rpms / selinux-policy

Clone
Source Code
GIT

Blame refpolicy/policy/flask/access_vectors

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   050f364c01575ce499e30318053007082b70908b
  2.   refpolicy
  3.   policy
  4.   flask
  5.   access_vectors
Blob History Raw
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define common prefixes for access vectors
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# common common_name { permission_name ... }
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define a common prefix for file access vectors.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
common file
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	ioctl
Chris PeBenito 134191 
	read
Chris PeBenito 134191 
	write
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
	lock
Chris PeBenito 134191 
	relabelfrom
Chris PeBenito 134191 
	relabelto
Chris PeBenito 134191 
	append
Chris PeBenito 134191 
	unlink
Chris PeBenito 134191 
	link
Chris PeBenito 134191 
	rename
Chris PeBenito 134191 
	execute
Chris PeBenito 134191 
	swapon
Chris PeBenito 134191 
	quotaon
Chris PeBenito 134191 
	mounton
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define a common prefix for socket access vectors.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
common socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
# inherited from file
Chris PeBenito 134191 
	ioctl
Chris PeBenito 134191 
	read
Chris PeBenito 134191 
	write
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
	lock
Chris PeBenito 134191 
	relabelfrom
Chris PeBenito 134191 
	relabelto
Chris PeBenito 134191 
	append
Chris PeBenito 134191 
# socket-specific
Chris PeBenito 134191 
	bind
Chris PeBenito 134191 
	connect
Chris PeBenito 134191 
	listen
Chris PeBenito 134191 
	accept
Chris PeBenito 134191 
	getopt
Chris PeBenito 134191 
	setopt
Chris PeBenito 134191 
	shutdown
Chris PeBenito 134191 
	recvfrom
Chris PeBenito 134191 
	sendto
Chris PeBenito 134191 
	recv_msg
Chris PeBenito 134191 
	send_msg
Chris PeBenito 134191 
	name_bind
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define a common prefix for ipc access vectors.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
common ipc
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	destroy
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
	read
Chris PeBenito 134191 
	write
Chris PeBenito 134191 
	associate
Chris PeBenito 134191 
	unix_read
Chris PeBenito 134191 
	unix_write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vectors.
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# class class_name [ inherits common_name ] { permission_name ... }
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for file-related objects.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class filesystem
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	mount
Chris PeBenito 134191 
	remount
Chris PeBenito 134191 
	unmount
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	relabelfrom
Chris PeBenito 134191 
	relabelto
Chris PeBenito 134191 
	transition
Chris PeBenito 134191 
	associate
Chris PeBenito 134191 
	quotamod
Chris PeBenito 134191 
	quotaget
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class dir
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	add_name
Chris PeBenito 134191 
	remove_name
Chris PeBenito 134191 
	reparent
Chris PeBenito 134191 
	search
Chris PeBenito 134191 
	rmdir
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class file
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	execute_no_trans
Chris PeBenito 134191 
	entrypoint
Chris PeBenito 134191 
	execmod
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class lnk_file
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191
Chris PeBenito 134191 
class chr_file
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	execute_no_trans
Chris PeBenito 134191 
	entrypoint
Chris PeBenito 134191 
	execmod
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class blk_file
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191
Chris PeBenito 134191 
class sock_file
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191
Chris PeBenito 134191 
class fifo_file
Chris PeBenito 134191 
inherits file
Chris PeBenito 134191
Chris PeBenito 134191 
class fd
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	use
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for network-related objects.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
class tcp_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	connectto
Chris PeBenito 134191 
	newconn
Chris PeBenito 134191 
	acceptfrom
Chris PeBenito 134191 
	node_bind
Chris PeBenito 134191 
	name_connect
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class udp_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	node_bind
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class rawip_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	node_bind
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class node
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	tcp_recv
Chris PeBenito 134191 
	tcp_send
Chris PeBenito 134191 
	udp_recv
Chris PeBenito 134191 
	udp_send
Chris PeBenito 134191 
	rawip_recv
Chris PeBenito 134191 
	rawip_send
Chris PeBenito 134191 
	enforce_dest
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netif
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	tcp_recv
Chris PeBenito 134191 
	tcp_send
Chris PeBenito 134191 
	udp_recv
Chris PeBenito 134191 
	udp_send
Chris PeBenito 134191 
	rawip_recv
Chris PeBenito 134191 
	rawip_send
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
class packet_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
class key_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
class unix_stream_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	connectto
Chris PeBenito 134191 
	newconn
Chris PeBenito 134191 
	acceptfrom
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class unix_dgram_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for process-related objects
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class process
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	fork
Chris PeBenito 134191 
	transition
Chris PeBenito 134191 
	sigchld # commonly granted from child to parent
Chris PeBenito 134191 
	sigkill # cannot be caught or ignored
Chris PeBenito 134191 
	sigstop # cannot be caught or ignored
Chris PeBenito 134191 
	signull # for kill(pid, 0)
Chris PeBenito 134191 
	signal  # all other signals
Chris PeBenito 134191 
	ptrace
Chris PeBenito 134191 
	getsched
Chris PeBenito 134191 
	setsched
Chris PeBenito 134191 
	getsession
Chris PeBenito 134191 
	getpgid
Chris PeBenito 134191 
	setpgid
Chris PeBenito 134191 
	getcap
Chris PeBenito 134191 
	setcap
Chris PeBenito 134191 
	share
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setexec
Chris PeBenito 134191 
	setfscreate
Chris PeBenito 134191 
	noatsecure
Chris PeBenito 134191 
	siginh
Chris PeBenito 134191 
	setrlimit
Chris PeBenito 134191 
	rlimitinh
Chris PeBenito 134191 
	dyntransition
Chris PeBenito 134191 
	setcurrent
Chris PeBenito 134191 
	execmem
Chris PeBenito 134191 
	execstack
Chris PeBenito 134191 
	execheap
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for ipc-related objects
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class ipc
Chris PeBenito 134191 
inherits ipc
Chris PeBenito 134191
Chris PeBenito 134191 
class sem
Chris PeBenito 134191 
inherits ipc
Chris PeBenito 134191
Chris PeBenito 134191 
class msgq
Chris PeBenito 134191 
inherits ipc
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	enqueue
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class msg
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	send
Chris PeBenito 134191 
	receive
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class shm
Chris PeBenito 134191 
inherits ipc
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	lock
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for the security server.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class security
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	compute_av
Chris PeBenito 134191 
	compute_create
Chris PeBenito 134191 
	compute_member
Chris PeBenito 134191 
	check_context
Chris PeBenito 134191 
	load_policy
Chris PeBenito 134191 
	compute_relabel
Chris PeBenito 134191 
	compute_user
Chris PeBenito 134191 
	setenforce     # was avc_toggle in system class
Chris PeBenito 134191 
	setbool
Chris PeBenito 134191 
	setsecparam
Chris PeBenito 134191 
	setcheckreqprot
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for system operations.
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class system
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	ipc_info
Chris PeBenito 134191 
	syslog_read
Chris PeBenito 134191 
	syslog_mod
Chris PeBenito 134191 
	syslog_console
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for controling capabilies
Chris PeBenito 134191 
#
Chris PeBenito 134191
Chris PeBenito 134191 
class capability
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	# The capabilities are defined in include/linux/capability.h
Chris PeBenito 134191 
	# Care should be taken to ensure that these are consistent with
Chris PeBenito 134191 
	# those definitions. (Order matters)
Chris PeBenito 134191
Chris PeBenito 134191 
	chown
Chris PeBenito 134191 
	dac_override
Chris PeBenito 134191 
	dac_read_search
Chris PeBenito 134191 
	fowner
Chris PeBenito 134191 
	fsetid
Chris PeBenito 134191 
	kill
Chris PeBenito 134191 
	setgid
Chris PeBenito 134191 
	setuid
Chris PeBenito 134191 
	setpcap
Chris PeBenito 134191 
	linux_immutable
Chris PeBenito 134191 
	net_bind_service
Chris PeBenito 134191 
	net_broadcast
Chris PeBenito 134191 
	net_admin
Chris PeBenito 134191 
	net_raw
Chris PeBenito 134191 
	ipc_lock
Chris PeBenito 134191 
	ipc_owner
Chris PeBenito 134191 
	sys_module
Chris PeBenito 134191 
	sys_rawio
Chris PeBenito 134191 
	sys_chroot
Chris PeBenito 134191 
	sys_ptrace
Chris PeBenito 134191 
	sys_pacct
Chris PeBenito 134191 
	sys_admin
Chris PeBenito 134191 
	sys_boot
Chris PeBenito 134191 
	sys_nice
Chris PeBenito 134191 
	sys_resource
Chris PeBenito 134191 
	sys_time
Chris PeBenito 134191 
	sys_tty_config
Chris PeBenito 134191 
	mknod
Chris PeBenito 134191 
	lease
Chris PeBenito 134191 
	audit_write
Chris PeBenito 134191 
	audit_control
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for controlling
Chris PeBenito 134191 
# changes to passwd information.
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class passwd
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	passwd	# change another user passwd
Chris PeBenito 134191 
	chfn	# change another user finger info
Chris PeBenito 134191 
	chsh	# change another user shell
Chris PeBenito 134191 
	rootok  # pam_rootok check (skip auth)
Chris PeBenito 134191 
	crontab # crontab on another user
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# SE-X Windows stuff
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class drawable
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	destroy
Chris PeBenito 134191 
	draw
Chris PeBenito 134191 
	copy
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class gc
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	free
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class window
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	addchild
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	destroy
Chris PeBenito 134191 
	map
Chris PeBenito 134191 
	unmap
Chris PeBenito 134191 
	chstack
Chris PeBenito 134191 
	chproplist
Chris PeBenito 134191 
	chprop
Chris PeBenito 134191 
	listprop
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
	setfocus
Chris PeBenito 134191 
	move
Chris PeBenito 134191 
	chselection
Chris PeBenito 134191 
	chparent
Chris PeBenito 134191 
	ctrllife
Chris PeBenito 134191 
	enumerate
Chris PeBenito 134191 
	transparent
Chris PeBenito 134191 
	mousemotion
Chris PeBenito 134191 
	clientcomevent
Chris PeBenito 134191 
	inputevent
Chris PeBenito 134191 
	drawevent
Chris PeBenito 134191 
	windowchangeevent
Chris PeBenito 134191 
	windowchangerequest
Chris PeBenito 134191 
	serverchangeevent
Chris PeBenito 134191 
	extensionevent
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class font
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	load
Chris PeBenito 134191 
	free
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	use
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class colormap
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	free
Chris PeBenito 134191 
	install
Chris PeBenito 134191 
	uninstall
Chris PeBenito 134191 
	list
Chris PeBenito 134191 
	read
Chris PeBenito 134191 
	store
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class property
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	free
Chris PeBenito 134191 
	read
Chris PeBenito 134191 
	write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class cursor
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	create
Chris PeBenito 134191 
	createglyph
Chris PeBenito 134191 
	free
Chris PeBenito 134191 
	assign
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class xclient
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	kill
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class xinput
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	lookup
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	setattr
Chris PeBenito 134191 
	setfocus
Chris PeBenito 134191 
	warppointer
Chris PeBenito 134191 
	activegrab
Chris PeBenito 134191 
	passivegrab
Chris PeBenito 134191 
	ungrab
Chris PeBenito 134191 
	bell
Chris PeBenito 134191 
	mousemotion
Chris PeBenito 134191 
	relabelinput
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class xserver
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	screensaver
Chris PeBenito 134191 
	gethostlist
Chris PeBenito 134191 
	sethostlist
Chris PeBenito 134191 
	getfontpath
Chris PeBenito 134191 
	setfontpath
Chris PeBenito 134191 
	getattr
Chris PeBenito 134191 
	grab
Chris PeBenito 134191 
	ungrab
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class xextension
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	query
Chris PeBenito 134191 
	use
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Define the access vector interpretation for controlling
Chris PeBenito 134191 
# PaX flags
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class pax
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	pageexec	# Paging based non-executable pages
Chris PeBenito 134191 
	emutramp	# Emulate trampolines
Chris PeBenito 134191 
	mprotect	# Restrict mprotect()
Chris PeBenito 134191 
	randmmap	# Randomize mmap() base
Chris PeBenito 134191 
	randexec	# Randomize ET_EXEC base
Chris PeBenito 134191 
	segmexec	# Segmentation based non-executable pages
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
#
Chris PeBenito 134191 
# Extended Netlink classes
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class netlink_route_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	nlmsg_read
Chris PeBenito 134191 
	nlmsg_write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_firewall_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	nlmsg_read
Chris PeBenito 134191 
	nlmsg_write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_tcpdiag_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	nlmsg_read
Chris PeBenito 134191 
	nlmsg_write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_nflog_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_xfrm_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	nlmsg_read
Chris PeBenito 134191 
	nlmsg_write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_selinux_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_audit_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	nlmsg_read
Chris PeBenito 134191 
	nlmsg_write
Chris PeBenito 134191 
	nlmsg_relay
Chris PeBenito 134191 
	nlmsg_readpriv
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_ip6fw_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	nlmsg_read
Chris PeBenito 134191 
	nlmsg_write
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
class netlink_dnrt_socket
Chris PeBenito 134191 
inherits socket
Chris PeBenito 134191
Chris PeBenito 134191 
# Define the access vector interpretation for controlling
Chris PeBenito 134191 
# access and communication through the D-BUS messaging
Chris PeBenito 134191 
# system.
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class dbus
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	acquire_svc
Chris PeBenito 134191 
	send_msg
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
# Define the access vector interpretation for controlling
Chris PeBenito 134191 
# access through the name service cache daemon (nscd).
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class nscd
Chris PeBenito 134191 
{
Chris PeBenito 134191 
	getpwd
Chris PeBenito 134191 
	getgrp
Chris PeBenito 134191 
	gethost
Chris PeBenito 134191 
	getstat
Chris PeBenito 134191 
	admin
Chris PeBenito 4d0d41 
	shmempwd
Chris PeBenito 4d0d41 
	shmemgrp
Chris PeBenito 4d0d41 
	shmemhost
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
# Define the access vector interpretation for controlling
Chris PeBenito 134191 
# access to IPSec network data by association
Chris PeBenito 134191 
#
Chris PeBenito 134191 
class association
Chris PeBenito 134191 
{
Chris PeBenito 4d0d41 
	sendto
Chris PeBenito 4d0d41 
	recvfrom
Chris PeBenito 765bd9 
	setcontext
Chris PeBenito 134191 
}
Chris PeBenito 134191
Chris PeBenito 134191 
# Updated Netlink class for KOBJECT_UEVENT family.
Chris PeBenito 134191 
class netlink_kobject_uevent_socket
Chris PeBenito 134191 
inherits socket

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation