selinux-policy/www/api-docs/system_authlogin.html
2005-06-15 15:45:57 +00:00

1034 lines
12 KiB
HTML

<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+&nbsp;
admin</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+&nbsp;
kernel</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+&nbsp;
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+&nbsp;
system</a></br/>
<div id='subitem'>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_authlogin.html'>
authlogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_clock.html'>
clock</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_corecommands.html'>
corecommands</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_domain.html'>
domain</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_files.html'>
files</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_getty.html'>
getty</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hostname.html'>
hostname</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_hotplug.html'>
hotplug</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_init.html'>
init</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_iptables.html'>
iptables</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_libraries.html'>
libraries</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_locallogin.html'>
locallogin</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_logging.html'>
logging</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_lvm.html'>
lvm</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_miscfiles.html'>
miscfiles</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_modutils.html'>
modutils</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_mount.html'>
mount</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_selinuxutil.html'>
selinuxutil</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_sysnetwork.html'>
sysnetwork</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_udev.html'>
udev</a><br/>
&nbsp;&nbsp;&nbsp;-&nbsp;<a href='system_userdomain.html'>
userdomain</a><br/>
</div>
<br/><p/>
<a href="interfaces.html">*&nbsp;Interface Index</a>
</div>
<div id="Content">
<h1>Layer: system</h1><p/>
<h2>Module: authlogin</h2><p/>
<h3>Description:</h3>
<p>Common policy for authentication and user login.</p>
<h3>Interfaces: </h3>
<div id="interface">
<div id="codeblock">
<b>auth_delete_pam_pid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_domtrans_chk_passwd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_domtrans_login_program</b>(
domain
,
target_domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute a login_program in the target domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
target_domain
</td><td>
The type of the login_program process.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_domtrans_pam</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute pam programs in the pam domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_domtrans_utempter</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute utempter programs in the utempter domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_dontaudit_getattr_shadow</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_dontaudit_read_shadow</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_dontaudit_write_login_records</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_exec_pam</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_list_pam_console_data</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_login_entry_type</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_manage_all_files_except_shadow</b>(
domain
,
[
exception_types
]
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Manage all files on the filesystem, except
the shadow passwords and listed exceptions.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the domain perfoming this action.
</td><td>
No
</td></tr>
<tr><td>
exception_types
</td><td>
The types to be excluded. Each type or attribute
must be negated by the caller.
</td><td>
yes
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_read_login_records</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_read_shadow</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_relabel_all_files_except_shadow</b>(
domain
,
[
exception_types
]
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Relabel all files on the filesystem, except
the shadow passwords and listed exceptions.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the domain perfoming this action.
</td><td>
No
</td></tr>
<tr><td>
exception_types
</td><td>
The types to be excluded. Each type or attribute
must be negated by the caller.
</td><td>
yes
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_run_pam</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute pam programs in the PAM domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to allow the PAM domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the PAM domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_run_utempter</b>(
domain
,
role
,
terminal
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
Execute utempter programs in the utempter domain.
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
The type of the process performing this action.
</td><td>
No
</td></tr>
<tr><td>
role
</td><td>
The role to allow the utempter domain.
</td><td>
No
</td></tr>
<tr><td>
terminal
</td><td>
The type of the terminal allow the utempter domain to use.
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>auth_rw_shadow</b>(
domain
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
domain
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
<div id="interface">
<div id="codeblock">
<b>authlogin_per_userdomain_template</b>(
userdomain_prefix
)<br>
</div>
<div id="description">
<h5>Description:</h5>
<p>
</p><br/>
<h5>Parameters:</h5>
<div id="description">
<table border="1" cellspacing="0" cellpadding="3" width="80%">
<tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr>
<tr><td>
userdomain_prefix
</td><td>
</td><td>
No
</td></tr>
</table>
</div>
</div>
</div>
</div>
</body>
</html>