selinux-policy/modules-targeted.conf
Petr Lautrbach fc93f2b404 Merge -base and -contrib
Contrib was merged to main repo long time ago.

Makes the build process simpler.

Modules enabled in minimum lives in
%{_datadir}/selinux/minimum/modules.lst now.

Fixes:
RPM build warnings:
    File listed twice: /var/lib/selinux/mls/active/modules/100/unprivuser
    File listed twice: /var/lib/selinux/mls/active/modules/100/unprivuser/cil
    File listed twice: /var/lib/selinux/mls/active/modules/100/unprivuser/hll
    File listed twice: /var/lib/selinux/mls/active/modules/100/unprivuser/lang_ext

[skip changelog]

Related: RHEL-54303
2024-11-14 17:16:04 +01:00

3178 lines
41 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Layer: kernel
# Module: bootloader
#
# Policy for the kernel modules, kernel image, and bootloader.
#
bootloader = module
# Layer: kernel
# Module: corecommands
# Required in base
#
# Core policy for shells, and generic programs
# in /bin, /sbin, /usr/bin, and /usr/sbin.
#
corecommands = base
# Layer: kernel
# Module: corenetwork
# Required in base
#
# Policy controlling access to network objects
#
corenetwork = base
# Layer: admin
# Module: dmesg
#
# Policy for dmesg.
#
dmesg = module
# Layer: admin
# Module: netutils
#
# Network analysis utilities
#
netutils = module
# Layer: admin
# Module: sudo
#
# Execute a command with a substitute user
#
sudo = module
# Layer: admin
# Module: su
#
# Run shells with substitute user and group
#
su = module
# Layer: admin
# Module: usermanage
#
# Policy for managing user accounts.
#
usermanage = module
# Layer: apps
# Module: seunshare
#
# seunshare executable
#
seunshare = module
# Module: devices
# Required in base
#
# Device nodes and interfaces for many basic system devices.
#
devices = base
# Module: domain
# Required in base
#
# Core policy for domains.
#
domain = base
# Layer: system
# Module: userdomain
#
# Policy for user domains
#
userdomain = module
# Module: files
# Required in base
#
# Basic filesystem types and interfaces.
#
files = base
# Layer: system
# Module: miscfiles
#
# Miscelaneous files.
#
miscfiles = module
# Module: filesystem
# Required in base
#
# Policy for filesystems.
#
filesystem = base
# Module: kernel
# Required in base
#
# Policy for kernel threads, proc filesystem,and unlabeled processes and objects.
#
kernel = base
# Module: mcs
# Required in base
#
# MultiCategory security policy
#
mcs = base
# Module: mls
# Required in base
#
# Multilevel security policy
#
mls = base
# Module: selinux
# Required in base
#
# Policy for kernel security interface, in particular, selinuxfs.
#
selinux = base
# Layer: kernel
# Module: storage
#
# Policy controlling access to storage devices
#
storage = base
# Module: terminal
# Required in base
#
# Policy for terminals.
#
terminal = base
# Layer: kernel
# Module: ubac
#
#
#
ubac = base
# Layer: kernel
# Module: unconfined
#
# The unlabelednet module.
#
unlabelednet = module
# Layer: role
# Module: auditadm
#
# auditadm account on tty logins
#
auditadm = module
# Layer: role
# Module: logadm
#
# Minimally prived root role for managing logging system
#
logadm = module
# Layer: role
# Module: secadm
#
# secadm account on tty logins
#
secadm = module
# Layer:role
# Module: sysadm_secadm
#
# System Administrator with Security Admin rules
#
sysadm_secadm = module
# Module: staff
#
# admin account
#
staff = module
# Layer:role
# Module: sysadm
#
# System Administrator
#
sysadm = module
# Layer: role
# Module: unconfineduser
#
# The unconfined user domain.
#
unconfineduser = module
# Layer: role
# Module: unprivuser
#
# Minimally privs guest account on tty logins
#
unprivuser = module
# Layer: services
# Module: postgresql
#
# PostgreSQL relational database
#
postgresql = module
# Layer: services
# Module: ssh
#
# Secure shell client and server policy.
#
ssh = module
# Layer: services
# Module: xserver
#
# X windows login display manager
#
xserver = module
# Module: application
# Required in base
#
# Defines attributs and interfaces for all user applications
#
application = module
# Layer: system
# Module: authlogin
#
# Common policy for authentication and user login.
#
authlogin = module
# Layer: system
# Module: clock
#
# Policy for reading and setting the hardware clock.
#
clock = module
# Layer: system
# Module: fstools
#
# Tools for filesystem management, such as mkfs and fsck.
#
fstools = module
# Layer: system
# Module: getty
#
# Policy for getty.
#
getty = module
# Layer: system
# Module: hostname
#
# Policy for changing the system host name.
#
hostname = module
# Layer: system
# Module: init
#
# System initialization programs (init and init scripts).
#
init = module
# Layer: system
# Module: ipsec
#
# TCP/IP encryption
#
ipsec = module
# Layer: system
# Module: iptables
#
# Policy for iptables.
#
iptables = module
# Layer: system
# Module: libraries
#
# Policy for system libraries.
#
libraries = module
# Layer: system
# Module: locallogin
#
# Policy for local logins.
#
locallogin = module
# Layer: system
# Module: logging
#
# Policy for the kernel message logger and system logging daemon.
#
logging = module
# Layer: system
# Module: lvm
#
# Policy for logical volume management programs.
#
lvm = module
# Layer: system
# Module: modutils
#
# Policy for kernel module utilities
#
modutils = module
# Layer: system
# Module: mount
#
# Policy for mount.
#
mount = module
# Layer: system
# Module: netlabel
#
# Basic netlabel types and interfaces.
#
netlabel = module
# Layer: system
# Module: selinuxutil
#
# Policy for SELinux policy and userland applications.
#
selinuxutil = module
# Module: setrans
# Required in base
#
# Policy for setrans
#
setrans = module
# Layer: system
# Module: sysnetwork
#
# Policy for network configuration: ifconfig and dhcp client.
#
sysnetwork = module
# Layer: system
# Module: systemd
#
# Policy for systemd components
#
systemd = module
# Layer: system
# Module: udev
#
# Policy for udev.
#
udev = module
# Layer: system
# Module: unconfined
#
# The unconfined domain.
#
unconfined = module
# Layer: services
# Module: abrt
#
# Automatic bug detection and reporting tool
#
abrt = module
# Layer: services
# Module: accountsd
#
# An application to view and modify user accounts information
#
accountsd = module
# Layer: admin
# Module: acct
#
# Berkeley process accounting
#
acct = module
# Layer: services
# Module: afs
#
# Andrew Filesystem server
#
afs = module
# Layer: services
# Module: aiccu
#
# SixXS Automatic IPv6 Connectivity Client Utility
#
aiccu = module
# Layer: services
# Module: aide
#
# Policy for aide
#
aide = module
# Layer: services
# Module: ajaxterm
#
# Web Based Terminal
#
ajaxterm = module
# Layer: admin
# Module: alsa
#
# Ainit ALSA configuration tool
#
alsa = module
# Layer: admin
# Module: amanda
#
# Automated backup program.
#
amanda = module
# Layer: admin
# Module: amtu
#
# Abstract Machine Test Utility (AMTU)
#
amtu = module
# Layer: admin
# Module: anaconda
#
# Policy for the Anaconda installer.
#
anaconda = module
# Layer: contrib
# Module: antivirus
#
# SELinux policy for antivirus programs
#
antivirus = module
# Layer: services
# Module: apache
#
# Apache web server
#
apache = module
# Layer: services
# Module: apcupsd
#
# daemon for most APCs UPS for Linux
#
apcupsd = module
# Layer: services
# Module: apm
#
# Advanced power management daemon
#
apm = module
# Layer: services
# Module: arpwatch
#
# Ethernet activity monitor.
#
arpwatch = module
# Layer: services
# Module: asterisk
#
# Asterisk IP telephony server
#
asterisk = module
# Layer: contrib
# Module: authconfig
#
# Authorization configuration tool
#
authconfig = module
# Layer: services
# Module: automount
#
# Filesystem automounter service.
#
automount = module
# Layer: services
# Module: avahi
#
# mDNS/DNS-SD daemon implementing Apple ZeroConf architecture
#
avahi = module
# Layer: module
# Module: awstats
#
# awstats executable
#
awstats = module
# Layer: services
# Module: bcfg2
#
# Configuration management server
#
bcfg2 = module
# Layer: services
# Module: bind
#
# Berkeley internet name domain DNS server.
#
bind = module
# Layer: contrib
# Module: rngd
#
# Daemon used to feed random data from hardware device to kernel random device
#
rngd = module
# Layer: services
# Module: bitlbee
#
# An IRC to other chat networks gateway
#
bitlbee = module
# Layer: services
# Module: blueman
#
# Blueman tools and system services.
#
blueman = module
# Layer: services
# Module: bluetooth
#
# Bluetooth tools and system services.
#
bluetooth = module
# Layer: services
# Module: boinc
#
# Berkeley Open Infrastructure for Network Computing
#
boinc = module
# Layer: system
# Module: brctl
#
# Utilities for configuring the linux ethernet bridge
#
brctl = module
# Layer: services
# Module: bugzilla
#
# Bugzilla server
#
bugzilla = module
# Layer: services
# Module: bumblebee
#
# Support NVIDIA Optimus technology under Linux
#
bumblebee = module
# Layer: services
# Module: cachefilesd
#
# CacheFiles userspace management daemon
#
cachefilesd = module
# Module: calamaris
#
#
# Squid log analysis
#
calamaris = module
# Layer: services
# Module: callweaver
#
# callweaver telephony sever
#
callweaver = module
# Layer: services
# Module: canna
#
# Canna - kana-kanji conversion server
#
canna = module
# Layer: services
# Module: ccs
#
# policy for ccs
#
ccs = module
# Layer: apps
# Module: cdrecord
#
# Policy for cdrecord
#
cdrecord = module
# Layer: admin
# Module: certmaster
#
# Digital Certificate master
#
certmaster = module
# Layer: services
# Module: certmonger
#
# Certificate status monitor and PKI enrollment client
#
certmonger = module
# Layer: admin
# Module: certwatch
#
# Digital Certificate Tracking
#
certwatch = module
# Layer: services
# Module: cfengine
#
# cfengine
#
cfengine = module
# Layer: services
# Module: cgroup
#
# Tools and libraries to control and monitor control groups
#
cgroup = module
# Layer: apps
# Module: chrome
#
# chrome sandbox
#
chrome = module
# Layer: services
# Module: chronyd
#
# Daemon for maintaining clock time
#
chronyd = module
# Layer: services
# Module: cipe
#
# Encrypted tunnel daemon
#
cipe = module
# Layer: services
# Module: clogd
#
# clogd - clustered mirror log server
#
clogd = module
# Layer: services
# Module: cloudform
#
# cloudform daemons
#
cloudform = module
# Layer: services
# Module: cmirrord
#
# cmirrord - daemon providing device-mapper-base mirrors in a shared-storege cluster
#
cmirrord = module
# Layer: services
# Module: cobbler
#
# cobbler
#
cobbler = module
# Layer: services
# Module: collectd
#
# Statistics collection daemon for filling RRD files
#
collectd = module
# Layer: services
# Module: colord
#
# color device daemon
#
colord = module
# Layer: services
# Module: comsat
#
# Comsat, a biff server.
#
comsat = module
# Layer: services
# Module: condor
#
# policy for condor
#
condor = module
# Layer: services
# Module: conman
#
# Conman is a program for connecting to remote consoles being managed by conmand
#
conman = module
# Layer: services
# Module: consolekit
#
# ConsoleKit is a system daemon for tracking what users are logged
#
consolekit = module
# Layer: services
# Module: couchdb
#
# Apache CouchDB database server
#
couchdb = module
# Layer: services
# Module: courier
#
# IMAP and POP3 email servers
#
courier = module
# Layer: services
# Module: cpucontrol
#
# Services for loading CPU microcode and CPU frequency scaling.
#
cpucontrol = module
# Layer: apps
# Module: cpufreqselector
#
# cpufreqselector executable
#
cpufreqselector = module
# Layer: services
# Module: cron
#
# Periodic execution of scheduled commands.
#
cron = module
# Layer: services
# Module: ctdbd
#
# Cluster Daemon
#
ctdb = module
# Layer: services
# Module: cups
#
# Common UNIX printing system
#
cups = module
# Layer: services
# Module: cvs
#
# Concurrent versions system
#
cvs = module
# Layer: services
# Module: cyphesis
#
# cyphesis game server
#
cyphesis = module
# Layer: services
# Module: cyrus
#
# Cyrus is an IMAP service intended to be run on sealed servers
#
cyrus = module
# Layer: system
# Module: daemontools
#
# Collection of tools for managing UNIX services
#
daemontools = module
# Layer: role
# Module: dbadm
#
# Minimally prived root role for managing databases
#
dbadm = module
# Layer: services
# Module: dbskk
#
# Dictionary server for the SKK Japanese input method system.
#
dbskk = module
# Layer: services
# Module: dbus
#
# Desktop messaging bus
#
dbus = module
# Layer: services
# Module: dcc
#
# A distributed, collaborative, spam detection and filtering network.
#
dcc = module
# Layer: services
# Module: ddclient
#
# Update dynamic IP address at DynDNS.org
#
ddclient = module
# Layer: admin
# Module: ddcprobe
#
# ddcprobe retrieves monitor and graphics card information
#
ddcprobe = off
# Layer: services
# Module: denyhosts
#
# script to help thwart ssh server attacks
#
denyhosts = module
# Layer: services
# Module: devicekit
#
# devicekit-daemon
#
devicekit = module
# Layer: services
# Module: dhcp
#
# Dynamic host configuration protocol (DHCP) server
#
dhcp = module
# Layer: services
# Module: dictd
#
# Dictionary daemon
#
dictd = module
# Layer: services
# Module: dirsrv-admin
#
# An 309 directory admin server
#
dirsrv-admin = module
# Layer: services
# Module: dirsrv
#
# An 309 directory server
#
dirsrv = module
# Layer: services
# Module: distcc
#
# Distributed compiler daemon
#
distcc = off
# Layer: admin
# Module: dmidecode
#
# Decode DMI data for x86/ia64 bioses.
#
dmidecode = module
# Layer: services
# Module: dnsmasq
#
# A lightweight DHCP and caching DNS server.
#
dnsmasq = module
# Layer: services
# Module: dnssec
#
# A dnssec server application
#
dnssec = module
# Layer: services
# Module: dovecot
#
# Dovecot POP and IMAP mail server
#
dovecot = module
# Layer: services
# Module: drbd
#
# DRBD mirrors a block device over the network to another machine.
#
drbd = module
# Layer: services
# Module: dspam
#
# dspam - library and Mail Delivery Agent for Bayesian SPAM filtering
#
dspam = module
# Layer: services
# Module: entropy
#
# Generate entropy from audio input
#
entropyd = module
# Layer: services
# Module: exim
#
# exim mail server
#
exim = module
# Layer: services
# Module: fail2ban
#
# daiemon that bans IP that makes too many password failures
#
fail2ban = module
# Layer: services
# Module: fcoe
#
# fcoe
#
fcoe = module
# Layer: services
# Module: fetchmail
#
# Remote-mail retrieval and forwarding utility
#
fetchmail = module
# Layer: services
# Module: finger
#
# Finger user information service.
#
finger = module
# Layer: services
# Module: firewalld
#
# firewalld is firewall service daemon that provides dynamic customizable
#
firewalld = module
# Layer: apps
# Module: firewallgui
#
# policy for system-config-firewall
#
firewallgui = module
# Module: firstboot
#
# Final system configuration run during the first boot
# after installation of Red Hat/Fedora systems.
#
firstboot = module
# Layer: services
# Module: fprintd
#
# finger print server
#
fprintd = module
# Layer: services
# Module: freqset
#
# Utility for CPU frequency scaling
#
freqset = module
# Layer: services
# Module: ftp
#
# File transfer protocol service
#
ftp = module
# Layer: apps
# Module: games
#
# The Open Group Pegasus CIM/WBEM Server.
#
games = module
# Layer: apps
# Module: gitosis
#
# Policy for gitosis
#
gitosis = module
# Layer: services
# Module: git
#
# Policy for the stupid content tracker
#
git = module
# Layer: services
# Module: glance
#
# Policy for glance
#
glance = module
# Layer: contrib
# Module: glusterd
#
# policy for glusterd service
#
glusterd = module
# Layer: apps
# Module: gnome
#
# gnome session and gconf
#
gnome = module
# Layer: apps
# Module: gpg
#
# Policy for GNU Privacy Guard and related programs.
#
gpg = module
# Layer: services
# Module: gpm
#
# General Purpose Mouse driver
#
gpm = module
# Module: gpsd
#
# gpsd monitor daemon
#
#
gpsd = module
# Module: gssproxy
#
# A proxy for GSSAPI credential handling
#
#
gssproxy = module
# Layer: role
# Module: guest
#
# Minimally privs guest account on tty logins
#
guest = module
# Layer: role
# Module: xguest
#
# Minimally privs guest account on X Windows logins
#
xguest = module
# Layer: services
# Module: hddtemp
#
# hddtemp hard disk temperature tool running as a daemon
#
hddtemp = module
# Layer: services
# Module: hostapd
#
# hostapd - IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
#
hostapd = module
# Layer: services
# Module: i18n_input
#
# IIIMF htt server
#
i18n_input = off
# Layer: services
# Module: icecast
#
# ShoutCast compatible streaming media server
#
icecast = module
# Layer: services
# Module: inetd
#
# Internet services daemon.
#
inetd = module
# Layer: services
# Module: inn
#
# Internet News NNTP server
#
inn = module
# Layer: services
# Module: lircd
#
# LIRC daemon - decodes infrared signals and provides them on a Unix domain socket.
#
lircd = module
# Layer: apps
# Module: irc
#
# IRC client policy
#
irc = module
# Layer: services
# Module: irqbalance
#
# IRQ balancing daemon
#
irqbalance = module
# Layer: system
# Module: iscsi
#
# Open-iSCSI daemon
#
iscsi = module
# Layer: system
# Module: isnsd
#
#
#
isns = module
# Layer: services
# Module: jabber
#
# Jabber instant messaging server
#
jabber = module
# Layer: services
# Module: jetty
#
# Java based http server
#
jetty = module
# Layer: apps
# Module: jockey
#
# policy for jockey-backend
#
jockey = module
# Layer: apps
# Module: kdumpgui
#
# system-config-kdump policy
#
kdumpgui = module
# Layer: admin
# Module: kdump
#
# kdump is kernel crash dumping mechanism
#
kdump = module
# Layer: services
# Module: kerberos
#
# MIT Kerberos admin and KDC
#
kerberos = module
# Layer: services
# Module: keepalived
#
# keepalived - load-balancing and high-availability service
#
keepalived = module
# Module: keyboardd
#
# system-setup-keyboard is a keyboard layout daemon that monitors
# /etc/sysconfig/keyboard and writes out an xorg.conf.d snippet
#
keyboardd = module
# Layer: services
# Module: keystone
#
# openstack-keystone
#
keystone = module
# Layer: services
# Module: kismet
#
# Wireless sniffing and monitoring
#
kismet = module
# Layer: services
# Module: ksmtuned
#
# Kernel Samepage Merging (KSM) Tuning Daemon
#
ksmtuned = module
# Layer: services
# Module: ktalk
#
# KDE Talk daemon
#
ktalk = module
# Layer: services
# Module: l2ltpd
#
# Layer 2 Tunnelling Protocol Daemon
#
l2tp = module
# Layer: services
# Module: ldap
#
# OpenLDAP directory server
#
ldap = module
# Layer: services
# Module: likewise
#
# Likewise Active Directory support for UNIX
#
likewise = module
# Layer: apps
# Module: livecd
#
# livecd creator
#
livecd = module
# Layer: services
# Module: lldpad
#
# lldpad - Link Layer Discovery Protocol (LLDP) agent daemon
#
lldpad = module
# Layer: apps
# Module: loadkeys
#
# Load keyboard mappings.
#
loadkeys = module
# Layer: apps
# Module: lockdev
#
# device locking policy for lockdev
#
lockdev = module
# Layer: admin
# Module: logrotate
#
# Rotate and archive system logs
#
logrotate = module
# Layer: services
# Module: logwatch
#
# logwatch executable
#
logwatch = module
# Layer: services
# Module: lpd
#
# Line printer daemon
#
lpd = module
# Layer: services
# Module: mailman
#
# Mailman is for managing electronic mail discussion and e-newsletter lists
#
mailman = module
# Layer: services
# Module: mailman
#
# Policy for mailscanner
#
mailscanner = module
# Layer: apps
# Module: man2html
#
# policy for man2html apps
#
man2html = module
# Layer: admin
# Module: mcelog
#
# Policy for mcelog.
#
mcelog = module
# Layer: apps
# Module: mediawiki
#
# mediawiki
#
mediawiki = module
# Layer: services
# Module: memcached
#
# high-performance memory object caching system
#
memcached = module
# Layer: services
# Module: milter
#
#
#
milter = module
# Layer: services
# Module: mip6d
#
# UMIP Mobile IPv6 and NEMO Basic Support protocol implementation
#
mip6d = module
# Layer: services
# Module: mock
#
# Policy for mock rpm builder
#
mock = module
# Layer: services
# Module: modemmanager
#
# Manager for dynamically switching between modems.
#
modemmanager = module
# Layer: services
# Module: mojomojo
#
# Wiki server
#
mojomojo = module
# Layer: apps
# Module: mozilla
#
# Policy for Mozilla and related web browsers
#
mozilla = module
# Layer: services
# Module: mpd
#
# mpd - daemon for playing music
#
mpd = module
# Layer: apps
# Module: mplayer
#
# Policy for Mozilla and related web browsers
#
mplayer = module
# Layer: admin
# Module: mrtg
#
# Network traffic graphing
#
mrtg = module
# Layer: services
# Module: mta
#
# Policy common to all email tranfer agents.
#
mta = module
# Layer: services
# Module: munin
#
# Munin
#
munin = module
# Layer: services
# Module: mysql
#
# Policy for MySQL
#
mysql = module
# Layer: contrib
# Module: mythtv
#
# Policy for Mythtv (Web Server)
#
mythtv = module
# Layer: services
# Module: nagios
#
# policy for nagios Host/service/network monitoring program
#
nagios = module
# Layer: apps
# Module: namespace
#
# policy for namespace.init script
#
namespace = module
# Layer: admin
# Module: ncftool
#
# Tool to modify the network configuration of a system
#
ncftool = module
# Layer: services
# Module: networkmanager
#
# Manager for dynamically switching between networks.
#
networkmanager = module
# Layer: services
# Module: ninfod
#
# Respond to IPv6 Node Information Queries
#
ninfod = module
# Layer: services
# Module: nis
#
# Policy for NIS (YP) servers and clients
#
nis = module
# Layer: services
# Module: nova
#
# openstack-nova
#
nova = module
# Layer: services
# Module: nscd
#
# Name service cache daemon
#
nscd = module
# Layer: services
# Module: nslcd
#
# Policy for nslcd
#
nslcd = module
# Layer: services
# Module: ntop
#
# Policy for ntop
#
ntop = module
# Layer: services
# Module: ntp
#
# Network time protocol daemon
#
ntp = module
# Layer: services
# Module: numad
#
# numad - user-level daemon that provides advice and managment for optimum use of CPUs and memory on systems with NUMA topology
#
numad = module
# Layer: services
# Module: nut
#
# nut - Network UPS Tools
#
nut = module
# Layer: services
# Module: nx
#
# NX Remote Desktop
#
nx = module
# Layer: services
# Module: obex
#
# policy for obex-data-server
#
obex = module
# Layer: services
# Module: oddjob
#
# policy for oddjob
#
oddjob = module
# Layer: services
# Module: openct
#
# Service for handling smart card readers.
#
openct = off
# Layer: service
# Module: openct
#
# Middleware framework for smart card terminals
#
openct = module
# Layer: contrib
# Module: openshift-origin
#
# Origin version of openshift policy
#
openshift-origin = module
# Layer: contrib
# Module: openshift
#
# Core openshift policy
#
openshift = module
# Layer: services
# Module: opensm
#
# InfiniBand subnet manager and administration (SM/SA)
#
opensm = module
# Layer: services
# Module: openvpn
#
# Policy for OPENVPN full-featured SSL VPN solution
#
openvpn = module
# Layer: contrib
# Module: openvswitch
#
# SELinux policy for openvswitch programs
#
openvswitch = module
# Layer: services
# Module: openwsman
#
# WS-Management Server
#
openwsman = module
# Layer: services
# Module: osad
#
# Client-side service written in Python that responds to pings
#
osad = module
# Layer: contrib
# Module: prelude
#
# SELinux policy for prelude
#
prelude = module
# Layer: contrib
# Module: prosody
#
# SELinux policy for prosody flexible communications server for Jabber/XMPP
#
prosody = module
# Layer: services
# Module: pads
#
pads = module
# Layer: services
# Module: passenger
#
# Passenger
#
passenger = module
# Layer: system
# Module: pcmcia
#
# PCMCIA card management services
#
pcmcia = module
# Layer: service
# Module: pcscd
#
# PC/SC Smart Card Daemon
#
pcscd = module
# Layer: services
# Module: pdns
#
# PowerDNS DNS server
#
pdns = module
# Layer: services
# Module: pegasus
#
# The Open Group Pegasus CIM/WBEM Server.
#
pegasus = module
# Layer: services
# Module: pingd
#
#
pingd = module
# Layer: services
# Module: piranha
#
# piranha - various tools to administer and configure the Linux Virtual Server
#
piranha = module
# Layer: contrib
# Module: pkcs
#
# daemon manages PKCS#11 objects between PKCS#11-enabled applications
#
pkcs = module
# Layer: services
# Module: plymouthd
#
# Plymouth
#
plymouthd = module
# Layer: apps
# Module: podsleuth
#
# Podsleuth probes, identifies, and exposes properties and metadata bound to iPods.
#
podsleuth = module
# Layer: services
# Module: policykit
#
# Hardware abstraction layer
#
policykit = module
# Layer: services
# Module: polipo
#
# polipo
#
polipo = module
# Layer: services
# Module: portmap
#
# RPC port mapping service.
#
portmap = module
# Layer: services
# Module: portreserve
#
# reserve ports to prevent portmap mapping them
#
portreserve = module
# Layer: services
# Module: postfix
#
# Postfix email server
#
postfix = module
# Layer: services
# Module: postgrey
#
# email scanner
#
postgrey = module
# Layer: services
# Module: ppp
#
# Point to Point Protocol daemon creates links in ppp networks
#
ppp = module
# Layer: admin
# Module: prelink
#
# Manage temporary directory sizes and file ages
#
prelink = module
# Layer: services
# Module: privoxy
#
# Privacy enhancing web proxy.
#
privoxy = module
# Layer: services
# Module: procmail
#
# Procmail mail delivery agent
#
procmail = module
# Layer: services
# Module: psad
#
# Analyze iptables log for hostile traffic
#
psad = module
# Layer: apps
# Module: ptchown
#
# helper function for grantpt(3), changes ownship and permissions of pseudotty
#
ptchown = module
# Layer: apps
# Module: pulseaudio
#
# The PulseAudio Sound System
#
pulseaudio = module
# Layer: services
# Module: puppet
#
# A network tool for managing many disparate systems
#
puppet = module
# Layer: apps
# Module: pwauth
#
# External plugin for mod_authnz_external authenticator
#
pwauth = module
# Layer: services
# Module: qmail
#
# Policy for qmail
#
qmail = module
# Layer: services
# Module: qpidd
#
# Policy for qpidd
#
qpid = module
# Layer: services
# Module: quantum
#
# Quantum is a virtual network service for Openstack
#
quantum = module
# Layer: admin
# Module: quota
#
# File system quota management
#
quota = module
# Layer: services
# Module: rabbitmq
#
# rabbitmq daemons
#
rabbitmq = module
# Layer: services
# Module: radius
#
# RADIUS authentication and accounting server.
#
radius = module
# Layer: services
# Module: radvd
#
# IPv6 router advertisement daemon
#
radvd = module
# Layer: system
# Module: raid
#
# RAID array management tools
#
raid = module
# Layer: services
# Module: rasdaemon
#
# The rasdaemon program is a daemon with monitors the RAS trace events from /sys/kernel/debug/tracing
#
rasdaemon = module
# Layer: services
# Module: rdisc
#
# Network router discovery daemon
#
rdisc = module
# Layer: admin
# Module: readahead
#
# Readahead, read files into page cache for improved performance
#
readahead = module
# Layer: contrib
# Module: stapserver
#
# dbus system service which manages discovery and enrollment in realms and domains like Active Directory or IPA
#
realmd = module
# Layer: services
# Module: remotelogin
#
# Policy for rshd, rlogind, and telnetd.
#
remotelogin = module
# Layer: services
# Module: rhcs
#
# RHCS - Red Hat Cluster Suite
#
rhcs = module
# Layer: services
# Module: rhev
#
# rhev policy module contains policies for rhev apps
#
rhev = module
# Layer: services
# Module: rhgb
#
# X windows login display manager
#
rhgb = module
# Layer: services
# Module: rhsmcertd
#
# Subscription Management Certificate Daemon policy
#
rhsmcertd = module
# Layer: services
# Module: ricci
#
# policy for ricci
#
ricci = module
# Layer: services
# Module: rlogin
#
# Remote login daemon
#
rlogin = module
# Layer: services
# Module: roundup
#
# Roundup Issue Tracking System policy
#
roundup = module
# Layer: services
# Module: rpcbind
#
# universal addresses to RPC program number mapper
#
rpcbind = module
# Layer: services
# Module: rpc
#
# Remote Procedure Call Daemon for managment of network based process communication
#
rpc = module
# Layer: admin
# Module: rpm
#
# Policy for the RPM package manager.
#
rpm = module
# Layer: services
# Module: rshd
#
# Remote shell service.
#
rshd = module
# Layer: apps
# Module: rssh
#
# Restricted (scp/sftp) only shell
#
rssh = module
# Layer: services
# Module: rsync
#
# Fast incremental file transfer for synchronization
#
rsync = module
# Layer: services
# Module: rtkit
#
# Real Time Kit Daemon
#
rtkit = module
# Layer: services
# Module: rwho
#
# who is logged in on local machines
#
rwho = module
# Layer: apps
# Module: sambagui
#
# policy for system-config-samba
#
sambagui = module
#
# SMB and CIFS client/server programs for UNIX and
# name Service Switch daemon for resolving names
# from Windows NT servers.
#
samba = module
# Layer: apps
# Module: sandbox
#
# Policy for running apps within a sandbox
#
sandbox = module
# Layer: apps
# Module: sandbox
#
# Policy for running apps within a X sandbox
#
sandboxX = module
# Layer: services
# Module: sanlock
#
# sanlock policy
#
sanlock = module
# Layer: services
# Module: sasl
#
# SASL authentication server
#
sasl = module
# Layer: services
# Module: sblim
#
# sblim
#
sblim = module
# Layer: apps
# Module: screen
#
# GNU terminal multiplexer
#
screen = module
# Layer: admin
# Module: sectoolm
#
# Policy for sectool-mechanism
#
sectoolm = module
# Layer: services
# Module: sendmail
#
# Policy for sendmail.
#
sendmail = module
# Layer: contrib
# Module: sensord
#
# Sensor information logging daemon
#
sensord = module
# Layer: services
# Module: setroubleshoot
#
# Policy for the SELinux troubleshooting utility
#
setroubleshoot = module
# Layer: services
# Module: sge
#
# policy for grindengine MPI jobs
#
sge = module
# Layer: admin
# Module: shorewall
#
# Policy for shorewall
#
shorewall = module
# Layer: apps
# Module: slocate
#
# Update database for mlocate
#
slocate = module
# Layer: contrib
# Module: slpd
#
# OpenSLP server daemon to dynamically register services
#
slpd = module
# Layer: services
# Module: slrnpull
#
# Service for downloading news feeds the slrn newsreader.
#
slrnpull = off
# Layer: services
# Module: smartmon
#
# Smart disk monitoring daemon policy
#
smartmon = module
# Layer: services
# Module: smokeping
#
# Latency Logging and Graphing System
#
smokeping = module
# Layer: admin
# Module: smoltclient
#
#The Fedora hardware profiler client
#
smoltclient = module
# Layer: services
# Module: snmp
#
# Simple network management protocol services
#
snmp = module
# Layer: services
# Module: snort
#
# Snort network intrusion detection system
#
snort = module
# Layer: admin
# Module: sosreport
#
# sosreport debuggin information generator
#
sosreport = module
# Layer: services
# Module: soundserver
#
# sound server for network audio server programs, nasd, yiff, etc</summary>
#
soundserver = module
# Layer: services
# Module: spamassassin
#
# Filter used for removing unsolicited email.
#
spamassassin = module
# Layer: services
# Module: speech-dispatcher
#
# speech-dispatcher - server process managing speech requests in Speech Dispatcher
#
speech-dispatcher = module
# Layer: services
# Module: squid
#
# Squid caching http proxy server
#
squid = module
# Layer: services
# Module: sssd
#
# System Security Services Daemon
#
sssd = module
# Layer: services
# Module: sslh
#
# Applicative protocol(SSL/SSH) multiplexer
#
sslh = module
# Layer: contrib
# Module: stapserver
#
# Instrumentation System Server
#
stapserver = module
# Layer: services
# Module: stunnel
#
# SSL Tunneling Proxy
#
stunnel = module
# Layer: services
# Module: svnserve
#
# policy for subversion service
#
svnserve = module
# Layer: services
# Module: swift
#
# openstack-swift
#
swift = module
# Layer: services
# Module: sysstat
#
# Policy for sysstat. Reports on various system states
#
sysstat = module
# Layer: services
# Module: tcpd
#
# Policy for TCP daemon.
#
tcpd = module
# Layer: services
# Module: tcsd
#
# tcsd - daemon that manages Trusted Computing resources
#
tcsd = module
# Layer: apps
# Module: telepathy
#
# telepathy - Policy for Telepathy framework
#
telepathy = module
# Layer: services
# Module: telnet
#
# Telnet daemon
#
telnet = module
# Layer: services
# Module: tftp
#
# Trivial file transfer protocol daemon
#
tftp = module
# Layer: services
# Module: tgtd
#
# Linux Target Framework Daemon.
#
tgtd = module
# Layer: apps
# Module: thumb
#
# Thumbnailer confinement
#
thumb = module
# Layer: services
# Module: timidity
#
# MIDI to WAV converter and player configured as a service
#
timidity = off
# Layer: admin
# Module: tmpreaper
#
# Manage temporary directory sizes and file ages
#
tmpreaper = module
# Layer: contrib
# Module: glusterd
#
# policy for tomcat service
#
tomcat = module
# Layer: services
# Module: tor
#
# TOR, the onion router
#
tor = module
# Layer: services
# Module: tuned
#
# Dynamic adaptive system tuning daemon
#
tuned = module
# Layer: apps
# Module: tvtime
#
# tvtime - a high quality television application
#
tvtime = module
# Layer: services
# Module: ulogd
#
# netfilter/iptables ULOG daemon
#
ulogd = module
# Layer: apps
# Module: uml
#
# Policy for UML
#
uml = module
# Layer: admin
# Module: updfstab
#
# Red Hat utility to change /etc/fstab.
#
updfstab = module
# Layer: admin
# Module: usbmodules
#
# List kernel modules of USB devices
#
usbmodules = module
# Layer: services
# Module: usbmuxd
#
# Daemon for communicating with Apple's iPod Touch and iPhone
#
usbmuxd = module
# Layer: apps
# Module: userhelper
#
# A helper interface to pam.
#
userhelper = module
# Layer: apps
# Module: usernetctl
#
# User network interface configuration helper
#
usernetctl = module
# Layer: services
# Module: uucp
#
# Unix to Unix Copy
#
uucp = module
# Layer: services
# Module: uuidd
#
# UUID generation daemon
#
uuidd = module
# Layer: services
# Module: varnishd
#
# Varnishd http accelerator daemon
#
varnishd = module
# Layer: services
# Module: vdagent
#
# vdagent
#
vdagent = module
# Layer: services
# Module: vhostmd
#
# vhostmd - spice guest agent daemon.
#
vhostmd = module
# Layer: services
# Module: virt
#
# Virtualization libraries
#
virt = module
# Layer: apps
# Module: vhostmd
#
# vlock - Virtual Console lock program
#
vlock = module
# Layer: services
# Module: vmtools
#
# VMware Tools daemon
#
vmtools = module
# Layer: apps
# Module: vmware
#
# VMWare Workstation virtual machines
#
vmware = module
# Layer: services
# Module: vnstatd
#
# Network traffic Monitor
#
vnstatd = module
# Layer: admin
# Module: vpn
#
# Virtual Private Networking client
#
vpn = module
# Layer: services
# Module: w3c
#
# w3c
#
w3c = module
# Layer: services
# Module: wdmd
#
# wdmd policy
#
wdmd = module
# Layer: role
# Module: webadm
#
# Minimally prived root role for managing apache
#
webadm = module
# Layer: apps
# Module: webalizer
#
# Web server log analysis
#
webalizer = module
# Layer: apps
# Module: wine
#
# wine executable
#
wine = module
# Layer: apps
# Module: wireshark
#
# wireshark executable
#
wireshark = module
# Layer: system
# Module: xen
#
# virtualization software
#
xen = module
# Layer: services
# Module: zabbix
#
# Open-source monitoring solution for your IT infrastructure
#
zabbix = module
# Layer: services
# Module: zarafa
#
# Zarafa Collaboration Platform
#
zarafa = module
# Layer: services
# Module: zebra
#
# Zebra border gateway protocol network routing service
#
zebra = module
# Layer: services
# Module: zoneminder
#
# Zoneminder Camera Security Surveillance Solution
#
zoneminder = module
# Layer: services
# Module: zosremote
#
# policy for z/OS Remote-services Audit dispatcher plugin</summary>
#
zosremote = module
# Layer: contrib
# Module: thin
#
# Policy for thin
#
thin = module
# Layer: contrib
# Module: mandb
#
# Policy for mandb
#
mandb = module
# Layer: services
# Module: pki
#
# policy for pki
#
pki = module
# Layer: services
# Module: smsd
#
# policy for smsd
#
smsd = module
# Layer: contrib
# Module: pesign
#
# policy for pesign
#
pesign = module
# Layer: contrib
# Module: nsd
#
# Fast and lean authoritative DNS Name Server
#
nsd = module
# Layer: contrib
# Module: iodine
#
# Fast and lean authoritative DNS Name Server
#
iodine = module
# Layer: contrib
# Module: openhpid
#
# OpenHPI daemon runs as a background process and accepts connecti
#
openhpid = module
# Layer: contrib
# Module: watchdog
#
# Watchdog policy
#
watchdog = module
# Layer: contrib
# Module: oracleasm
#
# oracleasm policy
#
oracleasm = module
# Layer: contrib
# Module: redis
#
# redis policy
#
redis = module
# Layer: contrib
# Module: hypervkvp
#
# hypervkvp policy
#
hypervkvp = module
# Layer: contrib
# Module: lsm
#
# lsm policy
#
lsm = module
# Layer: contrib
# Module: motion
#
# Daemon for detect motion using a video4linux device
motion = module
# Layer: contrib
# Module: rtas
#
# rtas policy
#
rtas = module
# Layer: contrib
# Module: journalctl
#
# journalctl policy
#
journalctl = module
# Layer: contrib
# Module: gdomap
#
# gdomap policy
#
gdomap = module
# Layer: contrib
# Module: minidlna
#
# minidlna policy
#
minidlna = module
# Layer: contrib
# Module: minissdpd
#
# minissdpd policy
#
minissdpd = module
# Layer: contrib
# Module: freeipmi
#
# Remote-Console (out-of-band) and System Management Software (in-band)
# based on IntelligentPlatform Management Interface specification
#
freeipmi = module
# Layer: contrib
# Module: mirrormanager
#
# mirrormanager policy
#
mirrormanager = module
# Layer: contrib
# Module: snapper
#
# snapper policy
#
snapper = module
# Layer: contrib
# Module: pcp
#
# pcp policy
#
pcp = module
# Layer: contrib
# Module: geoclue
#
# Add policy for Geoclue. Geoclue is a D-Bus service that provides location information
#
geoclue = module
# Layer: contrib
# Module: rkhunter
#
# rkhunter policy for /var/lib/rkhunter
#
rkhunter = module
# Layer: contrib
# Module: bacula
#
# bacula policy
#
bacula = module
# Layer: contrib
# Module: rhnsd
#
# rhnsd policy
#
rhnsd = module
# Layer: contrib
# Module: mongodb
#
# mongodb policy
#
mongodb = module
# Layer: contrib
# Module: iotop
#
# iotop policy
#
iotop = module
# Layer: contrib
# Module: kmscon
#
# kmscon policy
#
kmscon = module
# Layer: contrib
# Module: naemon
#
# naemon policy
#
naemon = module
# Layer: contrib
# Module: brltty
#
# brltty policy
#
brltty = module
# Layer: contrib
# Module: cpuplug
#
# cpuplug policy
#
cpuplug = module
# Layer: contrib
# Module: mon_statd
#
# mon_statd policy
#
mon_statd = module
# Layer: contrib
# Module: cinder
#
# openstack-cinder policy
#
cinder = module
# Layer: contrib
# Module: linuxptp
#
# linuxptp policy
#
linuxptp = module
# Layer: contrib
# Module: rolekit
#
# rolekit policy
#
rolekit = module
# Layer: contrib
# Module: targetd
#
# targetd policy
#
targetd = module
# Layer: contrib
# Module: hsqldb
#
# Hsqldb is transactional database engine with in-memory and disk-based tables, supporting embedded and server modes.
#
hsqldb = module
# Layer: contrib
# Module: blkmapd
#
# The blkmapd daemon performs device discovery and mapping for pNFS block layout client.
#
blkmapd = module
# Layer: contrib
# Module: pkcs11proxyd
#
# pkcs11proxyd policy
#
pkcs11proxyd = module
# Layer: contrib
# Module: ipmievd
#
# IPMI event daemon for sending events to syslog
#
ipmievd = module
# Layer: contrib
# Module: openfortivpn
#
# Fortinet compatible SSL VPN daemons.
#
openfortivpn = module
# Layer: contrib
# Module: fwupd
#
# fwupd is a daemon to allow session software to update device firmware.
#
fwupd = module
# Layer: contrib
# Module: lttng-tools
#
# LTTng 2.x central tracing registry session daemon.
#
lttng-tools = module
# Layer: contrib
# Module: rkt
#
# CLI for running app containers
#
rkt = module
# Layer: contrib
# Module: opendnssec
#
# opendnssec
#
opendnssec = module
# Layer: contrib
# Module: hwloc
#
# hwloc
#
hwloc = module
# Layer: contrib
# Module: sbd
#
# sbd
#
sbd = module
# Layer: contrib
# Module: tlp
#
# tlp
#
tlp = module
# Layer: contrib
# Module: conntrackd
#
# conntrackd
#
conntrackd = module
# Layer: contrib
# Module: tangd
#
# tangd
#
tangd = module
# Layer: contrib
# Module: ibacm
#
# ibacm
#
ibacm = module
# Layer: contrib
# Module: opafm
#
# opafm
#
opafm = module
# Layer: contrib
# Module: boltd
#
# boltd
#
boltd = module
# Layer: contrib
# Module: kpatch
#
# kpatch
#
kpatch = module
# Layer: contrib
# Module: timedatex
#
# timedatex
#
timedatex = module
# Layer: contrib
# Module: rrdcached
#
# rrdcached
#
rrdcached = module
# Layer: contrib
# Module: stratisd
#
# stratisd
#
stratisd = module
# Layer: contrib
# Module: ica
#
# ica
#
ica = module
# Layer: contrib
# Module: fedoratp
#
# fedoratp
#
fedoratp = module
# Layer: contrib
# Module: insights_client
#
# insights_client
#
insights_client = module
# Layer: contrib
# Module: stalld
#
# stalld
#
stalld = module
# Layer: contrib
# Module: rhcd
#
# rhcd
#
rhcd = module
# Layer: contrib
# Module: wireguard
#
# wireguard
#
wireguard = module
# Layer: contrib
# Module: mptcpd
#
# mptcpd
#
mptcpd = module
# Layer: contrib
# Module: rshim
#
# rshim
#
rshim = module
# Layer: contrib
# Module: keyutils
#
# keyutils
#
keyutils = module
# Layer: contrib
# Module: cifsutils
#
# cifsutils - Utilities for managing CIFS mounts
#
cifsutils = module
# Layer: contrib
# Module: boothd
#
# boothd - Booth cluster ticket manager
#
boothd = module
# Layer: contrib
# Module: kafs
#
# kafs - Tools for kAFS
#
kafs = module
# Layer: contrib
# Module: bootupd
#
# bootupd - bootloader update daemon
#
bootupd = module
# Layer: contrib
# Module: fdo
#
# fdo - fido device onboard protocol for IoT devices
#
fdo = module
# Layer: contrib
# Module: qatlib
#
# qatlib - Intel QuickAssist technology library and resources management
#
qatlib = module
# Layer: services
# Module: virt_supplementary
#
# non-libvirt virtualization libraries
#
virt_supplementary = module
# Layer: contrib
# Module: nvme_stas
#
# nvme_stas
#
nvme_stas = module
# Layer: contrib
# Module: coreos_installer
#
# coreos_installer
#
coreos_installer = module
# Layer: contrib
# Module: afterburn
#
# afterburn
#
afterburn = module
# Layer: contrib
# Module: sap
#
# sap
#
sap = module