rpms / selinux-policy

Clone
Source Code
GIT

Blame www/api-docs/system_userdomain.html

c10s-sig-hyperscale c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-atomic c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   d9fd8e7562163d4602127e54dd8797491d4d7755
  2.   www
  3.   api-docs
  4.   system_userdomain.html
Blob History Raw
Karl MacMillan 660bf7 
<html>
Karl MacMillan 660bf7 
<head>
Karl MacMillan 660bf7 
<title>
Karl MacMillan 660bf7 
 Security Enhanced Linux Reference Policy
Karl MacMillan 660bf7 
 </title>
Karl MacMillan 660bf7 
<style type="text/css" media="all">@import "style.css";</style>
Karl MacMillan 660bf7 
</head>
Karl MacMillan 660bf7 
<body>
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		admin
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		apps
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		kernel
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		services
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		system
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			authlogin
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			clock
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			corecommands
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			files
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
			   - 
Chris PeBenito e3a8e3 
			fstools
Chris PeBenito e3a8e3
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			getty
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			hostname
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			hotplug
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			init
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			iptables
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			libraries
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			locallogin
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			logging
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			lvm
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			miscfiles
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			modutils
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			mount
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			selinuxutil
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			sysnetwork
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			udev
Karl MacMillan 660bf7
Chris PeBenito 767266 
			   - 
Chris PeBenito 767266 
			unconfined
Chris PeBenito 767266
Karl MacMillan 660bf7 
			   - 
Karl MacMillan 660bf7 
			userdomain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	* Interface Index
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	* Template Index
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
Karl MacMillan 660bf7 
Layer: system
Karl MacMillan 660bf7 
Module: userdomain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Interfaces
Chris PeBenito e3a8e3 
Templates
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Karl MacMillan 660bf7 
Description:
Karl MacMillan 660bf7
Chris PeBenito 767266 
Policy for user domains
Chris PeBenito 767266
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Karl MacMillan 660bf7 
Interfaces:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
userdom_dontaudit_use_sysadm_terms(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Do not audit attempts to use admin ttys and ptys.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
userdom_dontaudit_use_unpriv_user_fd(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Do not audit attempts to inherit the
Chris PeBenito e3a8e3 
file descriptors from all user domains.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_dontaudit_use_unpriv_user_tty(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Do not audit attempts to use unprivileged
Chris PeBenito e3a8e3 
user ttys.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
userdom_read_all_user_files(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Read all files in all users home directories.
Chris PeBenito e3a8e3
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_read_staff_home_files(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Read files in the staff users home directory.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
userdom_read_sysadm_home_files(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Read files in the sysadm users home directory.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_rw_sysadm_pipe(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Read and write sysadm user unnamed pipes.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
userdom_search_all_users_home(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Search all users home directories.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_shell_domtrans_sysadm(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Execute a shell in the sysadm domain.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
userdom_signal_all_users(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Send general signals to all user domains.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_signal_unpriv_users(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Send general signals to unprivileged user domains.
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
userdom_spec_domtrans_all_users(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Execute a shell in all user domains.  This
Chris PeBenito e3a8e3 
is an explicit transition, requiring the
Chris PeBenito e3a8e3 
caller to use setexeccon().
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
userdom_spec_domtrans_unpriv_users(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Execute a shell in all unprivileged user domains.  This
Chris PeBenito e3a8e3 
is an explicit transition, requiring the
Chris PeBenito e3a8e3 
caller to use setexeccon().
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 767266 
userdom_unconfined(
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
		domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
	)
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
Summary
Chris PeBenito 767266
Chris PeBenito 767266 
Unconfined access to user domains.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
Parameters
Chris PeBenito 767266
Chris PeBenito 767266 
Parameter:Description:Optional:
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
domain
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
Domain allowed access.
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266 
No
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito 767266
Chris PeBenito e3a8e3 
userdom_use_all_user_fd(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Inherit the file descriptors from all user domains
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
userdom_use_sysadm_fd(
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
		domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
	)
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito 45d25f
Chris PeBenito e3a8e3 
Summary
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
Inherit and use sysadm file descriptors
Chris PeBenito 45d25f
Chris PeBenito 45d25f
Chris PeBenito e3a8e3
Chris PeBenito 45d25f 
Parameters
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
Parameter:Description:Optional:
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
domain
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3 
The type of the process performing this action.
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
No
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_use_sysadm_pty(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Read and write sysadm ptys.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_use_sysadm_terms(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Read and write sysadm ttys and ptys.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_use_sysadm_tty(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Read and write sysadm ttys.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_use_unpriv_users_fd(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Inherit the file descriptors from unprivileged user domains.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdom_write_unpriv_user_tmp(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Write all unprivileged users files in /tmp
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
domain
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The type of the process performing this action.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Return
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Templates:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
admin_user_template(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		userdomain_prefix
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The template for creating an administrative user.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Description
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
This template creates a user domain, types, and
Chris PeBenito e3a8e3 
rules for the user's tty, pty, home directories,
Chris PeBenito e3a8e3 
tmp, and tmpfs files.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdomain_prefix
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The prefix of the user domain (e.g., sysadm
Chris PeBenito e3a8e3 
is the prefix for sysadm_t).
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
base_user_template(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		userdomain_prefix
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The template containing rules common to unprivileged
Chris PeBenito e3a8e3 
users and administrative users.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Description
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
This template creates a user domain, types, and
Chris PeBenito e3a8e3 
rules for the user's tty, pty, home directories,
Chris PeBenito e3a8e3 
tmp, and tmpfs files.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
This generally should not be used, rather the
Chris PeBenito e3a8e3 
unpriv_user_template or admin_user_template should
Chris PeBenito e3a8e3 
be used.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdomain_prefix
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The prefix of the user domain (e.g., user
Chris PeBenito e3a8e3 
is the prefix for user_t).
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
unpriv_user_template(
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
		userdomain_prefix
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
	)
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Summary
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The template for creating a unprivileged user.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Description
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
This template creates a user domain, types, and
Chris PeBenito e3a8e3 
rules for the user's tty, pty, home directories,
Chris PeBenito e3a8e3 
tmp, and tmpfs files.
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameters
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Parameter:Description:Optional:
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
userdomain_prefix
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
The prefix of the user domain (e.g., user
Chris PeBenito e3a8e3 
is the prefix for user_t).
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
No
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3
Chris PeBenito e3a8e3 
Return
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7
Karl MacMillan 660bf7 
</body>
Karl MacMillan 660bf7 
</html>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation