rpms / selinux-policy

Clone
Source Code
GIT

Blame www/api-docs/kernel_selinux.html

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   5e1ed4903e17ddd1e5ffb44178a7a45083e37cfe
  2.   www
  3.   api-docs
  4.   kernel_selinux.html
Blob History Raw
Karl MacMillan 660bf7 
<html>
Karl MacMillan 660bf7 
<head>
Karl MacMillan 660bf7 
<title>
Karl MacMillan 660bf7 
 Security Enhanced Linux Reference Policy
Karl MacMillan 660bf7 
 </title>
Karl MacMillan 660bf7 
<style type="text/css" media="all">@import "style.css";</style>
Karl MacMillan 660bf7 
</head>
Karl MacMillan 660bf7 
<body>
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		admin
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		kernel
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			bootloader
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			corenetwork
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			devices
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			filesystem
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			kernel
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			selinux
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			storage
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			terminal
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		services
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		system
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	* Interface Index
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Layer: kernel
Karl MacMillan 660bf7 
Module: selinux
Karl MacMillan 660bf7 
Description:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Policy for kernel security interface, in particular, selinuxfs.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Interfaces:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_compute_access_vector(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allows caller to compute an access vector.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type allowed to compute an access vector.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_compute_create_context(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_compute_relabel_context(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type to
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_compute_user_contexts(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allows caller to compute possible contexts for a user.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type allowed to compute user contexts.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_get_enforce_mode(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allows the caller to get the mode of policy enforcement
Karl MacMillan 660bf7 
		(enforcing or permissive mode).
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type to allow to get the enforcing mode.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_get_fs_mount(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Gets the caller the mountpoint of the selinuxfs filesystem.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type requesting the selinuxfs mountpoint.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_load_policy(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allow caller to load the policy into the kernel.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type that will load the policy.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_set_boolean(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			,
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			[
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		booltype
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			]
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allow caller to set the state of Booleans to
Karl MacMillan 660bf7 
		enable or disable conditional portions of the policy.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type allowed to set the Boolean.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
booltype
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The type of Booleans the caller is allowed to set.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
yes
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_set_enforce_mode(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allow caller to set the mode of policy enforcement
Karl MacMillan 660bf7 
		(enforcing or permissive mode).
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type to allow to set the enforcement mode.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_set_parameters(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allow caller to set selinux security parameters.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type to allow to set security parameters.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
selinux_validate_context(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Description
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		Allows caller to validate security contexts.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	The process type permitted to validate contexts.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
</body>
Karl MacMillan 660bf7 
</html>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation