Chris PeBenito c2ecf0
<html>
Chris PeBenito c2ecf0
<head>
Chris PeBenito c2ecf0
<title>
Chris PeBenito c2ecf0
 Security Enhanced Linux Reference Policy
Chris PeBenito c2ecf0
 </title>
Chris PeBenito c2ecf0
<style type="text/css" media="all">@import "style.css";</style>
Chris PeBenito c2ecf0
</head>
Chris PeBenito c2ecf0
<body>
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		admin
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			acct
Chris PeBenito c2ecf0
		
Chris PeBenito 862a1e
			   - 
Chris PeBenito 862a1e
			anaconda
Chris PeBenito 862a1e
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			consoletype
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			dmesg
Chris PeBenito c2ecf0
		
Chris PeBenito 862a1e
			   - 
Chris PeBenito 862a1e
			dmidecode
Chris PeBenito 862a1e
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			firstboot
Chris PeBenito c2ecf0
		
Chris PeBenito 862a1e
			   - 
Chris PeBenito 862a1e
			kudzu
Chris PeBenito 862a1e
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			logrotate
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			netutils
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			quota
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			rpm
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			su
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			sudo
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			tmpreaper
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			updfstab
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
			   - 
Chris PeBenito c2ecf0
			usermanage
Chris PeBenito c2ecf0
		
Chris PeBenito 44a4c2
			   - 
Chris PeBenito 44a4c2
			vpn
Chris PeBenito 44a4c2
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		apps
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		kernel
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		services
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		system
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
	

Chris PeBenito c2ecf0
	* Global Booleans 
Chris PeBenito c2ecf0
	

Chris PeBenito c2ecf0
	* Global Tunables 
Chris PeBenito c2ecf0
	


Chris PeBenito c2ecf0
	* Layer Index
Chris PeBenito c2ecf0
	

Chris PeBenito c2ecf0
	* Interface Index
Chris PeBenito c2ecf0
	

Chris PeBenito c2ecf0
	* Template Index
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0

Layer: admin

Chris PeBenito c2ecf0

Module: su

Chris PeBenito c2ecf0
Chris PeBenito 862a1e
Interfaces
Chris PeBenito 862a1e
Templates
Chris PeBenito 862a1e
Chris PeBenito c2ecf0

Description:

Chris PeBenito c2ecf0
Chris PeBenito c2ecf0

Run shells with substitute user and group

Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito 862a1e
Chris PeBenito 862a1e

Interfaces:

Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
su_exec(
Chris PeBenito 862a1e
	
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		domain
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
	
Chris PeBenito 862a1e
	)
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Summary
Chris PeBenito 862a1e

Chris PeBenito 862a1e
Execute su in the caller domain.
Chris PeBenito 862a1e

Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Parameters
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Parameter:Description:Optional:
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
domain
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Domain allowed access.
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
No
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Return
Chris PeBenito 862a1e
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0

Templates:

Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
su_per_userdomain_template(
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		userdomain_prefix
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito e376ad
		
Chris PeBenito e376ad
			,
Chris PeBenito e376ad
		
Chris PeBenito e376ad
		
Chris PeBenito e376ad
		
Chris PeBenito e376ad
		user_domain
Chris PeBenito e376ad
		
Chris PeBenito e376ad
	
Chris PeBenito e376ad
		
Chris PeBenito e376ad
			,
Chris PeBenito e376ad
		
Chris PeBenito e376ad
		
Chris PeBenito e376ad
		
Chris PeBenito e376ad
		user_role
Chris PeBenito e376ad
		
Chris PeBenito e376ad
	
Chris PeBenito c2ecf0
	)
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Summary
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
The per user domain template for the su module.
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Description
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
This template creates a derived domain which is allowed
Chris PeBenito c2ecf0
to change the linux user id, to run shells as a different
Chris PeBenito c2ecf0
user.
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
This template is invoked automatically for each user, and
Chris PeBenito c2ecf0
generally does not need to be invoked directly
Chris PeBenito c2ecf0
by policy writers.
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Parameters
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Parameter:Description:Optional:
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
userdomain_prefix
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
The prefix of the user domain (e.g., user
Chris PeBenito c2ecf0
is the prefix for user_t).
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
No
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito e376ad
Chris PeBenito e376ad
user_domain
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito e376ad
The type of the user domain.
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito e376ad
No
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito e376ad
user_role
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito e376ad
The role associated with the user domain.
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito e376ad
No
Chris PeBenito e376ad
Chris PeBenito e376ad
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Return
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito e376ad
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
</body>
Chris PeBenito c2ecf0
</html>