<html>

<head>

<title>

 Security Enhanced Linux Reference Policy

 </title>

<style type="text/css" media="all">@import "style.css";</style>

</head>

<body>

Security Enhanced Linux Reference Policy

		+ 

		admin

			   - 

			acct

			   - 

			anaconda

			   - 

			consoletype

			   - 

			dmesg

			   - 

			dmidecode

			   - 

			firstboot

			   - 

			kudzu

			   - 

			logrotate

			   - 

			netutils

			   - 

			quota

			   - 

			rpm

			   - 

			su

			   - 

			sudo

			   - 

			tmpreaper

			   - 

			updfstab

			   - 

			usermanage

			   - 

			vpn

		+ 

		apps

			   - 

			gpg

			   - 

			loadkeys

			   - 

			webalizer

		+ 

		kernel

			   - 

			bootloader

			   - 

			corenetwork

			   - 

			devices

			   - 

			filesystem

			   - 

			kernel

			   - 

			mls

			   - 

			selinux

			   - 

			storage

			   - 

			terminal

		+ 

		services

			   - 

			apache

			   - 

			apm

			   - 

			arpwatch

			   - 

			bind

			   - 

			bluetooth

			   - 

			comsat

			   - 

			cpucontrol

			   - 

			cron

			   - 

			cvs

			   - 

			dbus

			   - 

			dhcp

			   - 

			dictd

			   - 

			finger

			   - 

			ftp

			   - 

			gpm

			   - 

			hal

			   - 

			howl

			   - 

			inetd

			   - 

			inn

			   - 

			kerberos

			   - 

			ktalk

			   - 

			ldap

			   - 

			mailman

			   - 

			mta

			   - 

			mysql

			   - 

			nis

			   - 

			nscd

			   - 

			ntp

			   - 

			portmap

			   - 

			postgresql

			   - 

			ppp

			   - 

			privoxy

			   - 

			radvd

			   - 

			remotelogin

			   - 

			rlogin

			   - 

			rshd

			   - 

			rsync

			   - 

			samba

			   - 

			sasl

			   - 

			sendmail

			   - 

			snmp

			   - 

			squid

			   - 

			ssh

			   - 

			stunnel

			   - 

			tcpd

			   - 

			telnet

			   - 

			tftp

			   - 

			uucp

			   - 

			zebra

		+ 

		system

			   - 

			authlogin

			   - 

			clock

			   - 

			corecommands

			   - 

			domain

			   - 

			files

			   - 

			fstools

			   - 

			getty

			   - 

			hostname

			   - 

			hotplug

			   - 

			init

			   - 

			ipsec

			   - 

			iptables

			   - 

			libraries

			   - 

			locallogin

			   - 

			logging

			   - 

			lvm

			   - 

			miscfiles

			   - 

			modutils

			   - 

			mount

			   - 

			pcmcia

			   - 

			raid

			   - 

			selinuxutil

			   - 

			sysnetwork

			   - 

			udev

			   - 

			unconfined

			   - 

			userdomain

	* Global Booleans 

	* Global Tunables 

	* Layer Index

	* Interface Index

	* Template Index

Layer: admin

	Policy modules for administrative functions, such as package management.

Module:Description:

			acct

			
Berkeley process accounting

			anaconda

			
Policy for the Anaconda installer.

			consoletype

Determine of the console connected to the controlling terminal.

			dmesg

			
Policy for dmesg.

			dmidecode

			
Decode DMI data for x86/ia64 bioses.

			firstboot

Final system configuration run during the first boot

after installation of Red Hat/Fedora systems.

			kudzu

			
Hardware detection and configuration tools

			logrotate

			
Rotate and archive system logs

			netutils

			
Network analysis utilities

			quota

			
File system quota management

			rpm

			
Policy for the RPM package manager.

			su

			
Run shells with substitute user and group

			sudo

			
Execute a command with a substitute user

			tmpreaper

			
Manage temporary directory sizes and file ages

			updfstab

			
Red Hat utility to change /etc/fstab.

			usermanage

			
Policy for managing user accounts.

			vpn

			
Virtual Private Networking client

Layer: kernel

Policy for kernel threads, proc filesystem,and unlabeled processes and objects.

Module:Description:

			bootloader

			
Policy for the kernel modules, kernel image, and bootloader.

			corenetwork

			
Policy controlling access to network objects

			devices

Device nodes and interfaces for many basic system devices.

			filesystem

			
Policy for filesystems.

			kernel

Policy for kernel threads, proc filesystem,and unlabeled processes and objects.

			mls

			
Multilevel security policy

			selinux

Policy for kernel security interface, in particular, selinuxfs.

			storage

			
Policy controlling access to storage devices

			terminal

			
Policy for terminals.

Layer: apps

Policy modules for applications

Module:Description:

			gpg

			
Policy for GNU Privacy Guard and related programs.

			loadkeys

			
Load keyboard mappings.

			webalizer

			
Web server log analysis

Layer: system

	Policy modules for system functions from init to multi-user login.

Module:Description:

			authlogin

			
Common policy for authentication and user login.

			clock

			
Policy for reading and setting the hardware clock.

			corecommands

Core policy for shells, and generic programs

in /bin, /sbin, /usr/bin, and /usr/sbin.

			domain

			
Core policy for domains.

			files

Basic filesystem types and interfaces.

			fstools

			
Tools for filesystem management, such as mkfs and fsck.

			getty

			
Policy for getty.

			hostname

			
Policy for changing the system host name.

			hotplug

Policy for hotplug system, for supporting the

connection and disconnection of devices at runtime.

			init

			
System initialization programs (init and init scripts).

			ipsec

			
TCP/IP encryption

			iptables

			
Policy for iptables.

			libraries

			
Policy for system libraries.

			locallogin

			
Policy for local logins.

			logging

			
Policy for the kernel message logger and system logging daemon.

			lvm

			
Policy for logical volume management programs.

			miscfiles

			
Miscelaneous files.

			modutils

			
Policy for kernel module utilities

			mount

			
Policy for mount.

			pcmcia

			
PCMCIA card management services

			raid

			
RAID array management tools

			selinuxutil

			
Policy for SELinux policy and userland applications.

			sysnetwork

			
Policy for network configuration: ifconfig and dhcp client.

			udev

			
Policy for udev.

			unconfined

			
The unconfined domain.

			userdomain

			
Policy for user domains

Layer: services

	Policy modules for system services, like cron, and network services,

	like sshd.

Module:Description:

			apache

			
Apache web server

			apm

			
Advanced power management daemon

			arpwatch

			
Ethernet activity monitor.

			bind

			
Berkeley internet name domain DNS server.

			bluetooth

			
Bluetooth tools and system services.

			comsat

			
Comsat, a biff server.

			cpucontrol

			
Services for loading CPU microcode and CPU frequency scaling.

			cron

			
Periodic execution of scheduled commands.