Chris PeBenito 767266
<html>
Chris PeBenito 767266
<head>
Chris PeBenito 767266
<title>
Chris PeBenito 767266
 Security Enhanced Linux Reference Policy
Chris PeBenito 767266
 </title>
Chris PeBenito 767266
<style type="text/css" media="all">@import "style.css";</style>
Chris PeBenito 767266
</head>
Chris PeBenito 767266
<body>
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		admin
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		apps
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		kernel
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		services
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		system
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			authlogin
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			clock
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			corecommands
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			domain
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			files
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			fstools
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			getty
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			hostname
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			hotplug
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			init
Chris PeBenito 767266
		
Chris PeBenito 8b1125
			   - 
Chris PeBenito 8b1125
			ipsec
Chris PeBenito 8b1125
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			iptables
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			libraries
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			locallogin
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			logging
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			lvm
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			miscfiles
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			modutils
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			mount
Chris PeBenito 767266
		
Chris PeBenito 8b1125
			   - 
Chris PeBenito 8b1125
			pcmcia
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
			   - 
Chris PeBenito 8b1125
			raid
Chris PeBenito 8b1125
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			selinuxutil
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			sysnetwork
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			udev
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			unconfined
Chris PeBenito 767266
		
Chris PeBenito 767266
			   - 
Chris PeBenito 767266
			userdomain
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	

Chris PeBenito 8b1125
	* Global Booleans 
Chris PeBenito 8b1125
	

Chris PeBenito 8b1125
	* Global Tunables 
Chris PeBenito 8b1125
	


Chris PeBenito 8b1125
	* Layer Index
Chris PeBenito 8b1125
	

Chris PeBenito 8b1125
	* Interface Index
Chris PeBenito 767266
	

Chris PeBenito 8b1125
	* Template Index
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266

Layer: system

Chris PeBenito 767266

Module: unconfined

Chris PeBenito 767266
Chris PeBenito 767266
Interfaces
Chris PeBenito 767266
Templates
Chris PeBenito 767266
Chris PeBenito 767266

Description:

Chris PeBenito 767266
Chris PeBenito 767266

The unconfined domain.

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266

Interfaces:

Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 8b1125
unconfined_domtrans(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 8b1125
Transition to the unconfined domain.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Domain allowed access.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
unconfined_dontaudit_rw_tcp_socket(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to read or write
Chris PeBenito 8b1125
unconfined domain tcp sockets.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Description
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
Do not audit attempts to read or write
Chris PeBenito 8b1125
unconfined domain tcp sockets.
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
This interface was added due to a broken
Chris PeBenito 8b1125
symptom in ldconfig.
Chris PeBenito 8b1125

Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Domain to not audit.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
unconfined_role(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 767266
Add the unconfined domain to the specified role.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Domain allowed access.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
unconfined_run(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
			,
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		role
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
			,
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		terminal
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito c2ecf0
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Execute specified programs in the unconfined domain.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito c2ecf0
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The type of the process performing this action.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
role
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The role to allow the unconfined domain.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
terminal
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
The type of the terminal allow the unconfined domain to use.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
unconfined_rw_pipe(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 767266
Read and write unconfined domain unnamed pipes.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Domain allowed access.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
unconfined_shell_domtrans(
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
		domain
Chris PeBenito 8b1125
		
Chris PeBenito 8b1125
	
Chris PeBenito 8b1125
	)
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Summary
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Transition to the unconfined domain by executing a shell.
Chris PeBenito 8b1125

Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameters
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Parameter:Description:Optional:
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
domain
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Domain allowed access.
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
No
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
unconfined_sigchld(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 767266
Send a SIGCHLD signal to the unconfined domain.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Domain allowed access.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
unconfined_use_fd(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 767266
Inherit file descriptors from the unconfined domain.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Domain allowed access.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Return
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266

Templates:

Chris PeBenito 767266
Chris PeBenito 8b1125
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
unconfined_domain_template(
Chris PeBenito 767266
	
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		
Chris PeBenito 767266
		domain
Chris PeBenito 767266
		
Chris PeBenito 767266
	
Chris PeBenito 767266
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Summary
Chris PeBenito 767266

Chris PeBenito 767266
A template to make the specified domain unconfined.
Chris PeBenito 767266

Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Parameters
Chris PeBenito 767266
Chris PeBenito 767266
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Domain to make unconfined.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Return
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
</body>
Chris PeBenito 767266
</html>