Karl MacMillan 660bf7
<html>
Karl MacMillan 660bf7
<head>
Karl MacMillan 660bf7
<title>
Karl MacMillan 660bf7
 Security Enhanced Linux Reference Policy
Karl MacMillan 660bf7
 </title>
Karl MacMillan 660bf7
<style type="text/css" media="all">@import "style.css";</style>
Karl MacMillan 660bf7
</head>
Karl MacMillan 660bf7
<body>
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		admin
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		apps
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		kernel
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		services
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		system
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			authlogin
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			clock
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			corecommands
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			files
Karl MacMillan 660bf7
		
Chris PeBenito e3a8e3
			   - 
Chris PeBenito e3a8e3
			fstools
Chris PeBenito e3a8e3
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			getty
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			hostname
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			hotplug
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			init
Karl MacMillan 660bf7
		
Chris PeBenito 8b1125
			   - 
Chris PeBenito 8b1125
			ipsec
Chris PeBenito 8b1125
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			iptables
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			libraries
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			locallogin
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			logging
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			lvm
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			miscfiles
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			modutils
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			mount
Karl MacMillan 660bf7
		
Chris PeBenito 8b1125
			   - 
Chris PeBenito 8b1125
			pcmcia
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
			   - 
Chris PeBenito 8b1125
			raid
Chris PeBenito 8b1125
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			selinuxutil
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			sysnetwork
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			udev
Karl MacMillan 660bf7
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			unconfined
Chris PeBenito 767266
		
Karl MacMillan 660bf7
			   - 
Karl MacMillan 660bf7
			userdomain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	

Chris PeBenito 8b1125
	* Global Booleans 
Chris PeBenito 8b1125
	

Chris PeBenito 8b1125
	* Global Tunables 
Chris PeBenito 8b1125
	


Chris PeBenito 8b1125
	* Layer Index
Chris PeBenito 8b1125
	

Chris PeBenito 8b1125
	* Interface Index
Chris PeBenito e3a8e3
	

Chris PeBenito 8b1125
	* Template Index
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
Karl MacMillan 660bf7

Layer: system

Karl MacMillan 660bf7

Module: domain

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Interfaces
Chris PeBenito e3a8e3
Templates
Chris PeBenito e3a8e3
Karl MacMillan 660bf7

Description:

Karl MacMillan 660bf7
Chris PeBenito 767266

Core policy for domains.

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266

This module is required to be included in all policies.

Karl MacMillan 660bf7
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Karl MacMillan 660bf7

Interfaces:

Karl MacMillan 660bf7
Chris PeBenito c2ecf0
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito c2ecf0
domain_base_type(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito 44a4c2
		type
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito 44a4c2
Make the specified type usable as a basic domain.
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Description
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified type usable as a basic domain.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
This is primarily used for kernel threads;
Chris PeBenito 44a4c2
generally the domain_type() interface is
Chris PeBenito 44a4c2
more appropriate for userland processes.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
type
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Type to be used as a basic domain type.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_cron_exemption_source(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified domain the source of
Chris PeBenito 44a4c2
the cron domain exception of the
Chris PeBenito 44a4c2
SELinux role and identity change
Chris PeBenito 44a4c2
constraints.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Description
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified domain the source of
Chris PeBenito 44a4c2
the cron domain exception of the
Chris PeBenito 44a4c2
SELinux role and identity change
Chris PeBenito 44a4c2
constraints.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
This interface is needed to decouple
Chris PeBenito 44a4c2
the cron domains from the base module.
Chris PeBenito 44a4c2
It should not be used other than on
Chris PeBenito 44a4c2
cron domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain target for user exemption.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_cron_exemption_target(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified domain the target of
Chris PeBenito 44a4c2
the cron domain exception of the
Chris PeBenito 44a4c2
SELinux role and identity change
Chris PeBenito 44a4c2
constraints.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Description
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified domain the target of
Chris PeBenito 44a4c2
the cron domain exception of the
Chris PeBenito 44a4c2
SELinux role and identity change
Chris PeBenito 44a4c2
constraints.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
This interface is needed to decouple
Chris PeBenito 44a4c2
the cron domains from the base module.
Chris PeBenito 44a4c2
It should not be used other than on
Chris PeBenito 44a4c2
user cron jobs.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain target for user exemption.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
domain_dontaudit_getattr_all_key_sockets(
Chris PeBenito 862a1e
	
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		domain
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
	
Chris PeBenito 862a1e
	)
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Summary
Chris PeBenito 862a1e

Chris PeBenito 862a1e
Do not audit attempts to get attribues of
Chris PeBenito 862a1e
all domains IPSEC key management sockets.
Chris PeBenito 862a1e

Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Parameters
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Parameter:Description:Optional:
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
domain
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
The type of the process performing this action.
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
No
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
domain_dontaudit_getattr_all_sockets(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to get the attributes
Chris PeBenito 8b1125
of all domains sockets, for all socket types.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Description
Karl MacMillan 660bf7

Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to get the attributes
Chris PeBenito 8b1125
of all domains sockets, for all socket types.
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
This interface was added for PCMCIA cardmgr
Chris PeBenito 8b1125
and is probably excessive.
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Domain to not audit.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain_dontaudit_getattr_all_tcp_sockets(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito e3a8e3
Do not audit attempts to get the attributes
Chris PeBenito e3a8e3
of all domains TCP sockets.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito 8b1125
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_dontaudit_getattr_all_udp_sockets(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 8b1125
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Do not audit attempts to get the attributes
Chris PeBenito e3a8e3
of all domains UDP sockets.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito 8b1125
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_dontaudit_getattr_all_unix_dgram_sockets(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Do not audit attempts to get the attributes
Chris PeBenito e3a8e3
of all domains unix datagram sockets.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_dontaudit_getattr_all_unnamed_pipes(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Do not audit attempts to get the attributes
Chris PeBenito e3a8e3
of all domains unnamed pipes.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain_dontaudit_getsession_all_domains(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to get the
Chris PeBenito 8b1125
session ID of all domains.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The type of the process performing this action.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_dontaudit_list_all_domains_proc(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Do not audit attempts to read the process state
Chris PeBenito e3a8e3
directories of all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_dontaudit_ptrace_all_domains(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Do not audit attempts to ptrace all domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Description
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Do not audit attempts to ptrace all domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Generally this needs to be suppressed because procps tries to access
Chris PeBenito 44a4c2
/proc/pid/environ and this now triggers a ptrace check in recent kernels
Chris PeBenito 44a4c2
(2.4 and 2.6).
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_dontaudit_ptrace_confined_domains(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Do not audit attempts to ptrace confined domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Description
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Do not audit attempts to ptrace confined domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Generally this needs to be suppressed because procps tries to access
Chris PeBenito 44a4c2
/proc/pid/environ and this now triggers a ptrace check in recent kernels
Chris PeBenito 44a4c2
(2.4 and 2.6).
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain_dontaudit_read_all_domains_state(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to read the process
Chris PeBenito 8b1125
state (/proc/pid) of all domains.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The type of the process performing this action.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain_dontaudit_rw_all_key_sockets(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to read or write
Chris PeBenito 8b1125
all domains key sockets.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The type of the process performing this action.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain_dontaudit_rw_all_udp_sockets(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to read or write
Chris PeBenito 8b1125
all domains UDP sockets.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The type of the process performing this action.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_dontaudit_use_wide_inherit_fd(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_dyntrans_type(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_entry_file(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
			,
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		type
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito 44a4c2
Make the specified type usable as
Chris PeBenito 44a4c2
an entry point for the domain.
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Domain to be entered.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
type
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Type of program used for entering
Chris PeBenito 44a4c2
the domain.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_exec_all_entry_files(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_getattr_all_domains(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Get the attributes of all domains of all domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
domain_getattr_all_entry_files(
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
		domain
Chris PeBenito c2ecf0
		
Chris PeBenito c2ecf0
	
Chris PeBenito c2ecf0
	)
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Summary
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
Get the attributes of entry point
Chris PeBenito c2ecf0
files for all domains.
Chris PeBenito c2ecf0

Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Parameters
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Parameter:Description:Optional:
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
domain
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Domain allowed access.
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
No
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito c2ecf0
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
domain_getattr_all_sockets(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Get the attributes of all domains
Chris PeBenito 8b1125
sockets, for all socket types.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Description
Karl MacMillan 660bf7

Chris PeBenito 8b1125

Chris PeBenito 8b1125
Get the attributes of all domains
Chris PeBenito 8b1125
sockets, for all socket types.
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
This is commonly used for domains
Chris PeBenito 8b1125
that can use lsof on all domains.
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Domain allowed access.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_getattr_confined_domains(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Get the attributes of all confined domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain_getsession_all_domains(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito e3a8e3
Get the session ID of all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito 8b1125
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_kill_all_domains(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Send a kill signal to all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_obj_id_change_exempt(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Makes caller an exception to the constraint preventing
Chris PeBenito e3a8e3
changing the user identity in object contexts.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The process type to make an exception to the constraint.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
domain_ptrace_all_domains(
Chris PeBenito 862a1e
	
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
		domain
Chris PeBenito 862a1e
		
Chris PeBenito 862a1e
	
Chris PeBenito 862a1e
	)
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Summary
Chris PeBenito 862a1e

Chris PeBenito 862a1e
Ptrace all domains.
Chris PeBenito 862a1e

Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Parameters
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Parameter:Description:Optional:
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
domain
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Domain allowed access.
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
No
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 862a1e
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_read_all_domains_state(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito 8b1125
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Read the process state (/proc/pid) of all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito 8b1125
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_read_all_entry_files(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_read_confined_domains_state(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Read the process state (/proc/pid) of all confined domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_role_change_exempt(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Makes caller an exception to the constraint preventing
Chris PeBenito e3a8e3
changing of role.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The process type to make an exception to the constraint.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_search_all_domains_state(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Search the process state directory (/proc/pid) of all domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_setpriority_all_domains(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_sigchld_all_domains(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Send a child terminated signal to all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_sigchld_wide_inherit_fd(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		domain
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Send a SIGCHLD signal to domains whose file
Chris PeBenito e3a8e3
discriptors are widely inheritable.
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Domain allowed access.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_signal_all_domains(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Send general signals to all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_signull_all_domains(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Send a null signal to all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_sigstop_all_domains(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Send a stop signal to all domains.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain_subj_id_change_exempt(
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
		domain
Karl MacMillan 660bf7
		
Karl MacMillan 660bf7
	
Karl MacMillan 660bf7
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Summary
Karl MacMillan 660bf7

Chris PeBenito e3a8e3
Makes caller an exception to the constraint preventing
Chris PeBenito e3a8e3
changing of user identity.
Chris PeBenito 45d25f

Chris PeBenito 45d25f
Chris PeBenito c2ecf0
Chris PeBenito 45d25f
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
The process type to make an exception to the constraint.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_system_change_exempt(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Makes caller and execption to the constraint
Chris PeBenito 44a4c2
preventing changing to the system user
Chris PeBenito 44a4c2
identity and system role.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain allowed access.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_type(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito 44a4c2
		type
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito 44a4c2
Make the specified type usable as a domain.
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
type
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Type to be used as a domain type.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 767266
domain_unconfined(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 767266
Unconfined access to domains.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
The type of the process performing this action.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito e3a8e3
domain_use_wide_inherit_fd(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain_user_exemption_target(
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
		domain
Chris PeBenito 44a4c2
		
Chris PeBenito 44a4c2
	
Chris PeBenito 44a4c2
	)
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Summary
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified domain the target of
Chris PeBenito 44a4c2
the user domain exception of the
Chris PeBenito 44a4c2
SELinux role and identity change
Chris PeBenito 44a4c2
constraints.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Description
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Make the specified domain the target of
Chris PeBenito 44a4c2
the user domain exception of the
Chris PeBenito 44a4c2
SELinux role and identity change
Chris PeBenito 44a4c2
constraints.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
This interface is needed to decouple
Chris PeBenito 44a4c2
the user domains from the base module.
Chris PeBenito 44a4c2
It should not be used other than on
Chris PeBenito 44a4c2
user domains.
Chris PeBenito 44a4c2

Chris PeBenito 44a4c2

Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameters
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Parameter:Description:Optional:
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
domain
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Domain target for user exemption.
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
No
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 44a4c2
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_wide_inherit_fd(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Return
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3

Templates:

Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_auto_trans(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 8b1125
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
domain_trans(
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
		?
Chris PeBenito e3a8e3
		
Chris PeBenito e3a8e3
	
Chris PeBenito e3a8e3
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Summary
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Summary is missing!
Chris PeBenito e3a8e3

Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
?
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Parameter descriptions are missing!
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Return
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e376ad
Karl MacMillan 660bf7
Karl MacMillan 660bf7
</body>
Karl MacMillan 660bf7
</html>