module
|
||
|
||
# Layer: system
|
||
# Module: iscsi
|
||
#
|
||
# Open-iSCSI daemon
|
||
#
|
||
iscsi = module
|
||
|
||
# Layer: services
|
||
# Module: jabber
|
||
#
|
||
# Jabber instant messaging server
|
||
#
|
||
jabber = module
|
||
|
||
# Layer: apps
|
||
# Module: kdumpgui
|
||
#
|
||
# system-config-kdump policy
|
||
#
|
||
kdumpgui = module
|
||
|
||
# Layer: admin
|
||
# Module: kdump
|
||
#
|
||
# kdump is kernel crash dumping mechanism
|
||
#
|
||
kdump = module
|
||
|
||
# Layer: services
|
||
# Module: kerberos
|
||
#
|
||
# MIT Kerberos admin and KDC
|
||
#
|
||
kerberos = module
|
||
|
||
# Layer: services
|
||
# Module: kismet
|
||
#
|
||
# Wireless sniffing and monitoring
|
||
#
|
||
kismet = module
|
||
|
||
# Layer: services
|
||
# Module: ktalk
|
||
#
|
||
# KDE Talk daemon
|
||
#
|
||
ktalk = module
|
||
|
||
# Layer: services
|
||
# Module: ldap
|
||
#
|
||
# OpenLDAP directory server
|
||
#
|
||
ldap = module
|
||
|
||
# Layer: services
|
||
# Module: lircd
|
||
#
|
||
# LIRC daemon - decodes infrared signals and provides them on a Unix domain socket.
|
||
#
|
||
lircd = module
|
||
|
||
# Layer: apps
|
||
# Module: loadkeys
|
||
#
|
||
# Load keyboard mappings.
|
||
#
|
||
loadkeys = module
|
||
|
||
# Layer: apps
|
||
# Module: lockdev
|
||
#
|
||
# device locking policy for lockdev
|
||
#
|
||
lockdev = module
|
||
|
||
# Layer: admin
|
||
# Module: logrotate
|
||
#
|
||
# Rotate and archive system logs
|
||
#
|
||
logrotate = module
|
||
|
||
# Layer: services
|
||
# Module: logwatch
|
||
#
|
||
# logwatch executable
|
||
#
|
||
logwatch = module
|
||
|
||
# Layer: services
|
||
# Module: lpd
|
||
#
|
||
# Line printer daemon
|
||
#
|
||
lpd = module
|
||
|
||
# Layer: services
|
||
# Module: lsm
|
||
#
|
||
# lsm policy
|
||
#
|
||
lsm = module
|
||
|
||
# Layer: services
|
||
# Module: mailman
|
||
#
|
||
# Mailman is for managing electronic mail discussion and e-newsletter lists
|
||
#
|
||
mailman = module
|
||
|
||
# Layer: admin
|
||
# Module: mcelog
|
||
#
|
||
# mcelog is a daemon that collects and decodes Machine Check Exception data on x86-64 machines.
|
||
#
|
||
mcelog = module
|
||
|
||
# Layer: services
|
||
# Module: memcached
|
||
#
|
||
# high-performance memory object caching system
|
||
#
|
||
memcached = module
|
||
|
||
# Layer: services
|
||
# Module: milter
|
||
#
|
||
#
|
||
#
|
||
milter = module
|
||
|
||
# Layer: services
|
||
# Module: modemmanager
|
||
#
|
||
# Manager for dynamically switching between modems.
|
||
#
|
||
modemmanager = module
|
||
|
||
# Layer: services
|
||
# Module: mojomojo
|
||
#
|
||
# Wiki server
|
||
#
|
||
mojomojo = module
|
||
|
||
# Layer: apps
|
||
# Module: mozilla
|
||
#
|
||
# Policy for Mozilla and related web browsers
|
||
#
|
||
mozilla = module
|
||
|
||
# Layer: apps
|
||
# Module: mplayer
|
||
#
|
||
# Policy for Mozilla and related web browsers
|
||
#
|
||
mplayer = module
|
||
|
||
# Layer: admin
|
||
# Module: mrtg
|
||
#
|
||
# Network traffic graphing
|
||
#
|
||
mrtg = module
|
||
|
||
# Layer: services
|
||
# Module: mta
|
||
#
|
||
# Policy common to all email tranfer agents.
|
||
#
|
||
mta = module
|
||
|
||
# Layer: services
|
||
# Module: munin
|
||
#
|
||
# Munin
|
||
#
|
||
munin = module
|
||
|
||
# Layer: services
|
||
# Module: mysql
|
||
#
|
||
# Policy for MySQL
|
||
#
|
||
mysql = module
|
||
|
||
# Layer: services
|
||
# Module: nagios
|
||
#
|
||
# policy for nagios Host/service/network monitoring program
|
||
#
|
||
nagios = module
|
||
|
||
# Layer: apps
|
||
# Module: namespace
|
||
#
|
||
# policy for namespace.init script
|
||
#
|
||
namespace = module
|
||
|
||
# Layer: admin
|
||
# Module: ncftool
|
||
#
|
||
# Tool to modify the network configuration of a system
|
||
#
|
||
ncftool = module
|
||
|
||
# Layer: services
|
||
# Module: networkmanager
|
||
#
|
||
# Manager for dynamically switching between networks.
|
||
#
|
||
networkmanager = module
|
||
|
||
# Layer: services
|
||
# Module: nis
|
||
#
|
||
# Policy for NIS (YP) servers and clients
|
||
#
|
||
nis = module
|
||
|
||
# Layer: services
|
||
# Module: nscd
|
||
#
|
||
# Name service cache daemon
|
||
#
|
||
nscd = module
|
||
|
||
# Layer: services
|
||
# Module: nslcd
|
||
#
|
||
# Policy for nslcd
|
||
#
|
||
nslcd = module
|
||
|
||
# Layer: services
|
||
# Module: ntop
|
||
#
|
||
# Policy for ntop
|
||
#
|
||
ntop = module
|
||
|
||
# Layer: services
|
||
# Module: ntp
|
||
#
|
||
# Network time protocol daemon
|
||
#
|
||
ntp = module
|
||
|
||
# Layer: services
|
||
# Module: nx
|
||
#
|
||
# NX Remote Desktop
|
||
#
|
||
nx = module
|
||
|
||
# Layer: services
|
||
# Module: oddjob
|
||
#
|
||
# policy for oddjob
|
||
#
|
||
oddjob = module
|
||
|
||
# Layer: services
|
||
# Module: openct
|
||
#
|
||
# Service for handling smart card readers.
|
||
#
|
||
openct = off
|
||
|
||
# Layer: service
|
||
# Module: openct
|
||
#
|
||
# Middleware framework for smart card terminals
|
||
#
|
||
openct = module
|
||
|
||
# Layer: services
|
||
# Module: openvpn
|
||
#
|
||
# Policy for OPENVPN full-featured SSL VPN solution
|
||
#
|
||
openvpn = module
|
||
|
||
# Layer: contrib
|
||
# Module: prelude
|
||
#
|
||
# SELinux policy for prelude
|
||
#
|
||
prelude = module
|
||
|
||
# Layer: contrib
|
||
# Module: prosody
|
||
#
|
||
# SELinux policy for prosody flexible communications server for Jabber/XMPP
|
||
#
|
||
prosody = module
|
||
|
||
# Layer: services
|
||
# Module: pads
|
||
#
|
||
pads = module
|
||
|
||
# Layer: system
|
||
# Module: pcmcia
|
||
#
|
||
# PCMCIA card management services
|
||
#
|
||
pcmcia = module
|
||
|
||
# Layer: service
|
||
# Module: pcscd
|
||
#
|
||
# PC/SC Smart Card Daemon
|
||
#
|
||
pcscd = module
|
||
|
||
# Layer: services
|
||
# Module: pegasus
|
||
#
|
||
# The Open Group Pegasus CIM/WBEM Server.
|
||
#
|
||
pegasus = module
|
||
|
||
|
||
# Layer: services
|
||
# Module: pingd
|
||
#
|
||
#
|
||
pingd = module
|
||
|
||
# Layer: services
|
||
# Module: plymouthd
|
||
#
|
||
# Plymouth
|
||
#
|
||
plymouthd = module
|
||
|
||
# Layer: apps
|
||
# Module: podsleuth
|
||
#
|
||
# Podsleuth probes, identifies, and exposes properties and metadata bound to iPods.
|
||
#
|
||
podsleuth = module
|
||
|
||
# Layer: services
|
||
# Module: policykit
|
||
#
|
||
# Hardware abstraction layer
|
||
#
|
||
policykit = module
|
||
|
||
# Layer: services
|
||
# Module: polipo
|
||
#
|
||
# polipo
|
||
#
|
||
polipo = module
|
||
|
||
# Layer: services
|
||
# Module: portmap
|
||
#
|
||
# RPC port mapping service.
|
||
#
|
||
portmap = module
|
||
|
||
# Layer: services
|
||
# Module: portreserve
|
||
#
|
||
# reserve ports to prevent portmap mapping them
|
||
#
|
||
portreserve = module
|
||
|
||
# Layer: services
|
||
# Module: postfix
|
||
#
|
||
# Postfix email server
|
||
#
|
||
postfix = module
|
||
|
||
o# Layer: services
|
||
# Module: postgrey
|
||
#
|
||
# email scanner
|
||
#
|
||
postgrey = module
|
||
|
||
# Layer: services
|
||
# Module: ppp
|
||
#
|
||
# Point to Point Protocol daemon creates links in ppp networks
|
||
#
|
||
ppp = module
|
||
|
||
# Layer: admin
|
||
# Module: prelink
|
||
#
|
||
# Manage temporary directory sizes and file ages
|
||
#
|
||
prelink = module
|
||
|
||
# Layer: services
|
||
# Module: privoxy
|
||
#
|
||
# Privacy enhancing web proxy.
|
||
#
|
||
privoxy = module
|
||
|
||
# Layer: services
|
||
# Module: procmail
|
||
#
|
||
# Procmail mail delivery agent
|
||
#
|
||
procmail = module
|
||
|
||
# Layer: services
|
||
# Module: psad
|
||
#
|
||
# Analyze iptables log for hostile traffic
|
||
#
|
||
psad = module
|
||
|
||
# Layer: apps
|
||
# Module: ptchown
|
||
#
|
||
# helper function for grantpt(3), changes ownship and permissions of pseudotty
|
||
#
|
||
ptchown = module
|
||
|
||
# Layer: apps
|
||
# Module: pulseaudio
|
||
#
|
||
# The PulseAudio Sound System
|
||
#
|
||
pulseaudio = module
|
||
|
||
# Layer: services
|
||
# Module: qmail
|
||
#
|
||
# Policy for qmail
|
||
#
|
||
qmail = module
|
||
|
||
# Layer: services
|
||
# Module: qpidd
|
||
#
|
||
# Policy for qpidd
|
||
#
|
||
qpid = module
|
||
|
||
# Layer: admin
|
||
# Module: quota
|
||
#
|
||
# File system quota management
|
||
#
|
||
quota = module
|
||
|
||
# Layer: services
|
||
# Module: radius
|
||
#
|
||
# RADIUS authentication and accounting server.
|
||
#
|
||
radius = module
|
||
|
||
# Layer: services
|
||
# Module: radvd
|
||
#
|
||
# IPv6 router advertisement daemon
|
||
#
|
||
radvd = module
|
||
|
||
# Layer: system
|
||
# Module: raid
|
||
#
|
||
# RAID array management tools
|
||
#
|
||
raid = module
|
||
|
||
# Layer: services
|
||
# Module: rdisc
|
||
#
|
||
# Network router discovery daemon
|
||
#
|
||
rdisc = module
|
||
|
||
# Layer: admin
|
||
# Module: readahead
|
||
#
|
||
# Readahead, read files into page cache for improved performance
|
||
#
|
||
readahead = module
|
||
|
||
# Layer: services
|
||
# Module: remotelogin
|
||
#
|
||
# Policy for rshd, rlogind, and telnetd.
|
||
#
|
||
remotelogin = module
|
||
|
||
# Layer: services
|
||
# Module: rhcs
|
||
#
|
||
# RHCS - Red Hat Cluster Suite
|
||
#
|
||
rhcs = module
|
||
|
||
# Layer: services
|
||
# Module: rhgb
|
||
#
|
||
# X windows login display manager
|
||
#
|
||
rhgb = module
|
||
|
||
# Layer: services
|
||
# Module: ricci
|
||
#
|
||
# policy for ricci
|
||
#
|
||
ricci = module
|
||
|
||
# Layer: services
|
||
# Module: rlogin
|
||
#
|
||
# Remote login daemon
|
||
#
|
||
rlogin = module
|
||
|
||
# Layer: services
|
||
# Module: roundup
|
||
#
|
||
# Roundup Issue Tracking System policy
|
||
#
|
||
roundup = module
|
||
|
||
# Layer: services
|
||
# Module: rpcbind
|
||
#
|
||
# universal addresses to RPC program number mapper
|
||
#
|
||
rpcbind = module
|
||
|
||
# Layer: services
|
||
# Module: rpc
|
||
#
|
||
# Remote Procedure Call Daemon for managment of network based process communication
|
||
#
|
||
rpc = module
|
||
|
||
# Layer: admin
|
||
# Module: rpm
|
||
#
|
||
# Policy for the RPM package manager.
|
||
#
|
||
rpm = module
|
||
|
||
# Layer: services
|
||
# Module: rshd
|
||
#
|
||
# Remote shell service.
|
||
#
|
||
rshd = module
|
||
|
||
# Layer: services
|
||
# Module: rsync
|
||
#
|
||
# Fast incremental file transfer for synchronization
|
||
#
|
||
rsync = module
|
||
|
||
# Layer: services
|
||
# Module: rtkit
|
||
#
|
||
# Real Time Kit Daemon
|
||
#
|
||
rtkit = module
|
||
|
||
# Layer: services
|
||
# Module: rwho
|
||
#
|
||
# who is logged in on local machines
|
||
#
|
||
rwho = module
|
||
|
||
# Layer: apps
|
||
# Module: sambagui
|
||
#
|
||
# policy for system-config-samba
|
||
#
|
||
sambagui = module
|
||
|
||
#
|
||
# SMB and CIFS client/server programs for UNIX and
|
||
# name Service Switch daemon for resolving names
|
||
# from Windows NT servers.
|
||
#
|
||
samba = module
|
||
|
||
# Layer: services
|
||
# Module: sasl
|
||
#
|
||
# SASL authentication server
|
||
#
|
||
sasl = module
|
||
|
||
# Layer: apps
|
||
# Module: screen
|
||
#
|
||
# GNU terminal multiplexer
|
||
#
|
||
screen = module
|
||
|
||
# Layer: services
|
||
# Module: sendmail
|
||
#
|
||
# Policy for sendmail.
|
||
#
|
||
sendmail = module
|
||
|
||
# Layer: services
|
||
# Module: setroubleshoot
|
||
#
|
||
# Policy for the SELinux troubleshooting utility
|
||
#
|
||
setroubleshoot = module
|
||
|
||
# Layer: admin
|
||
# Module: shorewall
|
||
#
|
||
# Policy for shorewall
|
||
#
|
||
shorewall = module
|
||
|
||
# Layer: apps
|
||
# Module: slocate
|
||
#
|
||
# Update database for mlocate
|
||
#
|
||
slocate = module
|
||
|
||
# Layer: services
|
||
# Module: slrnpull
|
||
#
|
||
# Service for downloading news feeds the slrn newsreader.
|
||
#
|
||
slrnpull = off
|
||
|
||
# Layer: services
|
||
# Module: smartmon
|
||
#
|
||
# Smart disk monitoring daemon policy
|
||
#
|
||
smartmon = module
|
||
|
||
# Layer: services
|
||
# Module: snmp
|
||
#
|
||
# Simple network management protocol services
|
||
#
|
||
snmp = module
|
||
|
||
# Layer: services
|
||
# Module: snort
|
||
#
|
||
# Snort network intrusion detection system
|
||
#
|
||
snort = module
|
||
|
||
# Layer: admin
|
||
# Module: sosreport
|
||
#
|
||
# sosreport debuggin information generator
|
||
#
|
||
sosreport = module
|
||
|
||
# Layer: services
|
||
# Module: soundserver
|
||
#
|
||
# sound server for network audio server programs, nasd, yiff, etc</summary>
|
||
#
|
||
soundserver = module
|
||
|
||
# Layer: services
|
||
# Module: spamassassin
|
||
#
|
||
# Filter used for removing unsolicited email.
|
||
#
|
||
spamassassin = module
|
||
|
||
# Layer: services
|
||
# Module: squid
|
||
#
|
||
# Squid caching http proxy server
|
||
#
|
||
squid = module
|
||
|
||
# Layer: services
|
||
# Module: sssd
|
||
#
|
||
# System Security Services Daemon
|
||
#
|
||
sssd = module
|
||
|
||
# Layer: services
|
||
# Module: stunnel
|
||
#
|
||
# SSL Tunneling Proxy
|
||
#
|
||
stunnel = module
|
||
|
||
# Layer: services
|
||
# Module: sysstat
|
||
#
|
||
# Policy for sysstat. Reports on various system states
|
||
#
|
||
sysstat = module
|
||
|
||
# Layer: services
|
||
# Module: tcpd
|
||
#
|
||
# Policy for TCP daemon.
|
||
#
|
||
tcpd = module
|
||
|
||
# Layer: services
|
||
# Module: tcsd
|
||
#
|
||
# tcsd - daemon that manages Trusted Computing resources
|
||
#
|
||
tcsd = module
|
||
|
||
# Layer: apps
|
||
# Module: telepathy
|
||
#
|
||
# telepathy - Policy for Telepathy framework
|
||
#
|
||
telepathy = module
|
||
|
||
# Layer: services
|
||
# Module: telnet
|
||
#
|
||
# Telnet daemon
|
||
#
|
||
telnet = module
|
||
|
||
# Layer: services
|
||
# Module: tftp
|
||
#
|
||
# Trivial file transfer protocol daemon
|
||
#
|
||
tftp = module
|
||
|
||
# Layer: services
|
||
# Module: tgtd
|
||
#
|
||
# Linux Target Framework Daemon.
|
||
#
|
||
tgtd = module
|
||
|
||
# Layer: apps
|
||
# Module: thumb
|
||
#
|
||
# Thumbnailer confinement
|
||
#
|
||
thumb = module
|
||
|
||
# Layer: services
|
||
# Module: timidity
|
||
#
|
||
# MIDI to WAV converter and player configured as a service
|
||
#
|
||
timidity = off
|
||
|
||
# Layer: admin
|
||
# Module: tmpreaper
|
||
#
|
||
# Manage temporary directory sizes and file ages
|
||
#
|
||
tmpreaper = module
|
||
|
||
# Layer: services
|
||
# Module: tor
|
||
#
|
||
# TOR, the onion router
|
||
#
|
||
tor = module
|
||
|
||
# Layer: services
|
||
# Module: ksmtuned
|
||
#
|
||
# Kernel Samepage Merging (KSM) Tuning Daemon
|
||
#
|
||
ksmtuned = module
|
||
|
||
# Layer: services
|
||
# Module: tuned
|
||
#
|
||
# Dynamic adaptive system tuning daemon
|
||
#
|
||
tuned = module
|
||
|
||
# Layer: apps
|
||
# Module: tvtime
|
||
#
|
||
# tvtime - a high quality television application
|
||
#
|
||
tvtime = module
|
||
|
||
# Layer: services
|
||
# Module: ulogd
|
||
#
|
||
#
|
||
#
|
||
ulogd = module
|
||
|
||
# Layer: apps
|
||
# Module: uml
|
||
#
|
||
# Policy for UML
|
||
#
|
||
uml = module
|
||
|
||
# Layer: admin
|
||
# Module: updfstab
|
||
#
|
||
# Red Hat utility to change /etc/fstab.
|
||
#
|
||
updfstab = module
|
||
|
||
# Layer: admin
|
||
# Module: usbmodules
|
||
#
|
||
# List kernel modules of USB devices
|
||
#
|
||
usbmodules = module
|
||
|
||
# Layer: apps
|
||
# Module: userhelper
|
||
#
|
||
# A helper interface to pam.
|
||
#
|
||
userhelper = module
|
||
|
||
# Layer: apps
|
||
# Module: usernetctl
|
||
#
|
||
# User network interface configuration helper
|
||
#
|
||
usernetctl = module
|
||
|
||
# Layer: services
|
||
# Module: uucp
|
||
#
|
||
# Unix to Unix Copy
|
||
#
|
||
uucp = module
|
||
|
||
# Layer: services
|
||
# Module: virt
|
||
#
|
||
# Virtualization libraries
|
||
#
|
||
virt = module
|
||
|
||
# Layer: apps
|
||
# Module: vmware
|
||
#
|
||
# VMWare Workstation virtual machines
|
||
#
|
||
vmware = module
|
||
|
||
# Layer: contrib
|
||
# Module: openvswitch
|
||
#
|
||
# SELinux policy for openvswitch programs
|
||
#
|
||
openvswitch = module
|
||
|
||
# Layer: admin
|
||
# Module: vpn
|
||
#
|
||
# Virtual Private Networking client
|
||
#
|
||
vpn = module
|
||
|
||
# Layer: services
|
||
# Module: w3c
|
||
#
|
||
# w3c
|
||
#
|
||
w3c = module
|
||
|
||
# Layer: role
|
||
# Module: webadm
|
||
#
|
||
# Minimally prived root role for managing apache
|
||
#
|
||
webadm = module
|
||
|
||
# Layer: apps
|
||
# Module: webalizer
|
||
#
|
||
# Web server log analysis
|
||
#
|
||
webalizer = module
|
||
|
||
# Layer: apps
|
||
# Module: wine
|
||
#
|
||
# wine executable
|
||
#
|
||
wine = module
|
||
|
||
# Layer: apps
|
||
# Module: wireshark
|
||
#
|
||
# wireshark executable
|
||
#
|
||
wireshark = module
|
||
|
||
# Layer: apps
|
||
# Module: wm
|
||
#
|
||
# X windows window manager
|
||
#
|
||
wm = module
|
||
|
||
# Layer: system
|
||
# Module: xen
|
||
#
|
||
# virtualization software
|
||
#
|
||
xen = module
|
||
|
||
# Layer: role
|
||
# Module: xguest
|
||
#
|
||
# Minimally privs guest account on X Windows logins
|
||
#
|
||
xguest = module
|
||
|
||
# Layer: services
|
||
# Module: zabbix
|
||
#
|
||
# Open-source monitoring solution for your IT infrastructure
|
||
#
|
||
zabbix = module
|
||
|
||
# Layer: services
|
||
# Module: zebra
|
||
#
|
||
# Zebra border gateway protocol network routing service
|
||
#
|
||
zebra = module
|
||
|
||
# Layer: services
|
||
# Module: zosremote
|
||
#
|
||
# policy for z/OS Remote-services Audit dispatcher plugin</summary>
|
||
#
|
||
zosremote = module
|
||
|
||
# Layer: contrib
|
||
# Module: mandb
|
||
#
|
||
# Policy for mandb
|
||
#
|
||
mandb = module
|