From 385e62440756f4c43958e11fe27104b48c7aa322 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Jul 06 2006 17:35:17 +0000 Subject: move non-policy dirs out of trunk --- diff --git a/docs/macro_conversion_guide b/docs/macro_conversion_guide deleted file mode 100644 index 3376e2a..0000000 --- a/docs/macro_conversion_guide +++ /dev/null @@ -1,1267 +0,0 @@ -# -# This is the guide for converting old macros to local policy -# and new interfaces. -# -# $1, $2, etc. are replaced with and the first and second, etc. -# parameters to the old macro. -# - -######################################## -# -# Attributes -# -# $1 is the type this attribute is on - -# -# auth: complete -# -auth_read_shadow($1) - -# -# auth_chkpwd: complete -# -auth_domtrans_chk_passwd($1) - -# -# auth_write: complete -# -# handled by appropriate interfaces - -# -# daemon: complete -# -optional_policy(`nscd',` - nscd_socket_use($1) -') - -# -# domain: complete -# -domain_type($1) - -# -# etc_writer: complete -# -# handled by appropriate interfaces - -# -# exec_type: complete -# -corecmd_executable_file($1) - -# -# file_type: complete -# -files_type($1) - -# -# fs_domain: complete -# -# handled by appropriate interfaces - -# -# mlsfileread: complete -# -mls_file_read_up($1) - -# -# mlsfileupgrade: complete -# -mls_file_upgrade($1) - -# -# mlsfilewrite: complete -# -mls_file_write_down($1) - -# -# mlsprocsetsl: complete -# -mls_process_set_level($1) - -# -# mlsprocwrite: complete -# -mls_process_write_down($1) - -# -# mlstrustedobject: complete -# -mls_trusted_object($1) - -# -# mta_delivery_agent: -# -mta_mailserver_delivery($1) -# for piping mail to a command -kernel_read_system_state($1) -corecmd_exec_shell($1) -files_read_etc_runtime_files($1) -mta_append_spool($1) -ifdef(`TODO',` -optional_policy(`arpwatch',` - # why is mail delivered to a directory of type arpwatch_data_t? - allow mta_delivery_agent arpwatch_data_t:dir search; -') -') dnl end TODO - -# -# mta_user_agent: -# -mta_mailserver_user_agent($1) -domain_use_interactive_fds($1) -userdom_sigchld_all_users($1) -userdom_use_all_user_fd($1) -userdom_use_sysadm_terms($1) -allow mta_user_agent privmail:fd use; -allow mta_user_agent privmail:process sigchld; -allow mta_user_agent privmail:fifo_file { read write }; -allow mta_user_agent sysadm_t:fifo_file { read write }; -optional_policy(`arpwatch',` - # why is mail delivered to a directory of type arpwatch_data_t? - allow mta_user_agent arpwatch_tmp_t:file rw_file_perms; - ifdef(`hide_broken_symptoms', ` - dontaudit mta_user_agent arpwatch_t:packet_socket { read write }; - ') -') -optional_policy(` - cron_sigchld($1) - cron_read_system_job_tmp_files($1) -') -optional_policy(` - logrotate_read_tmp_files($1) -') - -# -# nscd_client_domain: complete -# -optional_policy(` - nscd_socket_use($1) -') - -# -# privfd: complete -# -domain_interactive_fd($1) - -# -# privlog: complete -# -logging_send_syslog_msg($1) - -# -# privmail: complete -# -optional_policy(`mta',` - mta_send_mail($1) -') - -# -# privmem: complete -# -# handled by appropriate interfaces - -# -# privmodule: complete -# -modutils_domtrans_insmod($1) - -# -# privowner: complete -# -domain_obj_id_change_exempt($1) - -# -# privrole: complete -# -domain_role_change_exempt($1) - -# -# privuser: complete -# -domain_subj_id_change_exempt($1) - -# -# priv_system_role: complete -# -domain_system_change_exempt($1) - -# -# secure_file_type: complete -# -files_security_file($1) - -# -# sysadmfile: complete -# -files_type($1) - -# -# sysctl_kernel_writer: complete -# -# handled by appropriate interfaces - -# -# userspace_objmgr: complete -# -allow $1 self:process getattr; -# Receive notifications of policy reloads and enforcing status changes. -allow $1 self:netlink_selinux_socket { create bind read }; -selinux_get_fs_mount($1) -selinux_validate_context($1) -selinux_compute_access_vector($1) -selinux_compute_create_context($1) -selinux_compute_relabel_context($1) -selinux_compute_user_contexts($1) -seutil_read_config($1) -seutil_read_default_contexts($1) - -# -# web_client_domain: -# -optional_policy(`squid',` - squid_use($1) -') - -######################################## -# -# Access macros -# - -# -# access_terminal(): -# -allow $1 $2_tty_device_t:chr_file { read write getattr ioctl }; -allow $1 devtty_t:chr_file { read write getattr ioctl }; -allow $1 devpts_t:dir { read search getattr }; -allow $1 $2_devpts_t:chr_file { read write getattr ioctl }; - -# -# anonymous_domain(): -# -gen_tunable(allow_$1_anon_write,false) -miscfiles_read_public_files($1_t) -tunable_policy(`allow_$1_anon_write',` -miscfiles_manage_public_files($1_t) -') - -# -# append_log_domain(): -# -type $1_log_t; -logging_log_file($1_log_t) -allow $1_t var_log_t:dir ra_dir_perms; -allow $1_t $1_log_t:file { create ra_file_perms }; -type_transition $1_t var_log_t:file $1_log_t; - -# -# append_logdir_domain(): -# -type $1_log_t; -logging_log_file($1_log_t) -allow $1_t var_log_t:dir ra_dir_perms; -allow $1_t $1_log_t:dir { setattr ra_dir_perms }; -allow $1_t $1_log_t:file { create ra_file_perms }; -type_transition $1_t var_log_t:file $1_log_t; - -# -# application_domain(): -# -type $1_t; -type $1_exec_t; -domain_type($1_t) -domain_entry_file($1_t,$1_exec_t) -libs_use_ld_so($1_t) -libs_use_shared_libs($1_t) -logging_send_syslog_msg($1_t) -# a "run" interface needs to be -# added, and have sysadm_t use it -# in a optional_policy block. -# and have unconfined_t use it -# in a optional_policy block inside -# the targeted_policy ifdef - -# -# base_can_network($1,$2): -# -allow $1 self:$2_socket connected_socket_perms; -corenet_$2_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_$2_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_$2_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_$2_bind_all_nodes($1) -sysnet_read_config($1) - -# -# base_can_network($1,$2,$3): -# -# remove _port_t from $3: -allow $1 self:$2_socket connected_socket_perms; -corenet_$2_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_$2_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_$2_sendrecv_$3_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_$2_bind_all_nodes($1) -sysnet_read_config($1) - -# -# base_file_read_access(): complete -# -kernel_read_kernel_sysctls($1) -corecmd_list_bin($1) -corecmd_read_bin_symlink($1) -corecmd_read_bin_file($1) -corecmd_read_bin_pipe($1) -corecmd_read_bin_socket($1) -corecmd_list_sbin($1) -corecmd_read_sbin_symlink($1) -corecmd_read_sbin_file($1) -corecmd_read_sbin_pipe($1) -corecmd_read_sbin_socket($1) -files_list_home($1) -files_read_usr_files($1) -seutil_read_config($1) -tunable_policy(`read_default_t',` - files_list_default($1) - files_read_default_files($1) - files_read_default_symlinks($1) - files_read_default_sockets($1) - files_read_default_pipes($1) -') - -# -# base_pty_perms(): -# -allow $1_t ptmx_t:chr_file rw_file_perms; -allow $1_t devpts_t:filesystem getattr; -allow $1_t devpts_t:dir { getattr read search }; -dontaudit $1_t bsdpty_device_t:chr_file { getattr read write }; - -# -# can_create($1,$2,$3): complete -# -# for each object class in $3: -# if dir: -allow $1 $2:dir create_dir_perms; -# else if lnk_file: -allow $1 $2:lnk_file create_lnk_perms; -# else: -allow $1 $2:$3 create_file_perms; - -# -# can_create_other_pty(): complete -# -allow $1_t $2_devpts_t:chr_file { rw_file_perms setattr }; -term_create_pty($1_t,$2_devpts_t) - -# -# can_create_pty(): complete -# -# $2 may require more conversion -type $1_devpts_t $2; -term_pty($1_devpts_t) -allow $1_t $1_devpts_t:chr_file { rw_file_perms setattr }; -term_create_pty($1_t,$1_devpts_t) - -# -# can_exec_any(): complete -# -corecmd_exec_all_executables($1) -files_exec_etc_files($1) -libs_use_ld_so($1) -libs_use_shared_libs($1) -libs_exec_ld_so($1) -libs_exec_lib_files($1) - -# -# can_getcon(): complete -# -allow $1 self:process getattr; -kernel_read_system_state($1) - -# -# can_getsecurity(): complete -# -selinux_get_fs_mount($1) -selinux_validate_context($1) -selinux_compute_access_vector($1) -selinux_compute_create_context($1) -selinux_compute_relabel_context($1) -selinux_compute_user_contexts($1) - -# -# can_kerberos(): complete -# -optional_policy(`kerberos',` - kerberos_use($1) -') - -# -# can_ldap(): complete -# -sysnet_use_ldap($1) - -# -# can_loadpol(): complete -# -selinux_get_fs_mount($1) -selinux_load_policy($1) - -# -# can_network($1): -# -allow $1 self:tcp_socket create_stream_socket_perms; -allow $1 self:udp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_udp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) -optional_policy(`mount',` - mount_send_nfs_client_request($1) -') - -# -# can_network($1,$2): -# -allow $1 self:tcp_socket create_stream_socket_perms; -allow $1 self:udp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_udp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) -# (remove _port_t from $2): -corenet_tcp_sendrecv_$2_port($1) -corenet_udp_sendrecv_$2_port($1) -optional_policy(`mount',` - mount_send_nfs_client_request($1) -') - -# -# can_network_client($1): -# -allow $1 self:tcp_socket create_socket_perms; -allow $1 self:udp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_udp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_client($1,$2): complete -# -# remove _port_t from $2 -allow $1 self:tcp_socket create_socket_perms; -allow $1 self:udp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_$2_port($1) -corenet_udp_sendrecv_$2_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_client_tcp($1): complete -# -allow $1 self:tcp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_client_tcp($1,$2): complete -# -# remove _port_t from $2 -allow $1 self:tcp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_$2_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_server($1): complete -# -allow $1 self:tcp_socket create_stream_socket_perms; -allow $1 self:udp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_udp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_server($1,$2): complete -# -# remove _port_t from $2 -allow $1 self:tcp_socket create_stream_socket_perms; -allow $1 self:udp_socket create_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_$2_port($1) -corenet_udp_sendrecv_$2_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_server_tcp($1): complete -# -allow $1 self:tcp_socket create_stream_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_server_tcp($1,$2): complete -# -# remove _port_t from $2: -allow $1 self:tcp_socket create_stream_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_$2_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_tcp($1): complete -# -allow $1 self:tcp_socket create_stream_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_tcp($1,$2): complete -# -# remove _port_t from $2: -allow $1 self:tcp_socket create_stream_socket_perms; -corenet_tcp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_tcp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_tcp_sendrecv_$2_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_tcp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_udp($1): complete -# -allow $1 self:udp_socket create_socket_perms; -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_udp_sendrecv_all_ports($1) -corenet_non_ipsec_sendrecv($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_network_udp($1,$2): complete -# -# remove _port_t from $2 -allow $1 self:udp_socket create_socket_perms; -corenet_udp_sendrecv_generic_if($1) -corenet_raw_sendrecv_generic_if($1) -corenet_udp_sendrecv_all_nodes($1) -corenet_raw_sendrecv_all_nodes($1) -corenet_udp_sendrecv_$2_port($1) -corenet_non_ipsec_sendrecv($1) -corenet_udp_bind_all_nodes($1) -sysnet_read_config($1) - -# -# can_ps(): -# -allow $1 $2:dir { search getattr read }; -allow $1 $2:{ file lnk_file } { read getattr }; -allow $1 $2:process getattr; - -# -# can_ptrace(): -# -allow $1 $2:process ptrace; -allow $2 $1:process sigchld; - -# -# can_portmap(): -# -sysnet_use_portmap($1) - -# -# can_resolve(): complete -# -sysnet_dns_name_resolve($1) - -# -# can_setbool(): complete -# -selinux_get_fs_mount($1) -selinux_set_boolean($1) - -# -# can_setcon(): complete -# -# get mount point is due to libselinux init -# -allow $1 self:process setcurrent; -domain_dyntrans_type($1) -selinux_get_fs_mount($1) - -# -# can_setenforce(): complete -# -# get mount point is due to libselinux init -# -selinux_get_fs_mount($1) -selinux_set_enforce_mode($1) - -# -# can_setexec(): complete -# -# get mount point is due to libselinux init -# -allow $1 self:process setexec; -selinux_get_fs_mount($1) - -# -# can_setfscreate(): complete -# -# get mount point is due to libselinux init -# -allow $1 self:process setfscreate; -selinux_get_fs_mount($1) - -# -# can_setsecparam(): complete -# -# get mount point is due to libselinux init -# -selinux_get_fs_mount($1) -kernel_setsecparam($1) - -# -# can_sysctl(): complete -# -kernel_rw_all_sysctls($1) - -# -# can_tcp_connect(): -# -allow $1 $2:tcp_socket { connectto recvfrom }; -allow $2 $1:tcp_socket { acceptfrom recvfrom }; -kernel_tcp_recvfrom($1) -kernel_tcp_recvfrom($2) - -# -# can_udp_send(): -# -allow $1 $2:udp_socket sendto; -allow $2 $1:udp_socket recvfrom; - -# -# can_unix_connect(): -# -allow $1 $2:unix_stream_socket connectto; - -# -# can_unix_send(): -# -allow $1 $2:unix_dgram_socket sendto; - -# -# can_winbind(): complete -# -optional_policy(`samba',` - samba_connect_winbind($1) -') - -# -# can_ypbind(): complete -# -optional_policy(`nis',` - nis_use_ypbind($1) -') - -# -# create_append_log_file(): -# -allow $1 $2:dir { read getattr search add_name write }; -allow $1 $2:file { create ioctl getattr setattr append link }; - -# -# create_dir_file(): -# -allow $1 $2:dir create_dir_perms; -allow $1 $2:file create_file_perms; -allow $1 $2:lnk_file create_lnk_perms; - -# -# create_dir_notdevfile(): -# -allow $1 $2:dir create_dir_perms; -allow $1 $2:{ file sock_file fifo_file } create_file_perms; -allow $1 $2:lnk_file create_lnk_perms; - -# -# daemon_base_domain(): -# -type $1_t; -type $1_exec_t; -init_daemon_domain($1_t,$1_exec_t) -dontaudit $1_t self:capability sys_tty_config; -allow $1_t self:process signal_perms; -kernel_list_proc($1_t) -kernel_read_proc_symlinks($1_t) -kernel_read_kernel_sysctls($1_t) -dev_read_sysfs($1_t) -domain_use_interactive_fds($1_t) -fs_search_auto_mountpoints($1_t) -term_dontaudit_use_console($1_t) -init_use_fds($1_t) -init_use_script_ptys($1_t) -libs_use_ld_so($1_t) -libs_use_shared_libs($1_t) -logging_send_syslog_msg($1_t) -userdom_dontaudit_use_unpriv_user_fds($1_t) -ifdef(`targeted_policy',` - term_dontaudit_use_unallocated_ttys($1_t) - term_dontaudit_use_generic_ptys($1_t) - files_dontaudit_read_root_files($1_t) -') -optional_policy(` - seutil_sigchld_newrole($1_t) -') -optional_policy(` - udev_read_db($1_t) -') - -# -# daemon_domain(): -# -type $1_t; -type $1_exec_t; -init_daemon_domain($1_t,$1_exec_t) -type $1_var_run_t; -files_pid_file($1_var_run_t) -dontaudit $1_t self:capability sys_tty_config; -allow $1_t self:process signal_perms; -allow $1_t $1_var_run_t:file create_file_perms; -allow $1_t $1_var_run_t:dir rw_dir_perms; -files_pid_filetrans($1_t,$1_var_run_t,file) -kernel_read_kernel_sysctls($1_t) -kernel_list_proc($1_t) -kernel_read_proc_symlinks($1_t) -dev_read_sysfs($1_t) -domain_use_interactive_fds($1_t) -fs_getattr_all_fs($1_t) -fs_search_auto_mountpoints($1_t) -term_dontaudit_use_console($1_t) -init_use_fds($1_t) -init_use_script_ptys($1_t) -libs_use_ld_so($1_t) -libs_use_shared_libs($1_t) -logging_send_syslog_msg($1_t) -miscfiles_read_localization($1_t) -userdom_dontaudit_use_unpriv_user_fds($1_t) -userdom_dontaudit_search_sysadm_home_dirs($1_t) -ifdef(`targeted_policy',` - term_dontaudit_use_unallocated_ttys($1_t) - term_dontaudit_use_generic_ptys($1_t) - files_dontaudit_read_root_files($1_t) -') -optional_policy(` - seutil_sigchld_newrole($1_t) -') -optional_policy(` - udev_read_db($1_t) -') - -# -# daemon_sub_domain(): -# -# $3 may need more work -type $2_t; #, daemon $3; -domain_type($2_t) -type $2_exec_t; -domain_entry_file($2_t,$2_exec_t) -role system_r types $2_t; -allow $2_t self:process signal_perms; -domain_auto_trans($1, $2_exec_t, $2_t) -logging_send_syslog_msg($1_t) -libs_use_ld_so($2_t) -libs_use_shared_libs($2_t) -kernel_list_proc($1_t) -kernel_read_proc_symlinks($1_t) - -# -# etc_domain(): complete -# -type $1_etc_t; -files_config_file($1_etc_t) -allow $1_t $1_etc_t:file { getattr read }; -files_search_etc($1_t) - -# -# etcdir_domain(): complete -# -type $1_etc_t; -files_config_file($1_etc_t) -allow $1_t $1_etc_t:file r_file_perms; -allow $1_t $1_etc_t:dir r_dir_perms; -allow $1_t $1_etc_t:lnk_file { getattr read }; -files_search_etc($1_t) - -# -# file_type_auto_trans($1,$2,$3): complete -# -allow $1 $2:dir rw_dir_perms; -allow $1 $3:dir create_dir_perms; -allow $1 $3:file create_file_perms; -allow $1 $3:lnk_file create_lnk_perms; -allow $1 $3:sock_file create_file_perms; -allow $1 $3:fifo_file create_file_perms; -type_transition $1 $2:{ file lnk_file sock_file fifo_file } $3; - -# -# file_type_auto_trans($1,$2,$3,$4): complete -# -allow $1 $2:dir rw_dir_perms; -# for each i in $4: -can_create_internal($1,$3,$i) -type_transition $1 $2:$i $3; - -# -# general_domain_access(): complete -# -allow $1 self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap }; -allow $1 self:fd use; -allow $1 self:fifo_file rw_file_perms; -allow $1 self:unix_dgram_socket create_socket_perms; -allow $1 self:unix_stream_socket create_stream_socket_perms; -allow $1 self:unix_dgram_socket sendto; -allow $1 self:unix_stream_socket connectto; -allow $1 self:shm create_shm_perms; -allow $1 self:sem create_sem_perms; -allow $1 self:msgq create_msgq_perms; -allow $1 self:msg { send receive }; -fs_search_auto_mountpoints($1) -userdom_use_unpriv_users_fds($1) -optional_policy(`nis',` - nis_use_ypbind($1) -') - -# -# general_proc_read_access(): complete -# -kernel_read_system_state($1) -kernel_read_network_state($1) -kernel_read_software_raid_state($1) -kernel_getattr_core_if($1) -kernel_getattr_message_if($1) -kernel_read_kernel_sysctls($1) - -# -# home_domain($1,$2) -# -type $1_$2_home_t alias $1_$2_rw_t; -files_poly_member($1_$2_home_t) -userdom_user_home_content($1,$1_$2_home_t) -allow $1_t $1_$2_home_t:dir manage_dir_perms; -allow $1_t $1_$2_home_t:file manage_file_perms; -allow $1_t $1_$2_home_t:lnk_file create_lnk_perms; -allow $1_t $1_$2_home_t:{ dir file lnk_file } { relabelfrom relabelto }; -userdom_search_user_home_dirs($1,$1_$2_t) -allow $1_$2_t $1_$2_home_t:dir manage_dir_perms; -allow $1_$2_t $1_$2_home_t:file manage_file_perms; -allow $1_$2_t $1_$2_home_t:lnk_file create_lnk_perms; -fs_search_auto_mountpoints($1_$2_t) -tunable_policy(`use_nfs_home_dirs',` -fs_manage_nfs_dirs($1_$2_t) -fs_manage_nfs_files($1_$2_t) -fs_manage_nfs_symlinks($1_$2_t) -') -tunable_policy(`use_samba_home_dirs',` -fs_manage_cifs_dirs($1_$2_t) -fs_manage_cifs_files($1_$2_t) -fs_manage_cifs_symlinks($1_$2_t) -') - -# -# in_user_role(): -# -# this is replaced by run interfaces - -# -# init_service_domain(): complete -# -type $1_t; -type $1_exec_t; -init_domain($1_t,$1_exec_t) -dontaudit $1_t self:capability sys_tty_config; -allow self:process signal_perms; -kernel_list_proc($1_t) -kernel_read_proc_symlinks($1_t) -dev_read_sysfs($1_t) -term_dontaudit_use_console($1_t) -libs_use_ld_so($1_t) -libs_use_shared_libs($1_t) -logging_send_syslog_msg($1_t) -userdom_dontaudit_use_unpriv_user_fds($1_t) -ifdef(`targeted_policy',` - term_dontaudit_use_unallocated_tty($1_t) - term_dontaudit_use_generic_pty($1_t) - files_dontaudit_read_root_files($1_t) -') -optional_policy(`udev',` - udev_read_db($1_t) -') - -# -# inetd_child_domain(): -# -type $1_t; -type $1_exec_t; -inetd_(udp_|tcp_)?service_domain($1_t,$1_exec_t) -role system_r types $1_t; -type $1_tmp_t; -files_tmp_file($1_tmp_t) -type $1_var_run_t; -files_pid_file($1_var_run_t) -allow $1_t self:process signal_perms; -allow $1_t self:fifo_file rw_file_perms; -allow $1_t self:tcp_socket connected_stream_socket_perms; -# for identd -# cjp: this should probably only be inetd_child rules? -allow $1_t self:netlink_tcpdiag_socket r_netlink_socket_perms; -allow $1_t self:capability { setuid setgid }; -files_search_home($1_t) -optional_policy(`kerberos',` - kerberos_use($1_t) -') -#end for identd -allow $1_t $1_tmp_t:dir create_dir_perms; -allow $1_t $1_tmp_t:file create_file_perms; -files_tmp_filetrans($1_t, $1_tmp_t, { file dir }) -allow $1_t $1_var_run_t:file create_file_perms; -allow $1_t $1_var_run_t:dir rw_dir_perms; -files_pid_filetrans($1_t,$1_var_run_t) -kernel_read_kernel_sysctls($1_t) -kernel_read_system_state($1_t) -kernel_read_network_state($1_t) -corenet_tcp_sendrecv_generic_if($1_t) -corenet_udp_sendrecv_generic_if($1_t) -corenet_raw_sendrecv_generic_if($1_t) -corenet_tcp_sendrecv_all_nodes($1_t) -corenet_udp_sendrecv_all_nodes($1_t) -corenet_raw_sendrecv_all_nodes($1_t) -corenet_tcp_sendrecv_all_ports($1_t) -corenet_udp_sendrecv_all_ports($1_t) -corenet_non_ipsec_sendrecv($1_t) -corenet_tcp_bind_all_nodes($1_t) -corenet_udp_bind_all_nodes($1_t) -dev_read_urand($1_t) -fs_getattr_xattr_fs($1_t) -files_read_etc_files($1_t) -libs_use_ld_so($1_t) -libs_use_shared_libs($1_t) -logging_send_syslog_msg($1_t) -miscfiles_read_localization($1_t) -sysnet_read_config($1_t) -optional_policy(`nis',` - nis_use_ypbind($1_t) -') -optional_policy(`nscd',` - nscd_socket_use($1_t) -') - -# -# legacy_domain(): complete -# -allow $1_t self:process { execmem execstack }; -libs_legacy_use_shared_libs($1_t) -libs_legacy_use_ld_so($1_t) - -# -# lock_domain(): complete -# -type $1_lock_t; -files_lock_file($1_lock_t) -allow $1_t $1_lock_t:file create_file_perms; -files_lock_filetrans($1_t,$1_lock_t,file) - -# -# log_domain(): complete -# -type $1_log_t; -logging_log_file($1_log_t) -allow $1_t $1_log_t:file create_file_perms; -logging_log_filetrans($1_t,$1_log_t,file) - -# -# logdir_domain(): complete -# -type $1_log_t; -logging_log_file($1_log_t) -allow $1_t $1_log_t:file create_file_perms; -allow $1_t $1_log_t:dir rw_dir_perms; -logging_log_filetrans($1_t,$1_log_t,{ file dir }) - -# -# network_home_dir(): -# -create_dir_file($1, $2) -can_exec($1, $2) -allow $1 $2:{ sock_file fifo_file } { create ioctl read getattr lock write setattr append link unlink rename }; - -# -# polyinstantiater(): complete -# -files_polyinstantiate_all($1) - -# -# pty_slave_label(): -# -type $1_devpts_t, file_type, sysadmfile, ptyfile $2; -allow $1_devpts_t devpts_t:filesystem associate; -type_transition $1_t devpts_t:chr_file $1_devpts_t; -allow $1_t $1_devpts_t:chr_file { setattr rw_file_perms }; - -# -# r_dir_file(): complete -# -allow $1 $2:dir r_dir_perms; -allow $1 $2:file r_file_perms; -allow $1 $2:lnk_file { getattr read }; - -# -# ra_dir_create_file(): complete -# -allow $1 $2:dir ra_dir_perms; -allow $1 $2:file { create ra_file_perms }; -allow $1 $2:lnk_file { create read getattr }; - -# -# ra_dir_file(): complete -# -allow $1 $2:dir ra_dir_perms; -allow $1 $2:file ra_file_perms; -allow $1 $2:lnk_file { getattr read }; - -# -# read_locale(): complete -# -miscfiles_read_localization($1) - -# -# read_sysctl($1): complete -# -kernel_read_kernel_sysctls($1) - -# -# read_sysctl($1,full): complete -# -kernel_read_all_sysctls($1) - -# -# rhgb_domain(): -# -# - -# -# rw_dir_create_file(): complete -# -allow $1 $2:dir rw_dir_perms; -allow $1 $2:file create_file_perms; -allow $1 $2:lnk_file create_lnk_perms; - -# -# rw_dir_file(): complete -# -# cjp: rw_dir_perms here doesnt make sense -allow $1 $2:dir rw_dir_perms; -allow $1 $2:file rw_file_perms; -allow $1 $2:lnk_file { getattr read }; - -# -# system_crond_entry(): -# -optional_policy(`cron',` - cron_system_entry($2,$1) -') - -# -# system_domain(): complete -# -type $1_t; -type $1_exec_t; -init_system_domain($1_t,$1_exec_t) -files_list_etc($1_t) -libs_use_ld_so($1_t) -libs_use_shared_libs($1_t) -logging_send_syslog_msg($1_t) - -# -# tmp_domain($1): complete -# -type $1_tmp_t; -files_tmp_file($1_tmp_t) -allow $1_t $1_tmp_t:dir create_dir_perms; -allow $1_t $1_tmp_t:file create_file_perms; -files_tmp_filetrans($1_t, $1_tmp_t, { file dir }) - -# -# tmp_domain($1,$2,$3): complete -# -# $2 may need more handling -# -type $1_tmp_t $2; -files_tmp_file($1_tmp_t) -allow $1_t $1_tmp_t:$3 manage_obj_perms; -files_tmp_filetrans($1_t, $1_tmp_t, $3) - -# -# tmpfs_domain(): complete -# -type $1_tmpfs_t; -files_tmpfs_file($1_tmpfs_t) -allow $1_t $1_tmpfs_t:dir rw_dir_perms; -allow $1_t $1_tmpfs_t:file manage_file_perms; -allow $1_t $1_tmpfs_t:lnk_file create_lnk_perms; -allow $1_t $1_tmpfs_t:sock_file manage_file_perms; -allow $1_t $1_tmpfs_t:fifo_file manage_file_perms; -fs_tmpfs_filetrans($1_t,$1_tmpfs_t,{ dir file lnk_file sock_file fifo_file }) - -# -# unconfined_domain(): complete -# -unconfined_domain_template($1) - -# -# uses_authbind(): -# -domain_auto_trans($1, authbind_exec_t, authbind_t) -allow authbind_t $1:process sigchld; -allow authbind_t $1:fd use; -allow authbind_t $1:{ tcp_socket udp_socket } rw_socket_perms; - -# -# uses_shlib(): complete -# -libs_use_ld_so($1) -libs_use_shared_libs($1) - -# -# var_lib_domain(): complete -# -type $1_var_lib_t; -files_type($1_var_lib_t) -allow $1_t $1_var_lib_t:file create_file_perms; -allow $1_t $1_var_lib_t:dir rw_dir_perms; -files_var_lib_filetrans($1_t,$1_var_lib_t,file) - -# -# var_run_domain($1): complete -# -type $1_var_run_t; -files_pid_file($1_var_run_t) -allow $1_t $1_var_run_t:file create_file_perms; -allow $1_t $1_var_run_t:dir rw_dir_perms; -files_pid_filetrans($1_t,$1_var_run_t,file) - -# -# var_run_domain($1,$2): complete -# -type $1_var_run_t; -files_pid_file($1_var_run_t) -files_pid_filetrans($1_t,$1_var_run_t,$2) -# for each object class in $2: -# if dir: -allow $1 $1_var_run_t:dir create_dir_perms; -# else if lnk_file: -allow $1 $1_var_run_t:lnk_file create_lnk_perms; -# else: -allow $1 $1_var_run_t:$2 create_file_perms; - -# -# x_client_domain($1,$2): complete -# -type $1_tmpfs_t; -files_tmpfs_file($1_tmpfs_t) -allow $1_t $1_tmpfs_t:dir rw_dir_perms; -allow $1_t $1_tmpfs_t:file manage_file_perms; -allow $1_t $1_tmpfs_t:lnk_file create_lnk_perms; -allow $1_t $1_tmpfs_t:sock_file manage_file_perms; -allow $1_t $1_tmpfs_t:fifo_file manage_file_perms; -fs_tmpfs_filetrans($1_t,$1_tmpfs_t,{ dir file lnk_file sock_file fifo_file }) -optional_policy(`xserver',` -xserver_user_client_template($2,$1_t,$1_tmpfs_t) -') diff --git a/testing/automount/README b/testing/automount/README deleted file mode 100644 index de8da09..0000000 --- a/testing/automount/README +++ /dev/null @@ -1,6 +0,0 @@ -place the following in /etc - -auto.master -auto.misc - -set up an nfs mount to correspond with the config files diff --git a/testing/automount/auto.master b/testing/automount/auto.master deleted file mode 100644 index a0de823..0000000 --- a/testing/automount/auto.master +++ /dev/null @@ -1 +0,0 @@ -/auto /etc/auto.misc --timeout=60 diff --git a/testing/automount/auto.misc b/testing/automount/auto.misc deleted file mode 100644 index afc17a5..0000000 --- a/testing/automount/auto.misc +++ /dev/null @@ -1,3 +0,0 @@ -cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom -#the ip of course has to match so if you are not using my testing vm then u may have to edit it -megatron -ro,soft,intr 10.1.13.150:/pub diff --git a/testing/bind/README b/testing/bind/README deleted file mode 100644 index 777f13d..0000000 --- a/testing/bind/README +++ /dev/null @@ -1,8 +0,0 @@ -named dir belongs in /var -named.conf belongs in /etc - -after starting the named service you sould be able to query it by saying - nslookup vm.example.org -provided this name server has the address 192.168.0.1 and the host doing the look up has the proper resolv.conf (ie nameserver 192.168.0.1) - -see /var/named/named.example.org for more details diff --git a/testing/bind/named.conf b/testing/bind/named.conf deleted file mode 100644 index e581e8c..0000000 --- a/testing/bind/named.conf +++ /dev/null @@ -1,72 +0,0 @@ -// -// named.conf for Red Hat caching-nameserver -// - -options { - directory "/var/named"; - dump-file "/var/named/data/cache_dump.db"; - statistics-file "/var/named/data/named_stats.txt"; - /* - * If there is a firewall between you and nameservers you want - * to talk to, you might need to uncomment the query-source - * directive below. Previous versions of BIND always asked - * questions using port 53, but BIND 8.1 uses an unprivileged - * port by default. - */ - // query-source address * port 53; -}; - -// -// a caching only nameserver config -// -controls { - inet 127.0.0.1 allow { localhost; } keys { rndckey; }; -}; - -zone "." IN { - type hint; - file "named.ca"; -}; - -zone "example.org" { - type master; - file "named.example.org"; -}; - -zone "localdomain" IN { - type master; - file "localdomain.zone"; - allow-update { none; }; -}; - -zone "localhost" IN { - type master; - file "localhost.zone"; - allow-update { none; }; -}; - -zone "0.0.127.in-addr.arpa" IN { - type master; - file "named.local"; - allow-update { none; }; -}; - -zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { - type master; - file "named.ip6.local"; - allow-update { none; }; -}; - -zone "255.in-addr.arpa" IN { - type master; - file "named.broadcast"; - allow-update { none; }; -}; - -zone "0.in-addr.arpa" IN { - type master; - file "named.zero"; - allow-update { none; }; -}; - -include "/etc/rndc.key"; diff --git a/testing/bind/named/localdomain.zone b/testing/bind/named/localdomain.zone deleted file mode 100644 index a9b047b..0000000 --- a/testing/bind/named/localdomain.zone +++ /dev/null @@ -1,10 +0,0 @@ -$TTL 86400 -@ IN SOA localhost root ( - 42 ; serial (d. adams) - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - IN NS localhost -localhost IN A 127.0.0.1 - diff --git a/testing/bind/named/localhost.zone b/testing/bind/named/localhost.zone deleted file mode 100644 index 61b70d6..0000000 --- a/testing/bind/named/localhost.zone +++ /dev/null @@ -1,12 +0,0 @@ -$TTL 86400 -@ IN SOA @ root ( - 42 ; serial (d. adams) - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - - IN NS @ - IN A 127.0.0.1 - IN AAAA ::1 - diff --git a/testing/bind/named/named.broadcast b/testing/bind/named/named.broadcast deleted file mode 100644 index 7155653..0000000 --- a/testing/bind/named/named.broadcast +++ /dev/null @@ -1,8 +0,0 @@ -$TTL 86400 -@ IN SOA localhost root ( - 42 ; serial (d. adams) - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - IN NS localhost diff --git a/testing/bind/named/named.ca b/testing/bind/named/named.ca deleted file mode 100644 index c6c435c..0000000 --- a/testing/bind/named/named.ca +++ /dev/null @@ -1,80 +0,0 @@ -; This file holds the information on root name servers needed to -; initialize cache of Internet domain name servers -; (e.g. reference this file in the "cache . " -; configuration file of BIND domain name servers). -; -; This file is made available by InterNIC -; under anonymous FTP as -; file /domain/named.cache -; on server FTP.INTERNIC.NET -; -OR- RS.INTERNIC.NET -; -; last update: Jan 29, 2004 -; related version of root zone: 2004012900 -; -; -; formerly NS.INTERNIC.NET -; -. 3600000 IN NS A.ROOT-SERVERS.NET. -A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 -; -; formerly NS1.ISI.EDU -; -. 3600000 NS B.ROOT-SERVERS.NET. -B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 -; -; formerly C.PSI.NET -; -. 3600000 NS C.ROOT-SERVERS.NET. -C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 -; -; formerly TERP.UMD.EDU -; -. 3600000 NS D.ROOT-SERVERS.NET. -D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 -; -; formerly NS.NASA.GOV -; -. 3600000 NS E.ROOT-SERVERS.NET. -E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 -; -; formerly NS.ISC.ORG -; -. 3600000 NS F.ROOT-SERVERS.NET. -F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 -; -; formerly NS.NIC.DDN.MIL -; -. 3600000 NS G.ROOT-SERVERS.NET. -G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 -; -; formerly AOS.ARL.ARMY.MIL -; -. 3600000 NS H.ROOT-SERVERS.NET. -H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 -; -; formerly NIC.NORDU.NET -; -. 3600000 NS I.ROOT-SERVERS.NET. -I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 -; -; operated by VeriSign, Inc. -; -. 3600000 NS J.ROOT-SERVERS.NET. -J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 -; -; operated by RIPE NCC -; -. 3600000 NS K.ROOT-SERVERS.NET. -K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 -; -; operated by ICANN -; -. 3600000 NS L.ROOT-SERVERS.NET. -L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 -; -; operated by WIDE -; -. 3600000 NS M.ROOT-SERVERS.NET. -M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 -; End of File diff --git a/testing/bind/named/named.example.org b/testing/bind/named/named.example.org deleted file mode 100644 index 43a877e..0000000 --- a/testing/bind/named/named.example.org +++ /dev/null @@ -1,12 +0,0 @@ -@ IN SOA example.org. root.vm.example.org. ( - 961230 ; Serial - 3600 ; Refresh - 300 ; Retry - 3600000 ; Expire - 3600 ) ; Minimum - IN NS vm.example.org. - -; -; Define the rest of the subnet -; -vm.example.org. IN A 192.168.0.1 ; the vm address diff --git a/testing/bind/named/named.ip6.local b/testing/bind/named/named.ip6.local deleted file mode 100644 index 1aeeeef..0000000 --- a/testing/bind/named/named.ip6.local +++ /dev/null @@ -1,10 +0,0 @@ -$TTL 86400 -@ IN SOA localhost. root.localhost. ( - 1997022700 ; Serial - 28800 ; Refresh - 14400 ; Retry - 3600000 ; Expire - 86400 ) ; Minimum - IN NS localhost. - -1 IN PTR localhost. diff --git a/testing/bind/named/named.local b/testing/bind/named/named.local deleted file mode 100644 index 8bfc435..0000000 --- a/testing/bind/named/named.local +++ /dev/null @@ -1,10 +0,0 @@ -$TTL 86400 -@ IN SOA localhost. root.localhost. ( - 1997022700 ; Serial - 28800 ; Refresh - 14400 ; Retry - 3600000 ; Expire - 86400 ) ; Minimum - IN NS localhost. - -1 IN PTR localhost. diff --git a/testing/bind/named/named.zero b/testing/bind/named/named.zero deleted file mode 100644 index 24c07e4..0000000 --- a/testing/bind/named/named.zero +++ /dev/null @@ -1,9 +0,0 @@ -$TTL 86400 -@ IN SOA localhost root ( - 42 ; serial (d. adams) - 3H ; refresh - 15M ; retry - 1W ; expiry - 1D ) ; minimum - IN NS localhost - diff --git a/testing/dhcp/README b/testing/dhcp/README deleted file mode 100644 index eafa154..0000000 --- a/testing/dhcp/README +++ /dev/null @@ -1,7 +0,0 @@ -dhcpd.conf belongs in /etc - -start the service - /etc/init.d/dhcpd start - -to ask for an address from the service - dhclient eth0 diff --git a/testing/dhcp/dhcpd.conf b/testing/dhcp/dhcpd.conf deleted file mode 100644 index 6192fb4..0000000 --- a/testing/dhcp/dhcpd.conf +++ /dev/null @@ -1,31 +0,0 @@ -ddns-update-style interim; -ignore client-updates; - -subnet 192.168.0.0 netmask 255.255.255.0 { - -# --- default gateway - option routers 192.168.0.1; - option subnet-mask 255.255.255.0; - - option nis-domain "domain.org"; - option domain-name "domain.org"; - option domain-name-servers 192.168.0.1; - - option time-offset -18000; # Eastern Standard Time -# option ntp-servers 192.168.1.1; -# option netbios-name-servers 192.168.1.1; -# --- Selects point-to-point node (default is hybrid). Don't change this unless -# -- you understand Netbios very well -# option netbios-node-type 2; - - range dynamic-bootp 192.168.0.128 192.168.0.254; - default-lease-time 21600; - max-lease-time 43200; - - # we want the nameserver to appear at a fixed address - host ns { - next-server marvin.redhat.com; - hardware ethernet 12:34:56:78:AB:CD; - fixed-address 207.175.42.254; - } -} diff --git a/testing/kerberos/README b/testing/kerberos/README deleted file mode 100644 index 1667941..0000000 --- a/testing/kerberos/README +++ /dev/null @@ -1,26 +0,0 @@ -INSTAll server - yum install krb5-server -and if the libs are not installed - yum install krb5-libs - -copy krb5.conf to /etc/ -copy kdc.conf to /var/kerberos/krb5kdc -copy kadm5.acl to /var/kerberos/krb5kdc/ -edit /etc/hosts to have th VMs ip associated with "noplace.org noplace" -ie - 10.1.13.XXX noplace.org noplace - -init the database and admin principals. - kdb5_util create -s -add an admin principal - kadmin.local -while running kadmin.local enter - addprinc master/admin - -turn off iptables -start the service with init scripts - /etc/rc.d/init.d/krb5kdc start - /etc/rc.d/init.d/kadmin start -test it out - kinit master/admin - kadmin diff --git a/testing/kerberos/denial_notes b/testing/kerberos/denial_notes deleted file mode 100644 index 503c680..0000000 --- a/testing/kerberos/denial_notes +++ /dev/null @@ -1,9 +0,0 @@ -kerberos seems to have basic functionality. some denials occur but do not seem to effect what -was tested so far -/etc/init.d/krb5kdc start - allow krb5kdc_t krb5_conf_t:file write; - allow krb5kdc_t krb5kdc_conf_t:file write; - allow krb5kdc_t proc_net_t:dir read; -/etc/init.d/kadmin start - allow kadmind_t krb5_conf_t:file write; - allow kadmind_t krb5kdc_conf_t:file write; diff --git a/testing/kerberos/kadm5.acl b/testing/kerberos/kadm5.acl deleted file mode 100644 index 9152d3d..0000000 --- a/testing/kerberos/kadm5.acl +++ /dev/null @@ -1 +0,0 @@ -*/admin@NOPLACE.ORG * diff --git a/testing/kerberos/kdc.conf b/testing/kerberos/kdc.conf deleted file mode 100644 index 6b198cf..0000000 --- a/testing/kerberos/kdc.conf +++ /dev/null @@ -1,17 +0,0 @@ -[kdcdefaults] - kdc_ports = 88,750 - -[realms] - NOPLACE.ORG = { - database_name = /var/kerberos/krb5kdc/princiapal - admin_keytab = /var/kerberos/krb5kdc/kadm5.acl - acl_file = /var/kerberos/krb5kdc/kadm5.acl - dict_file = /var/kerberos/krb5kdc/kadm5.dict - key_stash_file = /var/kerberos/krb5kdc/.k5.NOPLACE.ORG - kadmind_port = 749 - max_life = 10h 0m 0s - max_renewable_life = 7d 0h 0m 0s - #master_key_type = dec3-hmac-sha1 - #supported_enctypes = dec3-hmac-sha1:nromal des-cbc-crc:normal - } - diff --git a/testing/kerberos/krb5.conf b/testing/kerberos/krb5.conf deleted file mode 100644 index c04b715..0000000 --- a/testing/kerberos/krb5.conf +++ /dev/null @@ -1,18 +0,0 @@ -[libdefaults] - default_realm = NOPLACE.ORG - -[realms] - NOPLACE.ORG = { - kdc = NOPLACE.ORG:88 - admin_server = NOPLACE.ORG:749 - default_domain = noplace.org - } - -[domain_realm] - noplace.org = NOPLACE.ORG - .noplace.org = NOPLACE.ORG - -[logging] - kdc = FILE:/var/log/krb5kdc.log - admin_server = FILE:/var/log/kadmin.log - default = FILE:/var/log/krb5lib.log diff --git a/testing/ldap/README b/testing/ldap/README deleted file mode 100644 index 3f85e55..0000000 --- a/testing/ldap/README +++ /dev/null @@ -1,23 +0,0 @@ -The most important file is slapd.conf. it has some quick configs necisarry for testing. -the file slapd.conf belongs at /etc/openldap/slapd.conf - -install the packages if they are not already - yum -y install openldap-server openldap-clients - -add the root dn - slapadd -v -l root.ldif - -start the service - /etc/init.d/ldap start - -add some test entries (service must be running) - ldapmodify -D "cn=Manager,dc=plainjoe,dc=org" -w secret -x -a -v -f users.ldif - -remove them - ldapmodify -D "cn=Manager,dc=plainjoe,dc=org" -w secret -x -v -f remove_all.ldif - -read them with slapcat - slapcat - -or read them with a client tool - ldapsearch -x -b "dc=plainjoe,dc=org" "(objectclass=*)" diff --git a/testing/ldap/remove_all.ldif b/testing/ldap/remove_all.ldif deleted file mode 100644 index 499713e..0000000 --- a/testing/ldap/remove_all.ldif +++ /dev/null @@ -1,8 +0,0 @@ -dn: cn=Other Guy,ou=people,dc=plainjoe,dc=org -changetype: delete - -dn: cn=Some Guy,ou=people,dc=plainjoe,dc=org -changetype: delete - -dn: ou=people,dc=plainjoe,dc=org -changetype: delete diff --git a/testing/ldap/root.ldif b/testing/ldap/root.ldif deleted file mode 100644 index a376ce8..0000000 --- a/testing/ldap/root.ldif +++ /dev/null @@ -1,5 +0,0 @@ -dn: dc=plainjoe,dc=org -dc: plainjoe -objectClass: dcObject -objectClass: organizationalUnit -ou: PlainJoe Dot Org diff --git a/testing/ldap/slapd.conf b/testing/ldap/slapd.conf deleted file mode 100644 index 96a0177..0000000 --- a/testing/ldap/slapd.conf +++ /dev/null @@ -1,98 +0,0 @@ -# -# See slapd.conf(5) for details on configuration options. -# This file should NOT be world readable. -# -include /etc/openldap/schema/core.schema -include /etc/openldap/schema/cosine.schema -include /etc/openldap/schema/inetorgperson.schema -include /etc/openldap/schema/nis.schema - -# Allow LDAPv2 client connections. This is NOT the default. -allow bind_v2 - -# Do not enable referrals until AFTER you have a working directory -# service AND an understanding of referrals. -#referral ldap://root.openldap.org - -pidfile /var/run/slapd.pid -argsfile /var/run/slapd.args - -# Load dynamic backend modules: -# modulepath /usr/sbin/openldap -# moduleload back_bdb.la -# moduleload back_ldap.la -# moduleload back_ldbm.la -# moduleload back_passwd.la -# moduleload back_shell.la - -# The next three lines allow use of TLS for encrypting connections using a -# dummy test certificate which you can generate by changing to -# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on -# slapd.pem so that the ldap user or group can read it. Your client software -# may balk at self-signed certificates, however. -# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt -# TLSCertificateFile /etc/pki/tls/certs/slapd.pem -# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem - -# Sample security restrictions -# Require integrity protection (prevent hijacking) -# Require 112-bit (3DES or better) encryption for updates -# Require 63-bit encryption for simple bind -# security ssf=1 update_ssf=112 simple_bind=64 - -# Sample access control policy: -# Root DSE: allow anyone to read it -# Subschema (sub)entry DSE: allow anyone to read it -# Other DSEs: -# Allow self write access -# Allow authenticated users read access -# Allow anonymous users to authenticate -# Directives needed to implement policy: -# access to dn.base="" by * read -# access to dn.base="cn=Subschema" by * read -# access to * -# by self write -# by users read -# by anonymous auth -# -# if no access controls are present, the default policy -# allows anyone and everyone to read anything but restricts -# updates to rootdn. (e.g., "access to * by * read") -# -# rootdn can always read and write EVERYTHING! - -#just allow anyone to do whatever for testing purposes -access to * - by * write - -####################################################################### -# ldbm and/or bdb database definitions -####################################################################### - -database bdb -suffix "dc=plainjoe,dc=org" -rootdn "cn=Manager,dc=plainjoe,dc=org" -# Cleartext passwords, especially for the rootdn, should -# be avoided. See slappasswd(8) and slapd.conf(5) for details. -# Use of strong authentication encouraged. -# rootpw secret -# rootpw {crypt}ijFYNcSNctBYg -rootpw {SSHA}3Q3i+6viSPu3ZIso9ta6cYtNS4TEAXuO - -# The database directory MUST exist prior to running slapd AND -# should only be accessible by the slapd and slap tools. -# Mode 700 recommended. -directory /var/lib/ldap - -# Indices to maintain for this database -index objectClass eq,pres -index ou,cn,mail,surname,givenname eq,pres,sub -index uidNumber,gidNumber,loginShell eq,pres -index uid,memberUid eq,pres,sub -index nisMapName,nisMapEntry eq,pres,sub - -# Replicas of this database -#replogfile /var/lib/ldap/openldap-master-replog -#replica host=ldap-1.example.com:389 starttls=critical -# bindmethod=sasl saslmech=GSSAPI -# authcId=host/ldap-master.example.com@EXAMPLE.COM diff --git a/testing/ldap/users.ldif b/testing/ldap/users.ldif deleted file mode 100644 index 3ac0e27..0000000 --- a/testing/ldap/users.ldif +++ /dev/null @@ -1,23 +0,0 @@ -dn: ou=people,dc=plainjoe,dc=org -ou: people -objectClass: organizationalUnit - -dn: cn=Some Guy,ou=people,dc=plainjoe,dc=org -cn: Some Guy -sn: Guy -mail: sguy@place.com -mail: sguy@otherplace.com -labeledURI: http://www.place.com/sguy/index.php -roomNumber: 1234 his room -departmentNumber: sw devel -pager: 555-666-7777 -mobile: 898-898-8989 -objectClass: inetOrgPerson - -dn: cn=Other Guy,ou=people,dc=plainjoe,dc=org -cn: Other Guy -sn: Guy -mail: oguy@place.com -departmentNumber: hw devel -mobile: 898-898-9999 -objectClass: inetOrgPerson diff --git a/testing/mailman/README b/testing/mailman/README deleted file mode 100644 index d4f8f4d..0000000 --- a/testing/mailman/README +++ /dev/null @@ -1,23 +0,0 @@ -yum -y install sendmail-cf -yum -y install mailman - -cp mail /etc/ - -restart sendmail - -cd /usr/lib/mailman/ - -bin/newlist mailman - Enter the email of the person running the list: root@gibbson.edu - -copy the tail of bin/newlist to /etc/aliases -run newaliases - -bin/config_list -i /var/lib/mailman/data/sitelist.cfg mailman - -cp httpd.conf /etc/httpd/conf/httpd.conf - -restart apache -start mailman - -goto http://localhost/mailman/admin/mailman to test diff --git a/testing/mailman/httpd.conf b/testing/mailman/httpd.conf deleted file mode 100644 index ef5c340..0000000 --- a/testing/mailman/httpd.conf +++ /dev/null @@ -1,986 +0,0 @@ -# -# Based upon the NCSA server configuration files originally by Rob McCool. -# -# This is the main Apache server configuration file. It contains the -# configuration directives that give the server its instructions. -# See for detailed information about -# the directives. -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# -# The configuration directives are grouped into three basic sections: -# 1. Directives that control the operation of the Apache server process as a -# whole (the 'global environment'). -# 2. Directives that define the parameters of the 'main' or 'default' server, -# which responds to requests that aren't handled by a virtual host. -# These directives also provide default values for the settings -# of all virtual hosts. -# 3. Settings for virtual hosts, which allow Web requests to be sent to -# different IP addresses or hostnames and have them handled by the -# same Apache server process. -# -# Configuration and logfile names: If the filenames you specify for many -# of the server's control files begin with "/" (or "drive:/" for Win32), the -# server will use that explicit path. If the filenames do *not* begin -# with "/", the value of ServerRoot is prepended -- so "logs/foo.log" -# with ServerRoot set to "/etc/httpd" will be interpreted by the -# server as "/etc/httpd/logs/foo.log". -# - -### Section 1: Global Environment -# -# The directives in this section affect the overall operation of Apache, -# such as the number of concurrent requests it can handle or where it -# can find its configuration files. -# - -# -# Don't give away too much information about all the subcomponents -# we are running. Comment out this line if you don't mind remote sites -# finding out what major optional modules you are running -ServerTokens OS - -# -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# NOTE! If you intend to place this on an NFS (or otherwise network) -# mounted filesystem then please read the LockFile documentation -# (available at ); -# you will save yourself a lot of trouble. -# -# Do NOT add a slash at the end of the directory path. -# -ServerRoot "/etc/httpd" - -# -# PidFile: The file in which the server should record its process -# identification number when it starts. -# -PidFile run/httpd.pid - -# -# Timeout: The number of seconds before receives and sends time out. -# -Timeout 120 - -# -# KeepAlive: Whether or not to allow persistent connections (more than -# one request per connection). Set to "Off" to deactivate. -# -KeepAlive Off - -# -# MaxKeepAliveRequests: The maximum number of requests to allow -# during a persistent connection. Set to 0 to allow an unlimited amount. -# We recommend you leave this number high, for maximum performance. -# -MaxKeepAliveRequests 100 - -# -# KeepAliveTimeout: Number of seconds to wait for the next request from the -# same client on the same connection. -# -KeepAliveTimeout 15 - -## -## Server-Pool Size Regulation (MPM specific) -## - -# prefork MPM -# StartServers: number of server processes to start -# MinSpareServers: minimum number of server processes which are kept spare -# MaxSpareServers: maximum number of server processes which are kept spare -# ServerLimit: maximum value for MaxClients for the lifetime of the server -# MaxClients: maximum number of server processes allowed to start -# MaxRequestsPerChild: maximum number of requests a server process serves - -StartServers 8 -MinSpareServers 5 -MaxSpareServers 20 -ServerLimit 256 -MaxClients 256 -MaxRequestsPerChild 4000 - - -# worker MPM -# StartServers: initial number of server processes to start -# MaxClients: maximum number of simultaneous client connections -# MinSpareThreads: minimum number of worker threads which are kept spare -# MaxSpareThreads: maximum number of worker threads which are kept spare -# ThreadsPerChild: constant number of worker threads in each server process -# MaxRequestsPerChild: maximum number of requests a server process serves - -StartServers 2 -MaxClients 150 -MinSpareThreads 25 -MaxSpareThreads 75 -ThreadsPerChild 25 -MaxRequestsPerChild 0 - - -# -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, in addition to the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses (0.0.0.0) -# -#Listen 12.34.56.78:80 -Listen 80 - -# -# Dynamic Shared Object (DSO) Support -# -# To be able to use the functionality of a module which was built as a DSO you -# have to place corresponding `LoadModule' lines at this location so the -# directives contained in it are actually available _before_ they are used. -# Statically compiled modules (those listed by `httpd -l') do not need -# to be loaded here. -# -# Example: -# LoadModule foo_module modules/mod_foo.so -# -LoadModule access_module modules/mod_access.so -LoadModule auth_module modules/mod_auth.so -LoadModule auth_anon_module modules/mod_auth_anon.so -LoadModule auth_dbm_module modules/mod_auth_dbm.so -LoadModule auth_digest_module modules/mod_auth_digest.so -LoadModule ldap_module modules/mod_ldap.so -LoadModule auth_ldap_module modules/mod_auth_ldap.so -LoadModule include_module modules/mod_include.so -LoadModule log_config_module modules/mod_log_config.so -LoadModule logio_module modules/mod_logio.so -LoadModule env_module modules/mod_env.so -LoadModule ext_filter_module modules/mod_ext_filter.so -LoadModule mime_magic_module modules/mod_mime_magic.so -LoadModule expires_module modules/mod_expires.so -LoadModule deflate_module modules/mod_deflate.so -LoadModule headers_module modules/mod_headers.so -LoadModule usertrack_module modules/mod_usertrack.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule mime_module modules/mod_mime.so -LoadModule dav_module modules/mod_dav.so -LoadModule status_module modules/mod_status.so -LoadModule autoindex_module modules/mod_autoindex.so -LoadModule info_module modules/mod_info.so -LoadModule dav_fs_module modules/mod_dav_fs.so -LoadModule vhost_alias_module modules/mod_vhost_alias.so -LoadModule negotiation_module modules/mod_negotiation.so -LoadModule dir_module modules/mod_dir.so -LoadModule actions_module modules/mod_actions.so -LoadModule speling_module modules/mod_speling.so -LoadModule userdir_module modules/mod_userdir.so -LoadModule alias_module modules/mod_alias.so -LoadModule rewrite_module modules/mod_rewrite.so -LoadModule proxy_module modules/mod_proxy.so -LoadModule proxy_ftp_module modules/mod_proxy_ftp.so -LoadModule proxy_http_module modules/mod_proxy_http.so -LoadModule proxy_connect_module modules/mod_proxy_connect.so -LoadModule cache_module modules/mod_cache.so -LoadModule suexec_module modules/mod_suexec.so -LoadModule disk_cache_module modules/mod_disk_cache.so -LoadModule file_cache_module modules/mod_file_cache.so -LoadModule mem_cache_module modules/mod_mem_cache.so -LoadModule cgi_module modules/mod_cgi.so - -# -# The following modules are not loaded by default: -# -#LoadModule cern_meta_module modules/mod_cern_meta.so -#LoadModule asis_module modules/mod_asis.so - -# -# Load config files from the config directory "/etc/httpd/conf.d". -# -Include conf.d/*.conf - -# -# ExtendedStatus controls whether Apache will generate "full" status -# information (ExtendedStatus On) or just basic information (ExtendedStatus -# Off) when the "server-status" handler is called. The default is Off. -# -#ExtendedStatus On - -# -# If you wish httpd to run as a different user or group, you must run -# httpd as root initially and it will switch. -# -# User/Group: The name (or #number) of the user/group to run httpd as. -# . On SCO (ODT 3) use "User nouser" and "Group nogroup". -# . On HPUX you may not be able to use shared memory as nobody, and the -# suggested workaround is to create a user www and use that user. -# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET) -# when the value of (unsigned)Group is above 60000; -# don't use Group #-1 on these systems! -# -User apache -Group apache - -### Section 2: 'Main' server configuration -# -# The directives in this section set up the values used by the 'main' -# server, which responds to any requests that aren't handled by a -# definition. These values also provide defaults for -# any containers you may define later in the file. -# -# All of these directives may appear inside containers, -# in which case these default settings will be overridden for the -# virtual host being defined. -# - -# -# ServerAdmin: Your address, where problems with the server should be -# e-mailed. This address appears on some server-generated pages, such -# as error documents. e.g. admin@your-domain.com -# -ServerAdmin root@localhost - -# -# ServerName gives the name and port that the server uses to identify itself. -# This can often be determined automatically, but we recommend you specify -# it explicitly to prevent problems during startup. -# -# If this is not set to valid DNS name for your host, server-generated -# redirections will not work. See also the UseCanonicalName directive. -# -# If your host doesn't have a registered DNS name, enter its IP address here. -# You will have to access it by its address anyway, and this will make -# redirections work in a sensible way. -# -#ServerName www.example.com:80 - -# -# UseCanonicalName: Determines how Apache constructs self-referencing -# URLs and the SERVER_NAME and SERVER_PORT variables. -# When set "Off", Apache will use the Hostname and Port supplied -# by the client. When set "On", Apache will use the value of the -# ServerName directive. -# -UseCanonicalName Off - -# -# DocumentRoot: The directory out of which you will serve your -# documents. By default, all requests are taken from this directory, but -# symbolic links and aliases may be used to point to other locations. -# -DocumentRoot "/var/www/html" - -# -# Each directory to which Apache has access can be configured with respect -# to which services and features are allowed and/or disabled in that -# directory (and its subdirectories). -# -# First, we configure the "default" to be a very restrictive set of -# features. -# - - Options FollowSymLinks - AllowOverride None - - -# -# Note that from this point forward you must specifically allow -# particular features to be enabled - so if something's not working as -# you might expect, make sure that you have specifically enabled it -# below. -# - -# -# This should be changed to whatever you set DocumentRoot to. -# - - -# -# Possible values for the Options directive are "None", "All", -# or any combination of: -# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews -# -# Note that "MultiViews" must be named *explicitly* --- "Options All" -# doesn't give it to you. -# -# The Options directive is both complicated and important. Please see -# http://httpd.apache.org/docs-2.0/mod/core.html#options -# for more information. -# - Options Indexes FollowSymLinks - -# -# AllowOverride controls what directives may be placed in .htaccess files. -# It can be "All", "None", or any combination of the keywords: -# Options FileInfo AuthConfig Limit -# - AllowOverride None - -# -# Controls who can get stuff from this server. -# - Order allow,deny - Allow from all - - - -# -# UserDir: The name of the directory that is appended onto a user's home -# directory if a ~user request is received. -# -# The path to the end user account 'public_html' directory must be -# accessible to the webserver userid. This usually means that ~userid -# must have permissions of 711, ~userid/public_html must have permissions -# of 755, and documents contained therein must be world-readable. -# Otherwise, the client will only receive a "403 Forbidden" message. -# -# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden -# - - # - # UserDir is disabled by default since it can confirm the presence - # of a username on the system (depending on home directory - # permissions). - # - UserDir disable - - # - # To enable requests to /~user/ to serve the user's public_html - # directory, remove the "UserDir disable" line above, and uncomment - # the following line instead: - # - #UserDir public_html - - - -# -# Control access to UserDir directories. The following is an example -# for a site where these directories are restricted to read-only. -# -# -# AllowOverride FileInfo AuthConfig Limit -# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec -# -# Order allow,deny -# Allow from all -# -# -# Order deny,allow -# Deny from all -# -# - -# -# DirectoryIndex: sets the file that Apache will serve if a directory -# is requested. -# -# The index.html.var file (a type-map) is used to deliver content- -# negotiated documents. The MultiViews Option can be used for the -# same purpose, but it is much slower. -# -DirectoryIndex index.html index.html.var - -# -# AccessFileName: The name of the file to look for in each directory -# for additional configuration directives. See also the AllowOverride -# directive. -# -AccessFileName .htaccess - -# -# The following lines prevent .htaccess and .htpasswd files from being -# viewed by Web clients. -# - - Order allow,deny - Deny from all - - -# -# TypesConfig describes where the mime.types file (or equivalent) is -# to be found. -# -TypesConfig /etc/mime.types - -# -# DefaultType is the default MIME type the server will use for a document -# if it cannot otherwise determine one, such as from filename extensions. -# If your server contains mostly text or HTML documents, "text/plain" is -# a good value. If most of your content is binary, such as applications -# or images, you may want to use "application/octet-stream" instead to -# keep browsers from trying to display binary files as though they are -# text. -# -DefaultType text/plain - -# -# The mod_mime_magic module allows the server to use various hints from the -# contents of the file itself to determine its type. The MIMEMagicFile -# directive tells the module where the hint definitions are located. -# - -# MIMEMagicFile /usr/share/magic.mime - MIMEMagicFile conf/magic - - -# -# HostnameLookups: Log the names of clients or just their IP addresses -# e.g., www.apache.org (on) or 204.62.129.132 (off). -# The default is off because it'd be overall better for the net if people -# had to knowingly turn this feature on, since enabling it means that -# each client request will result in AT LEAST one lookup request to the -# nameserver. -# -HostnameLookups Off - -# -# EnableMMAP: Control whether memory-mapping is used to deliver -# files (assuming that the underlying OS supports it). -# The default is on; turn this off if you serve from NFS-mounted -# filesystems. On some systems, turning it off (regardless of -# filesystem) can improve performance; for details, please see -# http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap -# -#EnableMMAP off - -# -# EnableSendfile: Control whether the sendfile kernel support is -# used to deliver files (assuming that the OS supports it). -# The default is on; turn this off if you serve from NFS-mounted -# filesystems. Please see -# http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile -# -#EnableSendfile off - -# -# ErrorLog: The location of the error log file. -# If you do not specify an ErrorLog directive within a -# container, error messages relating to that virtual host will be -# logged here. If you *do* define an error logfile for a -# container, that host's errors will be logged there and not here. -# -ErrorLog logs/error_log - -# -# LogLevel: Control the number of messages logged to the error_log. -# Possible values include: debug, info, notice, warn, error, crit, -# alert, emerg. -# -LogLevel warn - -# -# The following directives define some format nicknames for use with -# a CustomLog directive (see below). -# -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined -LogFormat "%h %l %u %t \"%r\" %>s %b" common -LogFormat "%{Referer}i -> %U" referer -LogFormat "%{User-agent}i" agent - -# "combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this -# requires the mod_logio module to be loaded. -#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio - -# -# The location and format of the access logfile (Common Logfile Format). -# If you do not define any access logfiles within a -# container, they will be logged here. Contrariwise, if you *do* -# define per- access logfiles, transactions will be -# logged therein and *not* in this file. -# -#CustomLog logs/access_log common - -# -# If you would like to have separate agent and referer logfiles, uncomment -# the following directives. -# -#CustomLog logs/referer_log referer -#CustomLog logs/agent_log agent - -# -# For a single logfile with access, agent, and referer information -# (Combined Logfile Format), use the following directive: -# -CustomLog logs/access_log combined - -# -# Optionally add a line containing the server version and virtual host -# name to server-generated pages (internal error documents, FTP directory -# listings, mod_status and mod_info output etc., but not CGI generated -# documents or custom error documents). -# Set to "EMail" to also include a mailto: link to the ServerAdmin. -# Set to one of: On | Off | EMail -# -ServerSignature On - -# -# Aliases: Add here as many aliases as you need (with no limit). The format is -# Alias fakename realname -# -# Note that if you include a trailing / on fakename then the server will -# require it to be present in the URL. So "/icons" isn't aliased in this -# example, only "/icons/". If the fakename is slash-terminated, then the -# realname must also be slash terminated, and if the fakename omits the -# trailing slash, the realname must also omit it. -# -# We include the /icons/ alias for FancyIndexed directory listings. If you -# do not use FancyIndexing, you may comment this out. -# -Alias /icons/ "/var/www/icons/" - - - Options Indexes MultiViews - AllowOverride None - Order allow,deny - Allow from all - - -# -# WebDAV module configuration section. -# - - # Location of the WebDAV lock database. - DAVLockDB /var/lib/dav/lockdb - - -# -# ScriptAlias: This controls which directories contain server scripts. -# ScriptAliases are essentially the same as Aliases, except that -# documents in the realname directory are treated as applications and -# run by the server when requested rather than as documents sent to the client. -# The same rules about trailing "/" apply to ScriptAlias directives as to -# Alias. -# -ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" - -# -# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased -# CGI directory exists, if you have that configured. -# - - AllowOverride None - Options None - Order allow,deny - Allow from all - - -ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/ - - AllowOverride None - Options ExecCGI - Order allow,deny - Allow from all - -Alias /pipermail/ /var/lib/mailman/archives/public/ - -# -# Redirect allows you to tell clients about documents which used to exist in -# your server's namespace, but do not anymore. This allows you to tell the -# clients where to look for the relocated document. -# Example: -# Redirect permanent /foo http://www.example.com/bar - -# -# Directives controlling the display of server-generated directory listings. -# - -# -# IndexOptions: Controls the appearance of server-generated directory -# listings. -# -IndexOptions FancyIndexing VersionSort NameWidth=* - -# -# AddIcon* directives tell the server which icon to show for different -# files or filename extensions. These are only displayed for -# FancyIndexed directories. -# -AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip - -AddIconByType (TXT,/icons/text.gif) text/* -AddIconByType (IMG,/icons/image2.gif) image/* -AddIconByType (SND,/icons/sound2.gif) audio/* -AddIconByType (VID,/icons/movie.gif) video/* - -AddIcon /icons/binary.gif .bin .exe -AddIcon /icons/binhex.gif .hqx -AddIcon /icons/tar.gif .tar -AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv -AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip -AddIcon /icons/a.gif .ps .ai .eps -AddIcon /icons/layout.gif .html .shtml .htm .pdf -AddIcon /icons/text.gif .txt -AddIcon /icons/c.gif .c -AddIcon /icons/p.gif .pl .py -AddIcon /icons/f.gif .for -AddIcon /icons/dvi.gif .dvi -AddIcon /icons/uuencoded.gif .uu -AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl -AddIcon /icons/tex.gif .tex -AddIcon /icons/bomb.gif core - -AddIcon /icons/back.gif .. -AddIcon /icons/hand.right.gif README -AddIcon /icons/folder.gif ^^DIRECTORY^^ -AddIcon /icons/blank.gif ^^BLANKICON^^ - -# -# DefaultIcon is which icon to show for files which do not have an icon -# explicitly set. -# -DefaultIcon /icons/unknown.gif - -# -# AddDescription allows you to place a short description after a file in -# server-generated indexes. These are only displayed for FancyIndexed -# directories. -# Format: AddDescription "description" filename -# -#AddDescription "GZIP compressed document" .gz -#AddDescription "tar archive" .tar -#AddDescription "GZIP compressed tar archive" .tgz - -# -# ReadmeName is the name of the README file the server will look for by -# default, and append to directory listings. -# -# HeaderName is the name of a file which should be prepended to -# directory indexes. -ReadmeName README.html -HeaderName HEADER.html - -# -# IndexIgnore is a set of filenames which directory indexing should ignore -# and not include in the listing. Shell-style wildcarding is permitted. -# -IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t - -# -# DefaultLanguage and AddLanguage allows you to specify the language of -# a document. You can then use content negotiation to give a browser a -# file in a language the user can understand. -# -# Specify a default language. This means that all data -# going out without a specific language tag (see below) will -# be marked with this one. You probably do NOT want to set -# this unless you are sure it is correct for all cases. -# -# * It is generally better to not mark a page as -# * being a certain language than marking it with the wrong -# * language! -# -# DefaultLanguage nl -# -# Note 1: The suffix does not have to be the same as the language -# keyword --- those with documents in Polish (whose net-standard -# language code is pl) may wish to use "AddLanguage pl .po" to -# avoid the ambiguity with the common suffix for perl scripts. -# -# Note 2: The example entries below illustrate that in some cases -# the two character 'Language' abbreviation is not identical to -# the two character 'Country' code for its country, -# E.g. 'Danmark/dk' versus 'Danish/da'. -# -# Note 3: In the case of 'ltz' we violate the RFC by using a three char -# specifier. There is 'work in progress' to fix this and get -# the reference data for rfc1766 cleaned up. -# -# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl) -# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de) -# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja) -# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn) -# Norwegian (no) - Polish (pl) - Portugese (pt) -# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv) -# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW) -# -AddLanguage ca .ca -AddLanguage cs .cz .cs -AddLanguage da .dk -AddLanguage de .de -AddLanguage el .el -AddLanguage en .en -AddLanguage eo .eo -AddLanguage es .es -AddLanguage et .et -AddLanguage fr .fr -AddLanguage he .he -AddLanguage hr .hr -AddLanguage it .it -AddLanguage ja .ja -AddLanguage ko .ko -AddLanguage ltz .ltz -AddLanguage nl .nl -AddLanguage nn .nn -AddLanguage no .no -AddLanguage pl .po -AddLanguage pt .pt -AddLanguage pt-BR .pt-br -AddLanguage ru .ru -AddLanguage sv .sv -AddLanguage zh-CN .zh-cn -AddLanguage zh-TW .zh-tw - -# -# LanguagePriority allows you to give precedence to some languages -# in case of a tie during content negotiation. -# -# Just list the languages in decreasing order of preference. We have -# more or less alphabetized them here. You probably want to change this. -# -LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW - -# -# ForceLanguagePriority allows you to serve a result page rather than -# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) -# [in case no accepted languages matched the available variants] -# -ForceLanguagePriority Prefer Fallback - -# -# Specify a default charset for all content served; this enables -# interpretation of all content as UTF-8 by default. To use the -# default browser choice (ISO-8859-1), or to allow the META tags -# in HTML content to override this choice, comment out this -# directive: -# -AddDefaultCharset UTF-8 - -# -# AddType allows you to add to or override the MIME configuration -# file mime.types for specific file types. -# -#AddType application/x-tar .tgz - -# -# AddEncoding allows you to have certain browsers uncompress -# information on the fly. Note: Not all browsers support this. -# Despite the name similarity, the following Add* directives have nothing -# to do with the FancyIndexing customization directives above. -# -#AddEncoding x-compress .Z -#AddEncoding x-gzip .gz .tgz - -# If the AddEncoding directives above are commented-out, then you -# probably should define those extensions to indicate media types: -# -AddType application/x-compress .Z -AddType application/x-gzip .gz .tgz - -# -# AddHandler allows you to map certain file extensions to "handlers": -# actions unrelated to filetype. These can be either built into the server -# or added with the Action directive (see below) -# -# To use CGI scripts outside of ScriptAliased directories: -# (You will also need to add "ExecCGI" to the "Options" directive.) -# -#AddHandler cgi-script .cgi - -# -# For files that include their own HTTP headers: -# -#AddHandler send-as-is asis - -# -# For type maps (negotiated resources): -# (This is enabled by default to allow the Apache "It Worked" page -# to be distributed in multiple languages.) -# -AddHandler type-map var - -# -# Filters allow you to process content before it is sent to the client. -# -# To parse .shtml files for server-side includes (SSI): -# (You will also need to add "Includes" to the "Options" directive.) -# -AddType text/html .shtml -AddOutputFilter INCLUDES .shtml - -# -# Action lets you define media types that will execute a script whenever -# a matching file is called. This eliminates the need for repeated URL -# pathnames for oft-used CGI file processors. -# Format: Action media/type /cgi-script/location -# Format: Action handler-name /cgi-script/location -# - -# -# Customizable error responses come in three flavors: -# 1) plain text 2) local redirects 3) external redirects -# -# Some examples: -#ErrorDocument 500 "The server made a boo boo." -#ErrorDocument 404 /missing.html -#ErrorDocument 404 "/cgi-bin/missing_handler.pl" -#ErrorDocument 402 http://www.example.com/subscription_info.html -# - -# -# Putting this all together, we can internationalize error responses. -# -# We use Alias to redirect any /error/HTTP_.html.var response to -# our collection of by-error message multi-language collections. We use -# includes to substitute the appropriate text. -# -# You can modify the messages' appearance without changing any of the -# default HTTP_.html.var files by adding the line: -# -# Alias /error/include/ "/your/include/path/" -# -# which allows you to create your own set of files by starting with the -# /var/www/error/include/ files and -# copying them to /your/include/path/, even on a per-VirtualHost basis. -# - -Alias /error/ "/var/www/error/" - - - - - AllowOverride None - Options IncludesNoExec - AddOutputFilter Includes html - AddHandler type-map var - Order allow,deny - Allow from all - LanguagePriority en es de fr - ForceLanguagePriority Prefer Fallback - - -# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var -# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var -# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var -# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var -# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var -# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var -# ErrorDocument 410 /error/HTTP_GONE.html.var -# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var -# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var -# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var -# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var -# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var -# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var -# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var -# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var -# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var -# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var - - - - -# -# The following directives modify normal HTTP response behavior to -# handle known problems with browser implementations. -# -BrowserMatch "Mozilla/2" nokeepalive -BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 -BrowserMatch "RealPlayer 4\.0" force-response-1.0 -BrowserMatch "Java/1\.0" force-response-1.0 -BrowserMatch "JDK/1\.0" force-response-1.0 - -# -# The following directive disables redirects on non-GET requests for -# a directory that does not include the trailing slash. This fixes a -# problem with Microsoft WebFolders which does not appropriately handle -# redirects for folders with DAV methods. -# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. -# -BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully -BrowserMatch "^WebDrive" redirect-carefully -BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully -BrowserMatch "^gnome-vfs" redirect-carefully - -# -# Allow server status reports generated by mod_status, -# with the URL of http://servername/server-status -# Change the ".example.com" to match your domain to enable. -# -# -# SetHandler server-status -# Order deny,allow -# Deny from all -# Allow from .example.com -# - -# -# Allow remote server configuration reports, with the URL of -# http://servername/server-info (requires that mod_info.c be loaded). -# Change the ".example.com" to match your domain to enable. -# -# -# SetHandler server-info -# Order deny,allow -# Deny from all -# Allow from .example.com -# - -# -# Proxy Server directives. Uncomment the following lines to -# enable the proxy server: -# -# -#ProxyRequests On -# -# -# Order deny,allow -# Deny from all -# Allow from .example.com -# - -# -# Enable/disable the handling of HTTP/1.1 "Via:" headers. -# ("Full" adds the server version; "Block" removes all outgoing Via: headers) -# Set to one of: Off | On | Full | Block -# -#ProxyVia On - -# -# To enable a cache of proxied content, uncomment the following lines. -# See http://httpd.apache.org/docs-2.0/mod/mod_cache.html for more details. -# -# -# CacheEnable disk / -# CacheRoot "/var/cache/mod_proxy" -# -# - -# -# End of proxy directives. - -### Section 3: Virtual Hosts -# -# VirtualHost: If you want to maintain multiple domains/hostnames on your -# machine you can setup VirtualHost containers for them. Most configurations -# use only name-based virtual hosts so the server doesn't need to worry about -# IP addresses. This is indicated by the asterisks in the directives below. -# -# Please see the documentation at -# -# for further details before you try to setup virtual hosts. -# -# You may use the command line option '-S' to verify your virtual host -# configuration. - -# -# Use name-based virtual hosting. -# -#NameVirtualHost *:80 -# -# NOTE: NameVirtualHost cannot be used without a port specifier -# (e.g. :80) if mod_ssl is being used, due to the nature of the -# SSL protocol. -# - -# -# VirtualHost example: -# Almost any Apache directive may go into a VirtualHost container. -# The first VirtualHost section is used for requests without a known -# server name. -# -# -# ServerAdmin webmaster@dummy-host.example.com -# DocumentRoot /www/docs/dummy-host.example.com -# ServerName dummy-host.example.com -# ErrorLog logs/dummy-host.example.com-error_log -# CustomLog logs/dummy-host.example.com-access_log common -# diff --git a/testing/mailman/mail/Makefile b/testing/mailman/mail/Makefile deleted file mode 100644 index 80ff77f..0000000 --- a/testing/mailman/mail/Makefile +++ /dev/null @@ -1,41 +0,0 @@ -# These could be used by sendmail, but are not part of the default install. -# To use them you will have to generate your own sendmail.cf with -# FEATURE('whatever') -# -POSSIBLE += $(shell test -f bitdomain && echo bitdomain.db) -POSSIBLE += $(shell test -f uudomain && echo uudomain.db) -POSSIBLE += $(shell test -f genericstable && echo genericstable.db) -POSSIBLE += $(shell test -f userdb && echo userdb.db) -POSSIBLE += $(shell test -f authinfo && echo authinfo.db) -CFFILES = sendmail.cf submit.cf - - -all: ${CFFILES} ${POSSIBLE} virtusertable.db access.db domaintable.db mailertable.db - -userdb.db: userdb - @makemap btree $@ < $< - -%.db: % - @makemap hash $@ < $< - -%.cf: %.mc - @if test -f /usr/share/sendmail-cf/m4/cf.m4; then \ - umask 022; \ - mv -f $@ $@.bak; \ - m4 $< > $@; \ - else \ - echo -e "WARNING: '$<' is modified. Please install package sendmail-cf to update your configuration."; \ - fi - -clean: - rm -f *.db *~ - -start: - service sendmail start - -stop: - service sendmail stop - -restart: - service sendmail restart - diff --git a/testing/mailman/mail/access b/testing/mailman/mail/access deleted file mode 100644 index d819a50..0000000 --- a/testing/mailman/mail/access +++ /dev/null @@ -1,10 +0,0 @@ -# Check the /usr/share/doc/sendmail/README.cf file for a description -# of the format of this file. (search for access_db in that file) -# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc -# package. -# -# by default we allow relaying from localhost... -localhost.localdomain RELAY -localhost RELAY -127.0.0.1 RELAY - diff --git a/testing/mailman/mail/access.db b/testing/mailman/mail/access.db deleted file mode 100644 index 753e958..0000000 Binary files a/testing/mailman/mail/access.db and /dev/null differ diff --git a/testing/mailman/mail/aliases b/testing/mailman/mail/aliases deleted file mode 120000 index dd61026..0000000 --- a/testing/mailman/mail/aliases +++ /dev/null @@ -1 +0,0 @@ -/etc/aliases \ No newline at end of file diff --git a/testing/mailman/mail/aliases.db b/testing/mailman/mail/aliases.db deleted file mode 100644 index 3666670..0000000 Binary files a/testing/mailman/mail/aliases.db and /dev/null differ diff --git a/testing/mailman/mail/domaintable b/testing/mailman/mail/domaintable deleted file mode 100644 index e69de29..0000000 --- a/testing/mailman/mail/domaintable +++ /dev/null diff --git a/testing/mailman/mail/domaintable.db b/testing/mailman/mail/domaintable.db deleted file mode 100644 index 80552ba..0000000 Binary files a/testing/mailman/mail/domaintable.db and /dev/null differ diff --git a/testing/mailman/mail/helpfile b/testing/mailman/mail/helpfile deleted file mode 100644 index 5c502d3..0000000 --- a/testing/mailman/mail/helpfile +++ /dev/null @@ -1,136 +0,0 @@ -#vers 2 -cpyr -cpyr Copyright (c) 1998-2000, 2002, 2004, 2005 Sendmail, Inc. and its suppliers. -cpyr All rights reserved. -cpyr Copyright (c) 1983, 1995-1997 Eric P. Allman. All rights reserved. -cpyr Copyright (c) 1988, 1993 -cpyr The Regents of the University of California. All rights reserved. -cpyr -cpyr -cpyr By using this file, you agree to the terms and conditions set -cpyr forth in the LICENSE file which can be found at the top level of -cpyr the sendmail distribution. -cpyr -cpyr $$Id: helpfile,v 8.45 2005/09/13 00:05:23 ca Exp $$ -cpyr -smtp This is sendmail version $v -smtp Topics: -smtp HELO EHLO MAIL RCPT DATA -smtp RSET NOOP QUIT HELP VRFY -smtp EXPN VERB ETRN DSN AUTH -smtp STARTTLS -smtp For more info use "HELP ". -smtp To report bugs in the implementation send email to -smtp sendmail-bugs@sendmail.org. -smtp For local information send email to Postmaster at your site. -help HELP [ ] -help The HELP command gives help info. -helo HELO -helo Introduce yourself. -ehlo EHLO -ehlo Introduce yourself, and request extended SMTP mode. -ehlo Possible replies include: -ehlo SEND Send as mail [RFC821] -ehlo SOML Send as mail or terminal [RFC821] -ehlo SAML Send as mail and terminal [RFC821] -ehlo EXPN Expand the mailing list [RFC821] -ehlo HELP Supply helpful information [RFC821] -ehlo TURN Turn the operation around [RFC821] -ehlo 8BITMIME Use 8-bit data [RFC1652] -ehlo SIZE Message size declaration [RFC1870] -ehlo VERB Verbose [Allman] -ehlo CHUNKING Chunking [RFC1830] -ehlo BINARYMIME Binary MIME [RFC1830] -ehlo PIPELINING Command Pipelining [RFC1854] -ehlo DSN Delivery Status Notification [RFC1891] -ehlo ETRN Remote Message Queue Starting [RFC1985] -ehlo STARTTLS Secure SMTP [RFC2487] -ehlo AUTH Authentication [RFC2554] -ehlo ENHANCEDSTATUSCODES Enhanced status codes [RFC2034] -ehlo DELIVERBY Deliver By [RFC2852] -mail MAIL From: [ ] -mail Specifies the sender. Parameters are ESMTP extensions. -mail See "HELP DSN" for details. -rcpt RCPT To: [ ] -rcpt Specifies the recipient. Can be used any number of times. -rcpt Parameters are ESMTP extensions. See "HELP DSN" for details. -data DATA -data Following text is collected as the message. -data End with a single dot. -rset RSET -rset Resets the system. -quit QUIT -quit Exit sendmail (SMTP). -auth AUTH mechanism [initial-response] -auth Start authentication. -starttls STARTTLS -starttls Start TLS negotiation. -verb VERB -verb Go into verbose mode. This sends 0xy responses that are -verb not RFC821 standard (but should be) They are recognized -verb by humans and other sendmail implementations. -vrfy VRFY -vrfy Verify an address. If you want to see what it aliases -vrfy to, use EXPN instead. -expn EXPN -expn Expand an address. If the address indicates a mailing -expn list, return the contents of that list. -noop NOOP -noop Do nothing. -send SEND FROM: -send replaces the MAIL command, and can be used to send -send directly to a users terminal. Not supported in this -send implementation. -soml SOML FROM: -soml Send or mail. If the user is logged in, send directly, -soml otherwise mail. Not supported in this implementation. -saml SAML FROM: -saml Send and mail. Send directly to the user's terminal, -saml and also mail a letter. Not supported in this -saml implementation. -turn TURN -turn Reverses the direction of the connection. Not currently -turn implemented. -etrn ETRN [ | @ | \# ] -etrn Run the queue for the specified , or -etrn all hosts within a given , or a specially-named -etrn (implementation-specific). -dsn MAIL FROM: [ RET={ FULL | HDRS} ] [ ENVID= ] -dsn RCPT TO: [ NOTIFY={NEVER,SUCCESS,FAILURE,DELAY} ] -dsn [ ORCPT= ] -dsn SMTP Delivery Status Notifications. -dsn Descriptions: -dsn RET Return either the full message or only headers. -dsn ENVID Sender's "envelope identifier" for tracking. -dsn NOTIFY When to send a DSN. Multiple options are OK, comma- -dsn delimited. NEVER must appear by itself. -dsn ORCPT Original recipient. --bt Help for test mode: --bt ? :this help message. --bt .Dmvalue :define macro `m' to `value'. --bt .Ccvalue :add `value' to class `c'. --bt =Sruleset :dump the contents of the indicated ruleset. --bt =M :display the known mailers. --bt -ddebug-spec :equivalent to the command-line -d debug flag. --bt $$m :print the value of macro $$m. --bt $$=c :print the contents of class $$=c. --bt /mx host :returns the MX records for `host'. --bt /parse address :parse address, returning the value of crackaddr, and --bt the parsed address. --bt /try mailer addr :rewrite address into the form it will have when --bt presented to the indicated mailer. --bt /tryflags flags :set flags used by parsing. The flags can be `H' for --bt Header or `E' for Envelope, and `S' for Sender or `R' --bt for Recipient. These can be combined, `HR' sets --bt flags for header recipients. --bt /canon hostname :try to canonify hostname. --bt /map mapname key :look up `key' in the indicated `mapname'. --bt /quit :quit address test mode. --bt rules addr :run the indicated address through the named rules. --bt Rules can be a comma separated list of rules. -control Help for smcontrol: -control help This message. -control restart Restart sendmail. -control shutdown Shutdown sendmail. -control status Show sendmail status. -control memdump Dump allocated memory list (for debugging only). diff --git a/testing/mailman/mail/lists b/testing/mailman/mail/lists deleted file mode 100644 index e69de29..0000000 --- a/testing/mailman/mail/lists +++ /dev/null diff --git a/testing/mailman/mail/local-host-names b/testing/mailman/mail/local-host-names deleted file mode 100644 index 9248c00..0000000 --- a/testing/mailman/mail/local-host-names +++ /dev/null @@ -1 +0,0 @@ -# local-host-names - include all aliases for your machine here. diff --git a/testing/mailman/mail/mailertable.db b/testing/mailman/mail/mailertable.db deleted file mode 100644 index d8a54a5..0000000 Binary files a/testing/mailman/mail/mailertable.db and /dev/null differ diff --git a/testing/mailman/mail/mm-handler b/testing/mailman/mail/mm-handler deleted file mode 100644 index a198649..0000000 --- a/testing/mailman/mail/mm-handler +++ /dev/null @@ -1,236 +0,0 @@ -#!/usr/local/bin/perl -## -## Sendmail mailer for Mailman -## -## Simulates these aliases: -## -##testlist: "|/home/mailman/mail/mailman post testlist" -##testlist-admin: "|/home/mailman/mail/mailman admin testlist" -##testlist-bounces: "|/home/mailman/mail/mailman bounces testlist" -##testlist-confirm: "|/home/mailman/mail/mailman confirm testlist" -##testlist-join: "|/home/mailman/mail/mailman join testlist" -##testlist-leave: "|/home/mailman/mail/mailman leave testlist" -##testlist-owner: "|/home/mailman/mail/mailman owner testlist" -##testlist-request: "|/home/mailman/mail/mailman request testlist" -##testlist-subscribe: "|/home/mailman/mail/mailman subscribe testlist" -##testlist-unsubscribe: "|/home/mailman/mail/mailman unsubscribe testlist" -##owner-testlist: testlist-owner - -## Some assembly required. -$MMWRAPPER = "/etc/mail/mailman"; -$MMLISTDIR = "/etc/mailman/lists"; -$SENDMAIL = "/usr/lib/sendmail -oem -oi"; -$VERSION = '$Id: mm-handler,v 1.2 2002/04/05 19:41:09 bwarsaw Exp $'; - -## Comment this if you offer local user addresses. -$NOUSERS = "\nPersonal e-mail addresses are not offered by this server."; - -# uncomment for debugging.... -#$DEBUG = 1; - -use FileHandle; -use Sys::Hostname; -use Socket; - -($VERS_STR = $VERSION) =~ s/^\$\S+\s+(\S+),v\s+(\S+\s+\S+\s+\S+).*/\1 \2/; - -$BOUNDARY = sprintf("%08x-%d", time, time % $$); - -## Informative, non-standard rejection letter -sub mail_error { - my ($in, $to, $list, $server, $reason) = @_; - my $sendmail; - - if ($server && $server ne "") { - $servname = $server; - } else { - $servname = "This server"; - $server = &get_ip_addr; - } - - #$sendmail = new FileHandle ">/tmp/mm-$$"; - $sendmail = new FileHandle "|$SENDMAIL $to"; - if (!defined($sendmail)) { - print STDERR "$0: cannot exec \"$SENDMAIL\"\n"; - exit (-1); - } - - $sendmail->print ("From: MAILER-DAEMON\@$server -To: $to -Subject: Returned mail: List unknown -Mime-Version: 1.0 -Content-type: multipart/mixed; boundary=\"$BOUNDARY\" -Content-Disposition: inline - ---$BOUNDARY -Content-Type: text/plain; charset=us-ascii -Content-Description: Error processing your mail -Content-Disposition: inline - -Your mail for $list could not be sent: - $reason - -For a list of publicly-advertised mailing lists hosted on this server, -visit this URL: - http://$server/ - -If this does not resolve your problem, you may write to: - postmaster\@$server -or - mailman-owner\@$server - - -$servname delivers e-mail to registered mailing lists -and to the administrative addresses defined and required by IETF -Request for Comments (RFC) 2142 [1]. -$NOUSERS - -The Internet Engineering Task Force [2] (IETF) oversees the development -of open standards for the Internet community, including the protocols -and formats employed by Internet mail systems. - -For your convenience, your original mail is attached. - - -[1] Crocker, D. \"Mailbox Names for Common Services, Roles and - Functions\". http://www.ietf.org/rfc/rfc2142.txt - -[2] http://www.ietf.org/ - ---$BOUNDARY -Content-Type: message/rfc822 -Content-Description: Your undelivered mail -Content-Disposition: attachment - -"); - - while ($_ = <$in>) { - $sendmail->print ($_); - } - - $sendmail->print ("\n"); - $sendmail->print ("--$BOUNDARY--\n"); - - close($sendmail); -} - -## Get my IP address, in case my sendmail doesn't tell me my name. -sub get_ip_addr { - my $host = hostname; - my $ip = gethostbyname($host); - return inet_ntoa($ip); -} - -## Split an address into its base list name and the appropriate command -## for the relevant function. -sub split_addr { - my ($addr) = @_; - my ($list, $cmd); - my @validfields = qw(admin bounces confirm join leave owner request - subscribe unsubscribe); - - if ($addr =~ /(.*)-(.*)\+.*$/) { - $list = $1; - $cmd = "$2"; - } else { - $addr =~ /(.*)-(.*)$/; - $list = $1; - $cmd = $2; - } - if (grep /^$cmd$/, @validfields) { - if ($list eq "owner") { - $list = $cmd; - $cmd = "owner"; - } - } else { - $list = $addr; - $cmd = "post"; - } - - return ($list, $cmd); -} - -## The time, formatted as for an mbox's "From_" line. -sub mboxdate { - my ($time) = @_; - my @days = qw(Sun Mon Tue Wed Thu Fri Sat); - my @months = qw(Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec); - my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = - localtime($time); - - ## Two-digit year handling complies with RFC 2822 (section 4.3), - ## with the addition that three-digit years are accommodated. - if ($year < 50) { - $year += 2000; - } elsif ($year < 1900) { - $year += 1900; - } - - return sprintf ("%s %s %2d %02d:%02d:%02d %d", - $days[$wday], $months[$mon], $mday, - $hour, $min, $sec, $year); -} - -BEGIN: { - $sender = undef; - $server = undef; - @to = (); - while ($#ARGV >= 0) { - if ($ARGV[0] eq "-r") { - $sender = $ARGV[1]; - shift @ARGV; - } elsif (!defined($server)) { - $server = $ARGV[0]; - } else { - push(@to, $ARGV[0]); - } - shift @ARGV; - } - - if ($DEBUG) { - $to = join(',', @to); - print STDERR "to: $to\n"; - print STDERR "sender: $sender\n"; - print STDERR "server: $server\n"; - exit(-1); - } - -ADDR: for $addr (@to) { - $prev = undef; - $list = $addr; - - $cmd= "post"; - if (! -f "$MMLISTDIR/$list/config.pck") { - ($list, $cmd) = &split_addr($list); - if (! -f "$MMLISTDIR/$list/config.pck") { - $was_to = $addr; - $was_to .= "\@$server" if ("$server" ne ""); - mail_error(\*STDIN, $sender, $was_to, $server, - "no list named \"$list\" is known by $server"); - next ADDR; - } - } - - $wrapper = new FileHandle "|$MMWRAPPER $cmd $list"; - if (!defined($wrapper)) { - ## Defer? - print STDERR "$0: cannot exec ", - "\"$MMWRAPPER $cmd $list\": deferring\n"; - exit (-1); - } - - # Don't need these without the "n" flag on the mailer def.... - #$date = &mboxdate(time); - #$wrapper->print ("From $sender $date\n"); - - # ...because we use these instead. - $from_ = ; - $wrapper->print ($from_); - - $wrapper->print ("X-Mailman-Handler: $VERSION\n"); - while () { - $wrapper->print ($_); - } - close($wrapper); - } -} diff --git a/testing/mailman/mail/sendmail.cf2 b/testing/mailman/mail/sendmail.cf2 deleted file mode 100644 index 612930f..0000000 --- a/testing/mailman/mail/sendmail.cf2 +++ /dev/null @@ -1,1825 +0,0 @@ -# -# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. -# All rights reserved. -# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. -# Copyright (c) 1988, 1993 -# The Regents of the University of California. All rights reserved. -# -# By using this file, you agree to the terms and conditions set -# forth in the LICENSE file which can be found at the top level of -# the sendmail distribution. -# -# - -###################################################################### -###################################################################### -##### -##### SENDMAIL CONFIGURATION FILE -##### -##### built by root@gibbons on Thu Nov 10 11:40:01 EST 2005 -##### in /etc/mail -##### using /usr/share/sendmail-cf/ as configuration include directory -##### -###################################################################### -##### -##### DO NOT EDIT THIS FILE! Only edit the source .mc file. -##### -###################################################################### -###################################################################### - -##### $Id: cfhead.m4,v 8.116 2004/01/28 22:02:22 ca Exp $ ##### -##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ ##### -##### setup for Red Hat Linux ##### -##### $Id: linux.m4,v 8.13 2000/09/17 17:30:00 gshapiro Exp $ ##### - - - -##### $Id: local_procmail.m4,v 8.22 2002/11/17 04:24:19 ca Exp $ ##### - - -##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### - -##### $Id: smrsh.m4,v 8.14 1999/11/18 05:06:23 ca Exp $ ##### - -##### $Id: mailertable.m4,v 8.25 2002/06/27 23:23:57 gshapiro Exp $ ##### - -##### $Id: virtusertable.m4,v 8.23 2002/06/27 23:23:57 gshapiro Exp $ ##### - -##### $Id: redirect.m4,v 8.15 1999/08/06 01:47:36 gshapiro Exp $ ##### - -##### $Id: always_add_domain.m4,v 8.11 2000/09/12 22:00:53 ca Exp $ ##### - -##### $Id: use_cw_file.m4,v 8.11 2001/08/26 20:58:57 gshapiro Exp $ ##### - - -##### $Id: use_ct_file.m4,v 8.11 2001/08/26 20:58:57 gshapiro Exp $ ##### - - -##### $Id: local_procmail.m4,v 8.22 2002/11/17 04:24:19 ca Exp $ ##### - -##### $Id: access_db.m4,v 8.26 2004/06/24 18:10:02 ca Exp $ ##### - -##### $Id: blacklist_recipients.m4,v 8.13 1999/04/02 02:25:13 gshapiro Exp $ ##### - -##### $Id: accept_unresolvable_domains.m4,v 8.10 1999/02/07 07:26:07 gshapiro Exp $ ##### - - -##### $Id: proto.m4,v 8.718 2005/08/24 18:07:23 ca Exp $ ##### - -# level 10 config file format -V10/Berkeley - -# override file safeties - setting this option compromises system security, -# addressing the actual file configuration problem is preferred -# need to set this before any file actions are encountered in the cf file -#O DontBlameSendmail=safe - -# default LDAP map specification -# need to set this now before any LDAP maps are defined -#O LDAPDefaultSpec=-h localhost - -################## -# local info # -################## - -# my LDAP cluster -# need to set this before any LDAP lookups are done (including classes) -#D{sendmailMTACluster}$m - -Cwlocalhost -# file containing names of hosts for which we receive email -Fw/etc/mail/local-host-names - -# my official domain name -# ... define this only if sendmail cannot automatically determine your domain -#Dj$w.Foo.COM - -# host/domain names ending with a token in class P are canonical -CP. - -# "Smart" relay host (may be null) -DS - - -# operators that cannot be in local usernames (i.e., network indicators) -CO @ % ! - -# a class with just dot (for identifying canonical names) -C.. - -# a class with just a left bracket (for identifying domain literals) -C[[ - -# access_db acceptance class -C{Accept}OK RELAY - - -C{ResOk}OKR - - -# Hosts for which relaying is permitted ($=R) -FR-o /etc/mail/relay-domains - -# arithmetic map -Karith arith -# macro storage map -Kmacro macro -# possible values for TLS_connection in access map -C{Tls}VERIFY ENCR - - - - - -# dequoting map -Kdequote dequote - -# class E: names that should be exposed as from this host, even if we masquerade -# class L: names that should be delivered locally, even if we have a relay -# class M: domains that should be converted to $M -# class N: domains that should not be converted to $M -#CL root -C{E}root -C{w}localhost.localdomain - - - -# my name for error messages -DnMAILER-DAEMON - - -# Mailer table (overriding domains) -Kmailertable hash -o /etc/mail/mailertable.db - -# Virtual user table (maps incoming users) -Kvirtuser hash -o /etc/mail/virtusertable.db - -CPREDIRECT - -# Access list database (for spam stomping) -Kaccess hash -T -o /etc/mail/access.db - -# Configuration version number -DZ8.13.5 - - -############### -# Options # -############### - -# strip message body to 7 bits on input? -O SevenBitInput=False - -# 8-bit data handling -#O EightBitMode=pass8 - -# wait for alias file rebuild (default units: minutes) -O AliasWait=10 - -# location of alias file -O AliasFile=/etc/aliases - -# minimum number of free blocks on filesystem -O MinFreeBlocks=100 - -# maximum message size -#O MaxMessageSize=0 - -# substitution for space (blank) characters -O BlankSub=. - -# avoid connecting to "expensive" mailers on initial submission? -O HoldExpensive=False - -# checkpoint queue runs after every N successful deliveries -#O CheckpointInterval=10 - -# default delivery mode -O DeliveryMode=background - -# error message header/file -#O ErrorHeader=/etc/mail/error-header - -# error mode -#O ErrorMode=print - -# save Unix-style "From_" lines at top of header? -#O SaveFromLine=False - -# queue file mode (qf files) -#O QueueFileMode=0600 - -# temporary file mode -O TempFileMode=0600 - -# match recipients against GECOS field? -#O MatchGECOS=False - -# maximum hop count -#O MaxHopCount=25 - -# location of help file -O HelpFile=/etc/mail/helpfile - -# ignore dots as terminators in incoming messages? -#O IgnoreDots=False - -# name resolver options -#O ResolverOptions=+AAONLY - -# deliver MIME-encapsulated error messages? -O SendMimeErrors=True - -# Forward file search path -O ForwardPath=$z/.forward.$w:$z/.forward - -# open connection cache size -O ConnectionCacheSize=2 - -# open connection cache timeout -O ConnectionCacheTimeout=5m - -# persistent host status directory -#O HostStatusDirectory=.hoststat - -# single thread deliveries (requires HostStatusDirectory)? -#O SingleThreadDelivery=False - -# use Errors-To: header? -O UseErrorsTo=False - -# log level -O LogLevel=9 - -# send to me too, even in an alias expansion? -#O MeToo=True - -# verify RHS in newaliases? -O CheckAliases=False - -# default messages to old style headers if no special punctuation? -O OldStyleHeaders=True - -# SMTP daemon options - -O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA - -# SMTP client options -#O ClientPortOptions=Family=inet, Address=0.0.0.0 - -# Modifiers to define {daemon_flags} for direct submissions -#O DirectSubmissionModifiers - -# Use as mail submission program? See sendmail/SECURITY -#O UseMSP - -# privacy flags -O PrivacyOptions=authwarnings,novrfy,noexpn,restrictqrun - -# who (if anyone) should get extra copies of error messages -#O PostmasterCopy=Postmaster - -# slope of queue-only function -#O QueueFactor=600000 - -# limit on number of concurrent queue runners -#O MaxQueueChildren - -# maximum number of queue-runners per queue-grouping with multiple queues -#O MaxRunnersPerQueue=1 - -# priority of queue runners (nice(3)) -#O NiceQueueRun - -# shall we sort the queue by hostname first? -#O QueueSortOrder=priority - -# minimum time in queue before retry -#O MinQueueAge=30m - -# how many jobs can you process in the queue? -#O MaxQueueRunSize=0 - -# perform initial split of envelope without checking MX records -#O FastSplit=1 - -# queue directory -O QueueDirectory=/var/spool/mqueue - -# key for shared memory; 0 to turn off -#O SharedMemoryKey=0 - - - -# timeouts (many of these) -#O Timeout.initial=5m -O Timeout.connect=1m -#O Timeout.aconnect=0s -#O Timeout.iconnect=5m -#O Timeout.helo=5m -#O Timeout.mail=10m -#O Timeout.rcpt=1h -#O Timeout.datainit=5m -#O Timeout.datablock=1h -#O Timeout.datafinal=1h -#O Timeout.rset=5m -#O Timeout.quit=2m -#O Timeout.misc=2m -#O Timeout.command=1h -O Timeout.ident=0 -#O Timeout.fileopen=60s -#O Timeout.control=2m -O Timeout.queuereturn=5d -#O Timeout.queuereturn.normal=5d -#O Timeout.queuereturn.urgent=2d -#O Timeout.queuereturn.non-urgent=7d -#O Timeout.queuereturn.dsn=5d -O Timeout.queuewarn=4h -#O Timeout.queuewarn.normal=4h -#O Timeout.queuewarn.urgent=1h -#O Timeout.queuewarn.non-urgent=12h -#O Timeout.queuewarn.dsn=4h -#O Timeout.hoststatus=30m -#O Timeout.resolver.retrans=5s -#O Timeout.resolver.retrans.first=5s -#O Timeout.resolver.retrans.normal=5s -#O Timeout.resolver.retry=4 -#O Timeout.resolver.retry.first=4 -#O Timeout.resolver.retry.normal=4 -#O Timeout.lhlo=2m -#O Timeout.auth=10m -#O Timeout.starttls=1h - -# time for DeliverBy; extension disabled if less than 0 -#O DeliverByMin=0 - -# should we not prune routes in route-addr syntax addresses? -#O DontPruneRoutes=False - -# queue up everything before forking? -O SuperSafe=True - -# status file -O StatusFile=/var/log/mail/statistics - -# time zone handling: -# if undefined, use system default -# if defined but null, use TZ envariable passed in -# if defined and non-null, use that info -#O TimeZoneSpec= - -# default UID (can be username or userid:groupid) -O DefaultUser=8:12 - -# list of locations of user database file (null means no lookup) -O UserDatabaseSpec=/etc/mail/userdb.db - -# fallback MX host -#O FallbackMXhost=fall.back.host.net - -# fallback smart host -#O FallbackSmartHost=fall.back.host.net - -# if we are the best MX host for a site, try it directly instead of config err -O TryNullMXList=true - -# load average at which we just queue messages -#O QueueLA=8 - -# load average at which we refuse connections -#O RefuseLA=12 - -# log interval when refusing connections for this long -#O RejectLogInterval=3h - -# load average at which we delay connections; 0 means no limit -#O DelayLA=0 - -# maximum number of children we allow at one time -#O MaxDaemonChildren=0 - -# maximum number of new connections per second -#O ConnectionRateThrottle=0 - -# Width of the window -#O ConnectionRateWindowSize=60s - -# work recipient factor -#O RecipientFactor=30000 - -# deliver each queued job in a separate process? -#O ForkEachJob=False - -# work class factor -#O ClassFactor=1800 - -# work time factor -#O RetryFactor=90000 - -# default character set -#O DefaultCharSet=unknown-8bit - -# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others) -#O ServiceSwitchFile=/etc/mail/service.switch - -# hosts file (normally /etc/hosts) -#O HostsFile=/etc/hosts - -# dialup line delay on connection failure -#O DialDelay=0s - -# action to take if there are no recipients in the message -#O NoRecipientAction=none - -# chrooted environment for writing to files -#O SafeFileEnvironment - -# are colons OK in addresses? -#O ColonOkInAddr=True - -# shall I avoid expanding CNAMEs (violates protocols)? -#O DontExpandCnames=False - -# SMTP initial login message (old $e macro) -O SmtpGreetingMessage=$j Sendmail $v/$Z; $b - -# UNIX initial From header format (old $l macro) -O UnixFromLine=From $g $d - -# From: lines that have embedded newlines are unwrapped onto one line -#O SingleLineFromHeader=False - -# Allow HELO SMTP command that does not include a host name -#O AllowBogusHELO=False - -# Characters to be quoted in a full name phrase (@,;:\()[] are automatic) -#O MustQuoteChars=. - -# delimiter (operator) characters (old $o macro) -O OperatorChars=.:%@!^/[]+ - -# shall I avoid calling initgroups(3) because of high NIS costs? -#O DontInitGroups=False - -# are group-writable :include: and .forward files (un)trustworthy? -# True (the default) means they are not trustworthy. -#O UnsafeGroupWrites=True - - -# where do errors that occur when sending errors get sent? -#O DoubleBounceAddress=postmaster - -# where to save bounces if all else fails -#O DeadLetterDrop=/var/tmp/dead.letter - -# what user id do we assume for the majority of the processing? -#O RunAsUser=sendmail - -# maximum number of recipients per SMTP envelope -#O MaxRecipientsPerMessage=0 - -# limit the rate recipients per SMTP envelope are accepted -# once the threshold number of recipients have been rejected -#O BadRcptThrottle=0 - -# shall we get local names from our installed interfaces? -O DontProbeInterfaces=true - -# Return-Receipt-To: header implies DSN request -#O RrtImpliesDsn=False - -# override connection address (for testing) -#O ConnectOnlyTo=0.0.0.0 - -# Trusted user for file ownership and starting the daemon -#O TrustedUser=root - -# Control socket for daemon management -#O ControlSocketName=/var/spool/mqueue/.control - -# Maximum MIME header length to protect MUAs -#O MaxMimeHeaderLength=0/0 - -# Maximum length of the sum of all headers -#O MaxHeadersLength=32768 - -# Maximum depth of alias recursion -#O MaxAliasRecursion=10 - -# location of pid file -#O PidFile=/var/run/sendmail.pid - -# Prefix string for the process title shown on 'ps' listings -#O ProcessTitlePrefix=prefix - -# Data file (df) memory-buffer file maximum size -#O DataFileBufferSize=4096 - -# Transcript file (xf) memory-buffer file maximum size -#O XscriptFileBufferSize=4096 - -# lookup type to find information about local mailboxes -#O MailboxDatabase=pw - -# override compile time flag REQUIRES_DIR_FSYNC -#O RequiresDirfsync=true - -# list of authentication mechanisms -#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 - -# Authentication realm -#O AuthRealm - -# default authentication information for outgoing connections -#O DefaultAuthInfo=/etc/mail/default-auth-info - -# SMTP AUTH flags -O AuthOptions=A - -# SMTP AUTH maximum encryption strength -#O AuthMaxBits - -# SMTP STARTTLS server options -#O TLSSrvOptions - -# Input mail filters -#O InputMailFilters - - -# CA directory -#O CACertPath -# CA file -#O CACertFile -# Server Cert -#O ServerCertFile -# Server private key -#O ServerKeyFile -# Client Cert -#O ClientCertFile -# Client private key -#O ClientKeyFile -# File containing certificate revocation lists -#O CRLFile -# DHParameters (only required if DSA/DH is used) -#O DHParameters -# Random data source (required for systems without /dev/urandom under OpenSSL) -#O RandFile - -############################ -# QUEUE GROUP DEFINITIONS # -############################ - - -########################### -# Message precedences # -########################### - -Pfirst-class=0 -Pspecial-delivery=100 -Plist=-30 -Pbulk=-60 -Pjunk=-100 - -##################### -# Trusted users # -##################### - -# this is equivalent to setting class "t" -Ft/etc/mail/trusted-users -Troot -Tdaemon -Tuucp - -######################### -# Format of headers # -######################### - -H?P?Return-Path: <$g> -HReceived: $?sfrom $s $.$?_($?s$|from $.$_) - $.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.) - $.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version} - (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u - for $u; $|; - $.$b -H?D?Resent-Date: $a -H?D?Date: $a -H?F?Resent-From: $?x$x <$g>$|$g$. -H?F?From: $?x$x <$g>$|$g$. -H?x?Full-Name: $x -# HPosted-Date: $a -# H?l?Received-Date: $b -H?M?Resent-Message-Id: <$t.$i@$j> -H?M?Message-Id: <$t.$i@$j> - -# -###################################################################### -###################################################################### -##### -##### REWRITING RULES -##### -###################################################################### -###################################################################### - -############################################ -### Ruleset 3 -- Name Canonicalization ### -############################################ -Scanonify=3 - -# handle null input (translate to <@> special case) -R$@ $@ <@> - -# strip group: syntax (not inside angle brackets!) and trailing semicolon -R$* $: $1 <@> mark addresses -R$* < $* > $* <@> $: $1 < $2 > $3 unmark -R@ $* <@> $: @ $1 unmark @host:... -R$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr -R$* :: $* <@> $: $1 :: $2 unmark node::addr -R:include: $* <@> $: :include: $1 unmark :include:... -R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon -R$* : $* <@> $: $2 strip colon if marked -R$* <@> $: $1 unmark -R$* ; $1 strip trailing semi -R$* < $+ :; > $* $@ $2 :; <@> catch -R$* < $* ; > $1 < $2 > bogus bracketed semi - -# null input now results from list:; syntax -R$@ $@ :; <@> - -# strip angle brackets -- note RFC733 heuristic to get innermost item -R$* $: < $1 > housekeeping <> -R$+ < $* > < $2 > strip excess on left -R< $* > $+ < $1 > strip excess on right -R<> $@ < @ > MAIL FROM:<> case -R< $+ > $: $1 remove housekeeping <> - -# strip route address <@a,@b,@c:user@d> -> -R@ $+ , $+ $2 -R@ [ $* ] : $+ $2 -R@ $+ : $+ $2 - -# find focus for list syntax -R $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax -R $+ : $* ; $@ $1 : $2; list syntax - -# find focus for @ syntax addresses -R$+ @ $+ $: $1 < @ $2 > focus on domain -R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right -R$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical - - -# convert old-style addresses to a domain-based address -R$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names -R$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps -R$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains - -# if we have % signs, take the rightmost one -R$* % $* $1 @ $2 First make them all @s. -R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last. -R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish - -# else we must be a local name -R$* $@ $>Canonify2 $1 - - -################################################ -### Ruleset 96 -- bottom half of ruleset 3 ### -################################################ - -SCanonify2=96 - -# handle special cases for local names -R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all -R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain -R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain - -# check for IPv4/IPv6 domain literal -R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr] -R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal -R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr - - - - - -# if really UUCP, handle it immediately - -# try UUCP traffic as a local address -R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3 -R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3 - -# hostnames ending in class P are always canonical -R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4 -R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4 -R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6 -R$* CC $* $| $* $: $3 -# pass to name server to make hostname canonical -R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4 -R$* $| $* $: $2 - -# local host aliases and pseudo-domains are always canonical -R$* < @ $=w > $* $: $1 < @ $2 . > $3 -R$* < @ $=M > $* $: $1 < @ $2 . > $3 -R$* < @ $={VirtHost} > $* $: $1 < @ $2 . > $3 -R$* < @ $* . . > $* $1 < @ $2 . > $3 - - -################################################## -### Ruleset 4 -- Final Output Post-rewriting ### -################################################## -Sfinal=4 - -R$+ :; <@> $@ $1 : handle -R$* <@> $@ handle <> and list:; - -# strip trailing dot off possibly canonical name -R$* < @ $+ . > $* $1 < @ $2 > $3 - -# eliminate internal code -R$* < @ *LOCAL* > $* $1 < @ $j > $2 - -# externalize local domain info -R$* < $+ > $* $1 $2 $3 defocus -R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 canonical -R@ $* $@ @ $1 ... and exit - -# UUCP must always be presented in old form -R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u - -# delete duplicate local names -R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host - - - -############################################################## -### Ruleset 97 -- recanonicalize and call ruleset zero ### -### (used for recursive calls) ### -############################################################## - -SRecurse=97 -R$* $: $>canonify $1 -R$* $@ $>parse $1 - - -###################################### -### Ruleset 0 -- Parse Address ### -###################################### - -Sparse=0 - -R$* $: $>Parse0 $1 initial parsing -R<@> $#local $: <@> special case error msgs -R$* $: $>ParseLocal $1 handle local hacks -R$* $: $>Parse1 $1 final parsing - -# -# Parse0 -- do initial syntax checking and eliminate local addresses. -# This should either return with the (possibly modified) input -# or return with a #error mailer. It should not return with a -# #mailer other than the #error mailer. -# - -SParse0 -R<@> $@ <@> special case error msgs -R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses" -R@ <@ $* > < @ $1 > catch "@@host" bogosity -R<@ $+> $#error $@ 5.1.3 $: "553 User address required" -R$+ <@> $#error $@ 5.1.3 $: "553 Hostname required" -R$* $: <> $1 -R<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4 -R<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4 -R<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address" -R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 -R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part" -R<> $* $1 -R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" -R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" -R$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address" -R$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address" -R$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address" - - -# now delete the local info -- note $=O to find characters that cause forwarding -R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user -R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ... -R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here -R< @ $+ > $#error $@ 5.1.3 $: "553 User address required" -R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ... -R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" -R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required" -R$* $=O $* < @ *LOCAL* > - $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ... -R$* < @ *LOCAL* > $: $1 - -# -# Parse1 -- the bottom half of ruleset 0. -# - -SParse1 - -# handle numeric address spec -R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec -R$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path -R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send -R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer -R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer - -# handle virtual users -R$+ $: $1 Mark for lookup -R $+ < @ $={VirtHost} . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . > -R $+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . > -R<@> $+ + $+ < @ $* . > - $: < $(virtuser $1 + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . > -R<@> $+ + $* < @ $* . > - $: < $(virtuser $1 + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . > -R<@> $+ + $* < @ $* . > - $: < $(virtuser $1 @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . > -R<@> $+ + $+ < @ $+ . > $: < $(virtuser + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . > -R<@> $+ + $* < @ $+ . > $: < $(virtuser + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . > -R<@> $+ + $* < @ $+ . > $: < $(virtuser @ $3 $@ $1 $@ $2 $@ +$2 $: ! $) > $1 + $2 < @ $3 . > -R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . > -R<@> $+ $: $1 -R $+ $: $1 -R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 -R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2 -R< $+ > $+ < @ $+ > $: $>Recurse $1 - -# short circuit local delivery so forwarded email works - - -R$=L < @ $=w . > $#local $: @ $1 special local names -R$+ < @ $=w . > $#local $: $1 regular local name - -# not local -- try mailer table lookup -R$* <@ $+ > $* $: < $2 > $1 < @ $2 > $3 extract host name -R< $+ . > $* $: < $1 > $2 strip trailing dot -R< $+ > $* $: < $(mailertable $1 $) > $2 lookup -R< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 check -- resolved? -R< $+ > $* $: $>Mailertable <$1> $2 try domain - -# resolve remotely connected UUCP links (if any) - -# resolve fake top level domains by forwarding to other hosts - - - -# pass names that still have a host to a smarthost (if defined) -R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name - -# deal with other remote names -R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain - -# handle locally delivered names -R$=L $#local $: @ $1 special local names -R$+ $#local $: $1 regular local names - -########################################################################### -### Ruleset 5 -- special rewriting after aliases have been expanded ### -########################################################################### - -SLocal_localaddr -Slocaladdr=5 -R$+ $: $1 $| $>"Local_localaddr" $1 -R$+ $| $#ok $@ $1 no change -R$+ $| $#$* $#$2 -R$+ $| $* $: $1 - - - - -# deal with plussed users so aliases work nicely -R$+ + * $#local $@ $&h $: $1 -R$+ + $* $#local $@ + $2 $: $1 + * - -# prepend an empty "forward host" on the front -R$+ $: <> $1 - - - -R< > $+ $: < > < $1 <> $&h > nope, restore +detail - -R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail -R< > < $+ <> $* > $: < > < $1 > else discard -R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part -R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra + -R< > < $+ > $@ $1 no +detail -R$+ $: $1 <> $&h add +detail back in - -R$+ <> + $* $: $1 + $2 check whether +detail -R$+ <> $* $: $1 else discard -R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension -R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension - -R< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 > - -R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 > - - -################################################################### -### Ruleset 90 -- try domain part of mailertable entry ### -################################################################### - -SMailertable=90 -R$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4 -R$* <$~[ : $* > $* $>MailerToTriple < $2 : $3 > $4 check -- resolved? -R$* < . $+ > $* $@ $>Mailertable $1 . <$2> $3 no -- strip & try again -R$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "." -R< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 "." found? -R< $* > $* $@ $2 no mailertable match - -################################################################### -### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ### -################################################################### - -SMailerToTriple=95 -R< > $* $@ $1 strip off null relay -R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 -R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2 -R< error : $+ > $* $#error $: $1 -R< local : $* > $* $>CanonLocal < $1 > $2 -R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user -R< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer -R< $=w > $* $@ $2 delete local host -R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer - -################################################################### -### Ruleset CanonLocal -- canonify local: syntax ### -################################################################### - -SCanonLocal -# strip local host from routed addresses -R< $* > < @ $+ > : $+ $@ $>Recurse $3 -R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4 - -# strip trailing dot from any host name that may appear -R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > - -# handle local: syntax -- use old user, either with or without host -R< > $* < @ $* > $* $#local $@ $1@$2 $: $1 -R< > $+ $#local $@ $1 $: $1 - -# handle local:user@host syntax -- ignore host part -R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 > - -# handle local:user syntax -R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1 -R< $+ > $* $#local $@ $2 $: $1 - -################################################################### -### Ruleset 93 -- convert header names to masqueraded form ### -################################################################### - -SMasqHdr=93 - - -# do not masquerade anything in class N -R$* < @ $* $=N . > $@ $1 < @ $2 $3 . > - -R$* < @ *LOCAL* > $@ $1 < @ $j . > - -################################################################### -### Ruleset 94 -- convert envelope names to masqueraded form ### -################################################################### - -SMasqEnv=94 -R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 - -################################################################### -### Ruleset 98 -- local part of ruleset zero (can be null) ### -################################################################### - -SParseLocal=98 - -# addresses sent to foo@host.REDIRECT will give a 551 error code -R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} > -R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT. > -R$* < @ $+ .REDIRECT. > < $- > $#error $@ 5.1.1 $: "551 User has moved; please try " <$1@$2> - - - - -###################################################################### -### D: LookUpDomain -- search for domain in access database -### -### Parameters: -### <$1> -- key (domain name) -### <$2> -- default (what to return if not found in db) -### <$3> -- mark (must be <(!|+) single-token>) -### ! does lookup only with tag -### + does lookup with and without tag -### <$4> -- passthru (additional data passed unchanged through) -###################################################################### - -SD -R<$*> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5> -R <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4> -R <[$+.$-]> <$+> <$- $-> <$*> $@ $>D <[$1]> <$3> <$4 $5> <$6> -R <[$+::$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6> -R <[$+:$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6> -R <$+.$+> <$+> <$- $-> <$*> $@ $>D <$2> <$3> <$4 $5> <$6> -R <$+> <$+> <$- $-> <$*> $@ <$2> <$5> -R<$* > <$+> <$+> <$- $-> <$*> $@ <> <$6> -R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6> - -###################################################################### -### A: LookUpAddress -- search for host address in access database -### -### Parameters: -### <$1> -- key (dot quadded host address) -### <$2> -- default (what to return if not found in db) -### <$3> -- mark (must be <(!|+) single-token>) -### ! does lookup only with tag -### + does lookup with and without tag -### <$4> -- passthru (additional data passed through) -###################################################################### - -SA -R<$+> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5> -R <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4> -R <$+::$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6> -R <$+:$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6> -R <$+.$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6> -R <$+> <$+> <$- $-> <$*> $@ <$2> <$5> -R<$* > <$+> <$+> <$- $-> <$*> $@ <> <$6> -R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6> - -###################################################################### -### CanonAddr -- Convert an address into a standard form for -### relay checking. Route address syntax is -### crudely converted into a %-hack address. -### -### Parameters: -### $1 -- full recipient address -### -### Returns: -### parsed address, not in source route form -###################################################################### - -SCanonAddr -R$* $: $>Parse0 $>canonify $1 make domain canonical - - -###################################################################### -### ParseRecipient -- Strip off hosts in $=R as well as possibly -### $* $=m or the access database. -### Check user portion for host separators. -### -### Parameters: -### $1 -- full recipient address -### -### Returns: -### parsed, non-local-relaying address -###################################################################### - -SParseRecipient -R$* $: $>CanonAddr $1 -R $* < @ $* . > $1 < @ $2 > strip trailing dots -R $- < @ $* > $: $(dequote $1 $) < @ $2 > dequote local part - -# if no $=O character, no host in the user portion, we are done -R $* $=O $* < @ $* > $: $1 $2 $3 < @ $4> -R $* $@ $1 - - -R $* < @ $* $=R > $: $1 < @ $2 $3 > -R $* < @ $+ > $: $>D <$2> <+ To> <$1 < @ $2 >> -R<$+> <$+> $: <$1> $2 - - - -R $* < @ $* > $@ $>ParseRecipient $1 -R<$+> $* $@ $2 - - -###################################################################### -### check_relay -- check hostname/address on SMTP startup -###################################################################### - - - -SLocal_check_relay -Scheck_relay -R$* $: $1 $| $>"Local_check_relay" $1 -R$* $| $* $| $#$* $#$3 -R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2 - -SBasic_check_relay -# check for deferred delivery mode -R$* $: < $&{deliveryMode} > $1 -R< d > $* $@ deferred -R< $* > $* $: $2 - -R$+ $| $+ $: $>D < $1 > <+ Connect> < $2 > -R $| $+ $: $>A < $1 > <+ Connect> <> empty client_name -R <$+> $: $>A < $1 > <+ Connect> <> no: another lookup -R <$*> $: OK found nothing -R<$={Accept}> <$*> $@ $1 return value of lookup -R <$*> $#error $@ 5.7.1 $: "550 Access denied" -R <$*> $#discard $: discard -R <$*> $#error $@ quarantine $: $1 -R <$*> $#error $@ $1.$2.$3 $: $4 -R <$*> $#error $: $1 -R<$* > <$*> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R<$+> <$*> $#error $: $1 - - - -###################################################################### -### check_mail -- check SMTP `MAIL FROM:' command argument -###################################################################### - -SLocal_check_mail -Scheck_mail -R$* $: $1 $| $>"Local_check_mail" $1 -R$* $| $#$* $#$2 -R$* $| $* $@ $>"Basic_check_mail" $1 - -SBasic_check_mail -# check for deferred delivery mode -R$* $: < $&{deliveryMode} > $1 -R< d > $* $@ deferred -R< $* > $* $: $2 - -# authenticated? -R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL -R$* $| $#$+ $#$2 -R$* $| $* $: $1 - -R<> $@ we MUST accept <> (RFC 1123) -R$+ $: $1 -R<$+> $: <@> <$1> -R$+ $: <@> <$1> -R$* $: $&{daemon_flags} $| $1 -R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 > -R$* u $* $| <@> < $* > $: < $3 > -R$* $| $* $: $2 -# handle case of @localhost on address -R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost > -R<@> < $* @ [127.0.0.1] > - $: < ? $&{client_name} > < $1 @ [127.0.0.1] > -R<@> < $* @ localhost.$m > - $: < ? $&{client_name} > < $1 @ localhost.$m > -R<@> < $* @ localhost.UUCP > - $: < ? $&{client_name} > < $1 @ localhost.UUCP > -R<@> $* $: $1 no localhost as domain -R $* $: $2 local client: ok -R <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address" -R $* $: $1 -R$* $: $>CanonAddr $1 canonify sender address and mark it -R $* < @ $+ . > $1 < @ $2 > strip trailing dots -# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) -R $* < @ $* $=P > $: $1 < @ $2 $3 > -R $* < @ $j > $: $1 < @ $j > -R $* < @ $+ > $: $1 < @ $2 > ... unresolvable OK - -# check sender address: user@address, user@, address -R<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $| -R<$+> $+ $: @<$1> <$2> $| -R@ <$+> <$*> $| <$+> $: <@> <$1> <$2> $| $>SearchList <+ From> $| <$3> <> -R<@> <$+> <$*> $| <$*> $: <$3> <$1> <$2> reverse result -# retransform for further use -R <$+> <$*> $: <$1> $2 no match -R<$+> <$+> <$*> $: <$1> $3 relevant result, keep it - -# handle case of no @domain on address -R $* $: $&{daemon_flags} $| $1 -R$* u $* $| $* $: $3 -R$* $| $* $: $2 -R $* $: < ? $&{client_addr} > $1 -R $* $@ ...local unqualed ok -R $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f - ...remote is not -# check results -R $* $: @ $1 mark address: nothing known about it -R<$={ResOk}> $* $@ domain ok: stop -R $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve" -R $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist" -R<$={Accept}> $* $# $1 accept from access map -R $* $#discard $: discard -R $* $#error $@ quarantine $: $1 -R $* $#error $@ 5.7.1 $: "550 Access denied" -R $* $#error $@ $1.$2.$3 $: $4 -R $* $#error $: $1 -R<> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R<$+> $* $#error $: $1 error from access db - -###################################################################### -### check_rcpt -- check SMTP `RCPT TO:' command argument -###################################################################### - -SLocal_check_rcpt -Scheck_rcpt -R$* $: $1 $| $>"Local_check_rcpt" $1 -R$* $| $#$* $#$2 -R$* $| $* $@ $>"Basic_check_rcpt" $1 - -SBasic_check_rcpt -# empty address? -R<> $#error $@ nouser $: "553 User address required" -R$@ $#error $@ nouser $: "553 User address required" -# check for deferred delivery mode -R$* $: < $&{deliveryMode} > $1 -R< d > $* $@ deferred -R< $* > $* $: $2 - - -###################################################################### -R$* $: $1 $| @ $>"Rcpt_ok" $1 -R$* $| @ $#TEMP $+ $: $1 $| T $2 -R$* $| @ $#$* $#$2 -R$* $| @ RELAY $@ RELAY -R$* $| @ $* $: O $| $>"Relay_ok" $1 -R$* $| T $+ $: T $2 $| $>"Relay_ok" $1 -R$* $| $#TEMP $+ $#error $2 -R$* $| $#$* $#$2 -R$* $| RELAY $@ RELAY -R T $+ $| $* $#error $1 -# anything else is bogus -R$* $#error $@ 5.7.1 $: "550 Relaying denied" - - -###################################################################### -### Rcpt_ok: is the recipient ok? -###################################################################### -SRcpt_ok -R$* $: $>ParseRecipient $1 strip relayable hosts - - - -# blacklist local users or any host from receiving mail -R$* $: $1 -R $+ < @ $=w > $: <> <$1 < @ $2 >> $| -R $+ < @ $* > $: <> <$1 < @ $2 >> $| -R $+ $: <> <$1> $| -R<> <$*> $| <$+> $: <@> <$1> $| $>SearchList <+ To> $| <$2> <> -R<@> <$*> $| <$*> $: <$2> <$1> reverse result -R <$*> $: @ $1 mark address as no match -R<$={Accept}> <$*> $: @ $2 mark address as no match - -R $* $#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient" -R $* $#discard $: discard -R $* $#error $@ quarantine $: $1 -R $* $#error $@ $1.$2.$3 $: $4 -R $* $#error $: $1 -R<> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R<$+> $* $#error $: $1 error from access db -R@ $* $1 remove mark - -# authenticated via TLS? -R$* $: $1 $| $>RelayTLS client authenticated? -R$* $| $# $+ $# $2 error/ok? -R$* $| $* $: $1 no - -R$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type} -R$* $| $# $* $# $2 -R$* $| NO $: $1 -R$* $| $* $: $1 $| $&{auth_type} -R$* $| $: $1 -R$* $| $={TrustAuthMech} $# RELAY -R$* $| $* $: $1 -# anything terminating locally is ok -R$+ < @ $=w > $@ RELAY -R$+ < @ $* $=R > $@ RELAY -R$+ < @ $+ > $: $>D <$2> <+ To> <$1 < @ $2 >> -R $* $@ RELAY -R<$* > $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R<$*> <$*> $: $2 - - - -# check for local user (i.e. unqualified address) -R$* $: $1 -R $* < @ $+ > $: $1 < @ $2 > -# local user is ok -R $+ $@ RELAY -R<$+> $* $: $2 - -###################################################################### -### Relay_ok: is the relay/sender ok? -###################################################################### -SRelay_ok -# anything originating locally is ok -# check IP address -R$* $: $&{client_addr} -R$@ $@ RELAY originated locally -R0 $@ RELAY originated locally -R127.0.0.1 $@ RELAY originated locally -RIPv6:::1 $@ RELAY originated locally -R$=R $* $@ RELAY relayable IP address -R$* $: $>A <$1> <+ Connect> <$1> -R $* $@ RELAY relayable IP address - -R<> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R<$*> <$*> $: $2 -R$* $: [ $1 ] put brackets around it... -R$=w $@ RELAY ... and see if it is local - - -# check client name: first: did it resolve? -R$* $: < $&{client_resolve} > -R $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr} -R $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name} -R $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name} -R$* $: <@> $&{client_name} -# pass to name server to make hostname canonical -R<@> $* $=P $: $1 $2 -R<@> $+ $: $[ $1 $] -R$* . $1 strip trailing dots -R $=w $@ RELAY -R $* $=R $@ RELAY -R $* $: $>D <$1> <+ Connect> <$1> -R $* $@ RELAY -R<$* > $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R<$*> <$*> $: $2 - - -###################################################################### -### F: LookUpFull -- search for an entry in access database -### -### lookup of full key (which should be an address) and -### variations if +detail exists: +* and without +detail -### -### Parameters: -### <$1> -- key -### <$2> -- default (what to return if not found in db) -### <$3> -- mark (must be <(!|+) single-token>) -### ! does lookup only with tag -### + does lookup with and without tag -### <$4> -- passthru (additional data passed unchanged through) -###################################################################### - -SF -R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5> -R <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4> -R <$+ + $* @ $+> <$*> <$- $-> <$*> - $: <$(access $6:$1+*@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7> -R <$+ + $* @ $+> <$*> <+ $-> <$*> - $: <$(access $1+*@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6> -R <$+ + $* @ $+> <$*> <$- $-> <$*> - $: <$(access $6:$1@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7> -R <$+ + $* @ $+> <$*> <+ $-> <$*> - $: <$(access $1@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6> -R <$+> <$*> <$- $-> <$*> $@ <$2> <$5> -R<$+ > <$*> <$- $-> <$*> $@ <> <$5> -R<$+> <$*> <$- $-> <$*> $@ <$1> <$5> - -###################################################################### -### E: LookUpExact -- search for an entry in access database -### -### Parameters: -### <$1> -- key -### <$2> -- default (what to return if not found in db) -### <$3> -- mark (must be <(!|+) single-token>) -### ! does lookup only with tag -### + does lookup with and without tag -### <$4> -- passthru (additional data passed unchanged through) -###################################################################### - -SE -R<$*> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5> -R <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4> -R <$+> <$*> <$- $-> <$*> $@ <$2> <$5> -R<$+ > <$*> <$- $-> <$*> $@ <> <$5> -R<$+> <$*> <$- $-> <$*> $@ <$1> <$5> - -###################################################################### -### U: LookUpUser -- search for an entry in access database -### -### lookup of key (which should be a local part) and -### variations if +detail exists: +* and without +detail -### -### Parameters: -### <$1> -- key (user@) -### <$2> -- default (what to return if not found in db) -### <$3> -- mark (must be <(!|+) single-token>) -### ! does lookup only with tag -### + does lookup with and without tag -### <$4> -- passthru (additional data passed unchanged through) -###################################################################### - -SU -R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5> -R <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4> -R <$+ + $* @> <$*> <$- $-> <$*> - $: <$(access $5:$1+*@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6> -R <$+ + $* @> <$*> <+ $-> <$*> - $: <$(access $1+*@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5> -R <$+ + $* @> <$*> <$- $-> <$*> - $: <$(access $5:$1@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6> -R <$+ + $* @> <$*> <+ $-> <$*> - $: <$(access $1@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5> -R <$+> <$*> <$- $-> <$*> $@ <$2> <$5> -R<$+ > <$*> <$- $-> <$*> $@ <> <$5> -R<$+> <$*> <$- $-> <$*> $@ <$1> <$5> - -###################################################################### -### SearchList: search a list of items in the access map -### Parameters: -### $| ... <> -### where "exact" is either "+" or "!": -### <+ TAG> lookup with and w/o tag -### lookup with tag -### possible values for "mark" are: -### D: recursive host lookup (LookUpDomain) -### E: exact lookup, no modifications -### F: full lookup, try user+ext@domain and user@domain -### U: user lookup, try user+ext and user (input must have trailing @) -### return: or (not found) -###################################################################### - -# class with valid marks for SearchList -C{Src}E F D U -SSearchList -# just call the ruleset with the name of the tag... nice trick... -R<$+> $| <$={Src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <$1> <> -R<$+> $| <> $| <> $@ -R<$+> $| <$+> $| <> $@ $>SearchList <$1> $| <$2> -R<$+> $| <$*> $| <$+> <> $@ <$3> -R<$+> $| <$+> $@ <$2> - - -###################################################################### -### trust_auth: is user trusted to authenticate as someone else? -### -### Parameters: -### $1: AUTH= parameter from MAIL command -###################################################################### - -SLocal_trust_auth -Strust_auth -R$* $: $&{auth_type} $| $1 -# required by RFC 2554 section 4. -R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated" -R$* $| $&{auth_authen} $@ identical -R$* $| <$&{auth_authen}> $@ identical -R$* $| $* $: $1 $| $>"Local_trust_auth" $2 -R$* $| $#$* $#$2 -R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author} - -###################################################################### -### Relay_Auth: allow relaying based on authentication? -### -### Parameters: -### $1: ${auth_type} -###################################################################### -SLocal_Relay_Auth - -###################################################################### -### srv_features: which features to offer to a client? -### (done in server) -###################################################################### -Ssrv_features -R$* $: $>D <$&{client_name}> <> -R$* $: $>A <$&{client_addr}> <> -R$* $: <$(access "Srv_Features": $: ? $)> -R$* $@ OK -R<$* >$* $#temp -R<$+>$* $# $1 - -###################################################################### -### try_tls: try to use STARTTLS? -### (done in client) -###################################################################### -Stry_tls -R$* $: $>D <$&{server_name}> <> -R$* $: $>A <$&{server_addr}> <> -R$* $: <$(access "Try_TLS": $: ? $)> -R$* $@ OK -R<$* >$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]" - -###################################################################### -### tls_rcpt: is connection with server "good" enough? -### (done in client, per recipient) -### -### Parameters: -### $1: recipient -###################################################################### -Stls_rcpt -R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1 -R$+ $: $>CanonAddr $1 -R $+ < @ $+ . > $1 <@ $2 > -R $+ < @ $+ > $: $1 <@ $2 > $| -R $+ $: $1 $| -R$* $| $+ $: $1 $| $>SearchList $| $2 <> -R$* $| $@ OK -R$* $| <$* > $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2> - -###################################################################### -### tls_client: is connection with client "good" enough? -### (done in server) -### -### Parameters: -### ${verify} $| (MAIL|STARTTLS) -###################################################################### -Stls_client -R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1 -R$* $| $* $: $1 $| $>D <$&{client_name}> <> -R$* $| $* $: $1 $| $>A <$&{client_addr}> <> -R$* $| $* $: $1 $| <$(access "TLS_Clt": $: ? $)> -R$* $| <$* > $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R$* $@ $>"TLS_connection" $1 - -###################################################################### -### tls_server: is connection with server "good" enough? -### (done in client) -### -### Parameter: -### ${verify} -###################################################################### -Stls_server -R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1 -R$* $: $1 $| $>D <$&{server_name}> <> -R$* $| $* $: $1 $| $>A <$&{server_addr}> <> -R$* $| $* $: $1 $| <$(access "TLS_Srv": $: ? $)> -R$* $| <$* > $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later." -R$* $@ $>"TLS_connection" $1 - -###################################################################### -### TLS_connection: is TLS connection "good" enough? -### -### Parameters: -### ${verify} $| [<>] -### Requirement: RHS from access map, may be ? for none. -###################################################################### -STLS_connection -R$* $| <$*>$* $: $1 $| <$2> -# create the appropriate error codes -R$* $| $: $1 $| <503:5.7.0> <$2 $3> -R$* $| $: $1 $| <403:4.7.0> <$2 $3> -R$* $| <$={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3> -# deal with TLS handshake failures: abort -RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed." -RSOFTWARE $| $* $#error $@ 4.7.0 $: "403 TLS handshake failed." -# deal with TLS protocol errors: abort -RPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed." -RPROTOCOL $| $* $#error $@ 4.7.0 $: "403 STARTTLS failed." -R$* $| <$*> $: <$2> <> $1 -R$* $| <$*> $: <$2> <$3> $1 -R$* $| <$*> <$={Tls}:$->$* $: <$2> <$3:$4> <> $1 -R$* $| <$*> <$={Tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1 -R$* $| $* $@ OK -# authentication required: give appropriate error -# other side did authenticate (via STARTTLS) -R<$*> <> OK $@ OK -R<$*> <$+> OK $: <$1> <$2> -R<$*> <$*> OK $: <$1> <$3> -R<$*> <$*> $* $: <$1> <$3> -R<$-:$+> <$*> $#error $@ $2 $: $1 " authentication required" -R<$-:$+> <$*> FAIL $#error $@ $2 $: $1 " authentication failed" -R<$-:$+> <$*> NO $#error $@ $2 $: $1 " not authenticated" -R<$-:$+> <$*> NOT $#error $@ $2 $: $1 " no authentication requested" -R<$-:$+> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS" -R<$-:$+> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4 -R<$*> <$*> $: <$1> <$3> $>max $&{cipher_bits} : $&{auth_ssf} -R<$*> <$*> $- $: <$1> <$2:$4> <$3> $(arith l $@ $4 $@ $2 $) -R<$-:$+><$-:$-> <$*> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3 -R<$-:$+><$-:$-> <$*> $* $: <$1:$2 ++ $5> -R<$-:$+ ++ > $@ OK -R<$-:$+ ++ $+ > $: <$1:$2> <$3> -R<$-:$+> < $+ ++ $+ > <$1:$2> <$3> <$4> -R<$-:$+> $+ $@ $>"TLS_req" $3 $| <$1:$2> - -###################################################################### -### TLS_req: check additional TLS requirements -### -### Parameters: [ ] $| <$-:$+> -### $-: SMTP reply code -### $+: Enhanced Status Code -###################################################################### -STLS_req -R $| $+ $@ OK -R $* $| <$+> $: $1 $| <$2> -R $* $| <$+> $@ $>"TLS_req" $1 $| <$2> -R $* $| <$-:$+> $#error $@ $4 $: $3 " CN " $&{cn_subject} " does not match " $1 -R $* $| <$+> $@ $>"TLS_req" $1 $| <$2> -R $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Subject " $&{cert_subject} " does not match " $1 -R $* $| <$+> $@ $>"TLS_req" $1 $| <$2> -R $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1 -ROK $@ OK - -###################################################################### -### max: return the maximum of two values separated by : -### -### Parameters: [$-]:[$-] -###################################################################### -Smax -R: $: 0 -R:$- $: $1 -R$-: $: $1 -R$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2 -RTRUE:$-:$- $: $2 -R$-:$-:$- $: $2 - - -###################################################################### -### RelayTLS: allow relaying based on TLS authentication -### -### Parameters: -### none -###################################################################### -SRelayTLS -# authenticated? -R$* $: $&{verify} -R OK $: OK authenticated: continue -R $* $@ NO not authenticated -R$* $: $&{cert_issuer} -R$+ $: $(access CERTISSUER:$1 $) -RRELAY $# RELAY -RSUBJECT $: <@> $&{cert_subject} -R<@> $+ $: <@> $(access CERTSUBJECT:$1 $) -R<@> RELAY $# RELAY -R$* $: NO - -###################################################################### -### authinfo: lookup authinfo in the access map -### -### Parameters: -### $1: {server_name} -### $2: {server_addr} -###################################################################### -Sauthinfo -R$* $: $1 $| $>D <$&{server_name}> <> -R$* $| $* $: $1 $| $>A <$&{server_addr}> <> -R$* $| $* $: $1 $| <$(access AuthInfo: $: ? $)> <> -R$* $| $* $@ no no authinfo available -R$* $| <$*> <> $# $2 - - - - - -# -###################################################################### -###################################################################### -##### -##### MAIL FILTER DEFINITIONS -##### -###################################################################### -###################################################################### - -# -###################################################################### -###################################################################### -##### -##### MAILER DEFINITIONS -##### -###################################################################### -###################################################################### - -##################################### -### SMTP Mailer specification ### -##################################### - -##### $Id: smtp.m4,v 8.64 2001/04/03 01:52:54 gshapiro Exp $ ##### - -# -# common sender and masquerading recipient rewriting -# -SMasqSMTP -R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified -R$+ $@ $1 < @ *LOCAL* > add local qualification - -# -# convert pseudo-domain addresses to real domain addresses -# -SPseudoToReal - -# pass s through -R< @ $+ > $* $@ < @ $1 > $2 resolve - -# output fake domains as user%fake@relay - -# do UUCP heuristics; note that these are shared with UUCP mailers -R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form -R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form - -# leave these in .UUCP form to avoid further tampering -R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. > -R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 > -R< $&h ! > $+ $@ $1 < @ $&h .UUCP. > -R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY -R$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part -R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY - - -# -# envelope sender rewriting -# -SEnvFromSMTP -R$+ $: $>PseudoToReal $1 sender/recipient common -R$* :; <@> $@ list:; special case -R$* $: $>MasqSMTP $1 qualify unqual'ed names -R$+ $: $>MasqEnv $1 do masquerading - - -# -# envelope recipient rewriting -- -# also header recipient if not masquerading recipients -# -SEnvToSMTP -R$+ $: $>PseudoToReal $1 sender/recipient common -R$+ $: $>MasqSMTP $1 qualify unqual'ed names -R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 - -# -# header sender and masquerading header recipient rewriting -# -SHdrFromSMTP -R$+ $: $>PseudoToReal $1 sender/recipient common -R:; <@> $@ list:; special case - -# do special header rewriting -R$* <@> $* $@ $1 <@> $2 pass null host through -R< @ $* > $* $@ < @ $1 > $2 pass route-addr through -R$* $: $>MasqSMTP $1 qualify unqual'ed names -R$+ $: $>MasqHdr $1 do masquerading - - -# -# relay mailer header masquerading recipient rewriting -# -SMasqRelay -R$+ $: $>MasqSMTP $1 -R$+ $: $>MasqHdr $1 - -Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040, - T=DNS/RFC822/SMTP, - A=TCP $h - - -######################*****############## -### PROCMAIL Mailer specification ### -##################*****################## - -##### $Id: procmail.m4,v 8.22 2001/11/12 23:11:34 ca Exp $ ##### - -Mprocmail, P=/usr/bin/procmail, F=DFMSPhnu9, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP, - T=DNS/RFC822/X-Unix, - A=procmail -Y -m $h $f $u - - -################################################## -### Local and Program Mailer specification ### -################################################## - -##### $Id: local.m4,v 8.59 2004/11/23 00:37:25 ca Exp $ ##### - -# -# Envelope sender rewriting -# -SEnvFromL -R<@> $n errors to mailer-daemon -R@ <@ $*> $n temporarily bypass Sun bogosity -R$+ $: $>AddDomain $1 add local domain if needed -R$* $: $>MasqEnv $1 do masquerading - -# -# Envelope recipient rewriting -# -SEnvToL -R$+ < @ $* > $: $1 strip host part - -# -# Header sender rewriting -# -SHdrFromL -R<@> $n errors to mailer-daemon -R@ <@ $*> $n temporarily bypass Sun bogosity -R$+ $: $>AddDomain $1 add local domain if needed -R$* $: $>MasqHdr $1 do masquerading - -# -# Header recipient rewriting -# -SHdrToL -R$+ $: $>AddDomain $1 add local domain if needed -R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 - -# -# Common code to add local domain name (only if always-add-domain) -# -SAddDomain -R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified - -R$+ $@ $1 < @ *LOCAL* > add local qualification - -Mlocal, P=/usr/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, - T=DNS/RFC822/X-Unix, - A=procmail -t -Y -a $h -d $u -Mprog, P=/usr/sbin/smrsh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/, - T=X-Unix/X-Unix/X-Unix, - A=smrsh -c $u - diff --git a/testing/mailman/mail/sendmail.mc b/testing/mailman/mail/sendmail.mc deleted file mode 100644 index 0bea58e..0000000 --- a/testing/mailman/mail/sendmail.mc +++ /dev/null @@ -1,172 +0,0 @@ -divert(-1)dnl -dnl # -dnl # This is the sendmail macro config file for m4. If you make changes to -dnl # /etc/mail/sendmail.mc, you will need to regenerate the -dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is -dnl # installed and then performing a -dnl # -dnl # make -C /etc/mail -dnl # -include(`/usr/share/sendmail-cf/m4/cf.m4')dnl -VERSIONID(`setup for Red Hat Linux')dnl -OSTYPE(`linux')dnl -dnl # -dnl # default logging level is 9, you might want to set it higher to -dnl # debug the configuration -dnl # -dnl define(`confLOG_LEVEL', `9')dnl -dnl # -dnl # Uncomment and edit the following line if your outgoing mail needs to -dnl # be sent out through an external mail server: -dnl # -dnl define(`SMART_HOST',`smtp.your.provider') -dnl # -define(`confDEF_USER_ID',``8:12'')dnl -dnl define(`confAUTO_REBUILD')dnl -define(`confTO_CONNECT', `1m')dnl -define(`confTRY_NULL_MX_LIST',true)dnl -define(`confDONT_PROBE_INTERFACES',true)dnl -define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl -define(`ALIAS_FILE', `/etc/aliases')dnl -define(`STATUS_FILE', `/var/log/mail/statistics')dnl -define(`UUCP_MAILER_MAX', `2000000')dnl -define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl -define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl -define(`confAUTH_OPTIONS', `A')dnl -dnl # -dnl # The following allows relaying if the user authenticates, and disallows -dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links -dnl # -dnl define(`confAUTH_OPTIONS', `A p')dnl -dnl # -dnl # PLAIN is the preferred plaintext authentication method and used by -dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do -dnl # use LOGIN. Other mechanisms should be used if the connection is not -dnl # guaranteed secure. -dnl # Please remember that saslauthd needs to be running for AUTH. -dnl # -dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl -dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl -dnl # -dnl # Rudimentary information on creating certificates for sendmail TLS: -dnl # cd /usr/share/ssl/certs; make sendmail.pem -dnl # Complete usage: -dnl # make -C /usr/share/ssl/certs usage -dnl # -dnl define(`confCACERT_PATH',`/etc/pki/tls/certs') -dnl define(`confCACERT',`/etc/pki/tls/certs/ca-bundle.crt') -dnl define(`confSERVER_CERT',`/etc/pki/tls/certs/sendmail.pem') -dnl define(`confSERVER_KEY',`/etc/pki/tls/certs/sendmail.pem') -dnl # -dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's -dnl # slapd, which requires the file to be readble by group ldap -dnl # -dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl -dnl # -dnl define(`confTO_QUEUEWARN', `4h')dnl -dnl define(`confTO_QUEUERETURN', `5d')dnl -dnl define(`confQUEUE_LA', `12')dnl -dnl define(`confREFUSE_LA', `18')dnl -define(`confTO_IDENT', `0')dnl -dnl FEATURE(delay_checks)dnl -FEATURE(`no_default_msa',`dnl')dnl -FEATURE(`smrsh',`/usr/sbin/smrsh')dnl -FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl -FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl -FEATURE(redirect)dnl -FEATURE(always_add_domain)dnl -FEATURE(use_cw_file)dnl -FEATURE(use_ct_file)dnl -dnl # -dnl # The following limits the number of processes sendmail can fork to accept -dnl # incoming messages or process its message queues to 12.) sendmail refuses -dnl # to accept connections once it has reached its quota of child processes. -dnl # -dnl define(`confMAX_DAEMON_CHILDREN', 12)dnl -dnl # -dnl # Limits the number of new connections per second. This caps the overhead -dnl # incurred due to forking new sendmail processes. May be useful against -dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address -dnl # limit would be useful but is not available as an option at this writing.) -dnl # -dnl define(`confCONNECTION_RATE_THROTTLE', 3)dnl -dnl # -dnl # The -t option will retry delivery if e.g. the user runs over his quota. -dnl # -FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl -FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl -FEATURE(`blacklist_recipients')dnl -EXPOSED_USER(`root')dnl -dnl # -dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment -dnl # the following 2 definitions and activate below in the MAILER section the -dnl # cyrusv2 mailer. -dnl # -dnl define(`confLOCAL_MAILER', `cyrusv2')dnl -dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl -dnl # -dnl # The following causes sendmail to only listen on the IPv4 loopback address -dnl # 127.0.0.1 and not on any other network devices. Remove the loopback -dnl # address restriction to accept email from the internet or intranet. -dnl # -DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl -dnl # -dnl # The following causes sendmail to additionally listen to port 587 for -dnl # mail from MUAs that authenticate. Roaming users who can't reach their -dnl # preferred sendmail daemon due to port 25 being blocked or redirected find -dnl # this useful. -dnl # -dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl -dnl # -dnl # The following causes sendmail to additionally listen to port 465, but -dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed -dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't -dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS -dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps -dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1. -dnl # -dnl # For this to work your OpenSSL certificates must be configured. -dnl # -dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl -dnl # -dnl # The following causes sendmail to additionally listen on the IPv6 loopback -dnl # device. Remove the loopback address restriction listen to the network. -dnl # -dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl -dnl # -dnl # enable both ipv6 and ipv4 in sendmail: -dnl # -dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6') -dnl # -dnl # We strongly recommend not accepting unresolvable domains if you want to -dnl # protect yourself from spam. However, the laptop and users on computers -dnl # that do not have 24x7 DNS do need this. -dnl # -FEATURE(`accept_unresolvable_domains')dnl -dnl # -dnl FEATURE(`relay_based_on_MX')dnl -dnl # -dnl # Also accept email sent to "localhost.localdomain" as local email. -dnl # -LOCAL_DOMAIN(`localhost.localdomain')dnl -dnl # -dnl # The following example makes mail from this host and any additional -dnl # specified domains appear to be sent from mydomain.com -dnl # -dnl MASQUERADE_AS(`mydomain.com')dnl -dnl # -dnl # masquerade not just the headers, but the envelope as well -dnl # -dnl FEATURE(masquerade_envelope)dnl -dnl # -dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well -dnl # -dnl FEATURE(masquerade_entire_domain)dnl -dnl # -dnl MASQUERADE_DOMAIN(localhost)dnl -dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl -dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl -dnl MASQUERADE_DOMAIN(mydomain.lan)dnl -MAILER(smtp)dnl -MAILER(procmail)dnl -dnl MAILER(cyrusv2)dnl diff --git a/testing/mailman/mail/submit.cf.bak b/testing/mailman/mail/submit.cf.bak deleted file mode 100644 index 99688b1..0000000 --- a/testing/mailman/mail/submit.cf.bak +++ /dev/null @@ -1,1459 +0,0 @@ -# -# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers. -# All rights reserved. -# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. -# Copyright (c) 1988, 1993 -# The Regents of the University of California. All rights reserved. -# -# By using this file, you agree to the terms and conditions set -# forth in the LICENSE file which can be found at the top level of -# the sendmail distribution. -# -# - -###################################################################### -###################################################################### -##### -##### SENDMAIL CONFIGURATION FILE -##### -##### built by bhcompile@porky.build.redhat.com on Mon Sep 19 07:13:43 EDT 2005 -##### in /usr/src/build/614338-i386/BUILD/sendmail-8.13.5/cf/cf -##### using ../ as configuration include directory -##### -###################################################################### -##### -##### DO NOT EDIT THIS FILE! Only edit the source .mc file. -##### -###################################################################### -###################################################################### - -##### $Id: cfhead.m4,v 8.116 2004/01/28 22:02:22 ca Exp $ ##### -##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ ##### - -##### linux setup for Red Hat Linux ##### -##### $Id: use_ct_file.m4,v 8.11 2001/08/26 20:58:57 gshapiro Exp $ ##### - -##### $Id: msp.m4,v 1.33 2004/02/09 22:32:38 ca Exp $ ##### - -##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ ##### - - -##### $Id: proto.m4,v 8.718 2005/08/24 18:07:23 ca Exp $ ##### - -# level 10 config file format -V10/Berkeley - -# override file safeties - setting this option compromises system security, -# addressing the actual file configuration problem is preferred -# need to set this before any file actions are encountered in the cf file -#O DontBlameSendmail=safe - -# default LDAP map specification -# need to set this now before any LDAP maps are defined -#O LDAPDefaultSpec=-h localhost - -################## -# local info # -################## - -# my LDAP cluster -# need to set this before any LDAP lookups are done (including classes) -#D{sendmailMTACluster}$m - -Cwlocalhost - -# my official domain name -# ... define this only if sendmail cannot automatically determine your domain -#Dj$w.Foo.COM - -# host/domain names ending with a token in class P are canonical -CP. - -# "Smart" relay host (may be null) -DS - - -# operators that cannot be in local usernames (i.e., network indicators) -CO @ % ! - -# a class with just dot (for identifying canonical names) -C.. - -# a class with just a left bracket (for identifying domain literals) -C[[ - - -# Resolve map (to check if a host exists in check_mail) -Kresolve host -a -T -C{ResOk}OKR - - -# Hosts for which relaying is permitted ($=R) -FR-o /etc/mail/relay-domains - -# arithmetic map -Karith arith - - - - - -# dequoting map -Kdequote dequote - -# class E: names that should be exposed as from this host, even if we masquerade -# class L: names that should be delivered locally, even if we have a relay -# class M: domains that should be converted to $M -# class N: domains that should not be converted to $M -#CL root - - - -# my name for error messages -DnMAILER-DAEMON - - -D{MTAHost}[127.0.0.1] - - -# Configuration version number -DZ8.13.5/Submit - - -############### -# Options # -############### - -# strip message body to 7 bits on input? -O SevenBitInput=False - -# 8-bit data handling -#O EightBitMode=pass8 - -# wait for alias file rebuild (default units: minutes) -O AliasWait=10 - -# location of alias file -#O AliasFile=/etc/mail/aliases - -# minimum number of free blocks on filesystem -O MinFreeBlocks=100 - -# maximum message size -#O MaxMessageSize=0 - -# substitution for space (blank) characters -O BlankSub=. - -# avoid connecting to "expensive" mailers on initial submission? -O HoldExpensive=False - -# checkpoint queue runs after every N successful deliveries -#O CheckpointInterval=10 - -# default delivery mode -O DeliveryMode=i - -# error message header/file -#O ErrorHeader=/etc/mail/error-header - -# error mode -#O ErrorMode=print - -# save Unix-style "From_" lines at top of header? -#O SaveFromLine=False - -# queue file mode (qf files) -O QueueFileMode=0660 - -# temporary file mode -O TempFileMode=0600 - -# match recipients against GECOS field? -#O MatchGECOS=False - -# maximum hop count -#O MaxHopCount=25 - -# location of help file -O HelpFile=/etc/mail/helpfile - -# ignore dots as terminators in incoming messages? -#O IgnoreDots=False - -# name resolver options -#O ResolverOptions=+AAONLY - -# deliver MIME-encapsulated error messages? -O SendMimeErrors=True - -# Forward file search path -O ForwardPath - -# open connection cache size -O ConnectionCacheSize=2 - -# open connection cache timeout -O ConnectionCacheTimeout=5m - -# persistent host status directory -#O HostStatusDirectory=.hoststat - -# single thread deliveries (requires HostStatusDirectory)? -#O SingleThreadDelivery=False - -# use Errors-To: header? -O UseErrorsTo=False - -# log level -O LogLevel=9 - -# send to me too, even in an alias expansion? -#O MeToo=True - -# verify RHS in newaliases? -O CheckAliases=False - -# default messages to old style headers if no special punctuation? -O OldStyleHeaders=True - -# SMTP daemon options - -O DaemonPortOptions=Name=NoMTA, Addr=127.0.0.1, M=E - -# SMTP client options -#O ClientPortOptions=Family=inet, Address=0.0.0.0 - -# Modifiers to define {daemon_flags} for direct submissions -#O DirectSubmissionModifiers - -# Use as mail submission program? See sendmail/SECURITY -O UseMSP=True - -# privacy flags -O PrivacyOptions=goaway,noetrn,restrictqrun - -# who (if anyone) should get extra copies of error messages -#O PostmasterCopy=Postmaster - -# slope of queue-only function -#O QueueFactor=600000 - -# limit on number of concurrent queue runners -#O MaxQueueChildren - -# maximum number of queue-runners per queue-grouping with multiple queues -#O MaxRunnersPerQueue=1 - -# priority of queue runners (nice(3)) -#O NiceQueueRun - -# shall we sort the queue by hostname first? -#O QueueSortOrder=priority - -# minimum time in queue before retry -#O MinQueueAge=30m - -# how many jobs can you process in the queue? -#O MaxQueueRunSize=0 - -# perform initial split of envelope without checking MX records -#O FastSplit=1 - -# queue directory -O QueueDirectory=/var/spool/clientmqueue - -# key for shared memory; 0 to turn off -#O SharedMemoryKey=0 - - - -# timeouts (many of these) -#O Timeout.initial=5m -#O Timeout.connect=5m -#O Timeout.aconnect=0s -#O Timeout.iconnect=5m -#O Timeout.helo=5m -#O Timeout.mail=10m -#O Timeout.rcpt=1h -#O Timeout.datainit=5m -#O Timeout.datablock=1h -#O Timeout.datafinal=1h -#O Timeout.rset=5m -#O Timeout.quit=2m -#O Timeout.misc=2m -#O Timeout.command=1h -#O Timeout.ident=5s -#O Timeout.fileopen=60s -#O Timeout.control=2m -O Timeout.queuereturn=5d -#O Timeout.queuereturn.normal=5d -#O Timeout.queuereturn.urgent=2d -#O Timeout.queuereturn.non-urgent=7d -#O Timeout.queuereturn.dsn=5d -O Timeout.queuewarn=4h -#O Timeout.queuewarn.normal=4h -#O Timeout.queuewarn.urgent=1h -#O Timeout.queuewarn.non-urgent=12h -#O Timeout.queuewarn.dsn=4h -#O Timeout.hoststatus=30m -#O Timeout.resolver.retrans=5s -#O Timeout.resolver.retrans.first=5s -#O Timeout.resolver.retrans.normal=5s -#O Timeout.resolver.retry=4 -#O Timeout.resolver.retry.first=4 -#O Timeout.resolver.retry.normal=4 -#O Timeout.lhlo=2m -#O Timeout.auth=10m -#O Timeout.starttls=1h - -# time for DeliverBy; extension disabled if less than 0 -#O DeliverByMin=0 - -# should we not prune routes in route-addr syntax addresses? -#O DontPruneRoutes=False - -# queue up everything before forking? -O SuperSafe=True - -# status file -O StatusFile=/var/spool/clientmqueue/sm-client.st - -# time zone handling: -# if undefined, use system default -# if defined but null, use TZ envariable passed in -# if defined and non-null, use that info -O TimeZoneSpec= - -# default UID (can be username or userid:groupid) -#O DefaultUser=mailnull - -# list of locations of user database file (null means no lookup) -#O UserDatabaseSpec=/etc/mail/userdb - -# fallback MX host -#O FallbackMXhost=fall.back.host.net - -# fallback smart host -#O FallbackSmartHost=fall.back.host.net - -# if we are the best MX host for a site, try it directly instead of config err -#O TryNullMXList=False - -# load average at which we just queue messages -#O QueueLA=8 - -# load average at which we refuse connections -#O RefuseLA=12 - -# log interval when refusing connections for this long -#O RejectLogInterval=3h - -# load average at which we delay connections; 0 means no limit -#O DelayLA=0 - -# maximum number of children we allow at one time -#O MaxDaemonChildren=0 - -# maximum number of new connections per second -#O ConnectionRateThrottle=0 - -# Width of the window -#O ConnectionRateWindowSize=60s - -# work recipient factor -#O RecipientFactor=30000 - -# deliver each queued job in a separate process? -#O ForkEachJob=False - -# work class factor -#O ClassFactor=1800 - -# work time factor -#O RetryFactor=90000 - -# default character set -#O DefaultCharSet=unknown-8bit - -# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others) -#O ServiceSwitchFile=/etc/mail/service.switch - -# hosts file (normally /etc/hosts) -#O HostsFile=/etc/hosts - -# dialup line delay on connection failure -#O DialDelay=0s - -# action to take if there are no recipients in the message -#O NoRecipientAction=none - -# chrooted environment for writing to files -#O SafeFileEnvironment - -# are colons OK in addresses? -#O ColonOkInAddr=True - -# shall I avoid expanding CNAMEs (violates protocols)? -#O DontExpandCnames=False - -# SMTP initial login message (old $e macro) -O SmtpGreetingMessage=$j Sendmail $v/$Z; $b - -# UNIX initial From header format (old $l macro) -O UnixFromLine=From $g $d - -# From: lines that have embedded newlines are unwrapped onto one line -#O SingleLineFromHeader=False - -# Allow HELO SMTP command that does not include a host name -#O AllowBogusHELO=False - -# Characters to be quoted in a full name phrase (@,;:\()[] are automatic) -#O MustQuoteChars=. - -# delimiter (operator) characters (old $o macro) -O OperatorChars=.:%@!^/[]+ - -# shall I avoid calling initgroups(3) because of high NIS costs? -O DontInitGroups=True - -# are group-writable :include: and .forward files (un)trustworthy? -# True (the default) means they are not trustworthy. -#O UnsafeGroupWrites=True - - -# where do errors that occur when sending errors get sent? -#O DoubleBounceAddress=postmaster - -# where to save bounces if all else fails -#O DeadLetterDrop=/var/tmp/dead.letter - -# what user id do we assume for the majority of the processing? -O RunAsUser=smmsp - -# maximum number of recipients per SMTP envelope -#O MaxRecipientsPerMessage=0 - -# limit the rate recipients per SMTP envelope are accepted -# once the threshold number of recipients have been rejected -#O BadRcptThrottle=0 - -# shall we get local names from our installed interfaces? -O DontProbeInterfaces=True - -# Return-Receipt-To: header implies DSN request -#O RrtImpliesDsn=False - -# override connection address (for testing) -#O ConnectOnlyTo=0.0.0.0 - -# Trusted user for file ownership and starting the daemon -O TrustedUser=smmsp - -# Control socket for daemon management -#O ControlSocketName=/var/spool/mqueue/.control - -# Maximum MIME header length to protect MUAs -#O MaxMimeHeaderLength=0/0 - -# Maximum length of the sum of all headers -#O MaxHeadersLength=32768 - -# Maximum depth of alias recursion -#O MaxAliasRecursion=10 - -# location of pid file -O PidFile=/var/run/sm-client.pid - -# Prefix string for the process title shown on 'ps' listings -#O ProcessTitlePrefix=prefix - -# Data file (df) memory-buffer file maximum size -#O DataFileBufferSize=4096 - -# Transcript file (xf) memory-buffer file maximum size -#O XscriptFileBufferSize=4096 - -# lookup type to find information about local mailboxes -#O MailboxDatabase=pw - -# override compile time flag REQUIRES_DIR_FSYNC -#O RequiresDirfsync=true - -# list of authentication mechanisms -#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 - -# Authentication realm -#O AuthRealm - -# default authentication information for outgoing connections -#O DefaultAuthInfo=/etc/mail/default-auth-info - -# SMTP AUTH flags -#O AuthOptions - -# SMTP AUTH maximum encryption strength -#O AuthMaxBits - -# SMTP STARTTLS server options -#O TLSSrvOptions - -# Input mail filters -#O InputMailFilters - - -# CA directory -#O CACertPath -# CA file -#O CACertFile -# Server Cert -#O ServerCertFile -# Server private key -#O ServerKeyFile -# Client Cert -#O ClientCertFile -# Client private key -#O ClientKeyFile -# File containing certificate revocation lists -#O CRLFile -# DHParameters (only required if DSA/DH is used) -#O DHParameters -# Random data source (required for systems without /dev/urandom under OpenSSL) -#O RandFile - -############################ -# QUEUE GROUP DEFINITIONS # -############################ - - -########################### -# Message precedences # -########################### - -Pfirst-class=0 -Pspecial-delivery=100 -Plist=-30 -Pbulk=-60 -Pjunk=-100 - -##################### -# Trusted users # -##################### - -# this is equivalent to setting class "t" -Ft/etc/mail/trusted-users -Troot -Tdaemon -Tuucp - -######################### -# Format of headers # -######################### - -H?P?Return-Path: <$g> -HReceived: $?sfrom $s $.$?_($?s$|from $.$_) - $.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.) - $.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version} - (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u - for $u; $|; - $.$b -H?D?Resent-Date: $a -H?D?Date: $a -H?F?Resent-From: $?x$x <$g>$|$g$. -H?F?From: $?x$x <$g>$|$g$. -H?x?Full-Name: $x -# HPosted-Date: $a -# H?l?Received-Date: $b -H?M?Resent-Message-Id: <$t.$i@$j> -H?M?Message-Id: <$t.$i@$j> - -# -###################################################################### -###################################################################### -##### -##### REWRITING RULES -##### -###################################################################### -###################################################################### - -############################################ -### Ruleset 3 -- Name Canonicalization ### -############################################ -Scanonify=3 - -# handle null input (translate to <@> special case) -R$@ $@ <@> - -# strip group: syntax (not inside angle brackets!) and trailing semicolon -R$* $: $1 <@> mark addresses -R$* < $* > $* <@> $: $1 < $2 > $3 unmark -R@ $* <@> $: @ $1 unmark @host:... -R$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr -R$* :: $* <@> $: $1 :: $2 unmark node::addr -R:include: $* <@> $: :include: $1 unmark :include:... -R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon -R$* : $* <@> $: $2 strip colon if marked -R$* <@> $: $1 unmark -R$* ; $1 strip trailing semi -R$* < $+ :; > $* $@ $2 :; <@> catch -R$* < $* ; > $1 < $2 > bogus bracketed semi - -# null input now results from list:; syntax -R$@ $@ :; <@> - -# strip angle brackets -- note RFC733 heuristic to get innermost item -R$* $: < $1 > housekeeping <> -R$+ < $* > < $2 > strip excess on left -R< $* > $+ < $1 > strip excess on right -R<> $@ < @ > MAIL FROM:<> case -R< $+ > $: $1 remove housekeeping <> - -# strip route address <@a,@b,@c:user@d> -> -R@ $+ , $+ $2 -R@ [ $* ] : $+ $2 -R@ $+ : $+ $2 - -# find focus for list syntax -R $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax -R $+ : $* ; $@ $1 : $2; list syntax - -# find focus for @ syntax addresses -R$+ @ $+ $: $1 < @ $2 > focus on domain -R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right -R$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical - - -# convert old-style addresses to a domain-based address -R$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names -R$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps -R$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains - -# convert node::user addresses into a domain-based address -R$- :: $+ $@ $>Canonify2 $2 < @ $1 .DECNET > resolve DECnet names -R$- . $- :: $+ $@ $>Canonify2 $3 < @ $1.$2 .DECNET > numeric DECnet addr - -# if we have % signs, take the rightmost one -R$* % $* $1 @ $2 First make them all @s. -R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last. -R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish - -# else we must be a local name -R$* $@ $>Canonify2 $1 - - -################################################ -### Ruleset 96 -- bottom half of ruleset 3 ### -################################################ - -SCanonify2=96 - -# handle special cases for local names -R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all -R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain -R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain - -# check for IPv4/IPv6 domain literal -R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr] -R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal -R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr - - - - - -# if really UUCP, handle it immediately - -# try UUCP traffic as a local address -R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3 -R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3 - -# hostnames ending in class P are always canonical -R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4 -R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4 -R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6 -R$* CC $* $| $* $: $3 -# pass to name server to make hostname canonical -R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4 -R$* $| $* $: $2 - -# local host aliases and pseudo-domains are always canonical -R$* < @ $=w > $* $: $1 < @ $2 . > $3 -R$* < @ $=M > $* $: $1 < @ $2 . > $3 -R$* < @ $* . . > $* $1 < @ $2 . > $3 - - -################################################## -### Ruleset 4 -- Final Output Post-rewriting ### -################################################## -Sfinal=4 - -R$+ :; <@> $@ $1 : handle -R$* <@> $@ handle <> and list:; - -# strip trailing dot off possibly canonical name -R$* < @ $+ . > $* $1 < @ $2 > $3 - -# eliminate internal code -R$* < @ *LOCAL* > $* $1 < @ $j > $2 - -# externalize local domain info -R$* < $+ > $* $1 $2 $3 defocus -R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 canonical -R@ $* $@ @ $1 ... and exit - -# UUCP must always be presented in old form -R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u - -# put DECnet back in :: form -R$+ @ $+ . DECNET $2 :: $1 u@h.DECNET => h::u -# delete duplicate local names -R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host - - - -############################################################## -### Ruleset 97 -- recanonicalize and call ruleset zero ### -### (used for recursive calls) ### -############################################################## - -SRecurse=97 -R$* $: $>canonify $1 -R$* $@ $>parse $1 - - -###################################### -### Ruleset 0 -- Parse Address ### -###################################### - -Sparse=0 - -R$* $: $>Parse0 $1 initial parsing -R<@> $#local $: <@> special case error msgs -R$* $: $>ParseLocal $1 handle local hacks -R$* $: $>Parse1 $1 final parsing - -# -# Parse0 -- do initial syntax checking and eliminate local addresses. -# This should either return with the (possibly modified) input -# or return with a #error mailer. It should not return with a -# #mailer other than the #error mailer. -# - -SParse0 -R<@> $@ <@> special case error msgs -R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses" -R@ <@ $* > < @ $1 > catch "@@host" bogosity -R<@ $+> $#error $@ 5.1.3 $: "553 User address required" -R$+ <@> $#error $@ 5.1.3 $: "553 Hostname required" -R$* $: <> $1 -R<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4 -R<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4 -R<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address" -R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 -R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part" -R<> $* $1 -R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" -R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" -R$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address" -R$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address" -R$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address" - - -# now delete the local info -- note $=O to find characters that cause forwarding -R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user -R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ... -R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here -R< @ $+ > $#error $@ 5.1.3 $: "553 User address required" -R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ... -R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" -R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required" -R$* $=O $* < @ *LOCAL* > - $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ... -R$* < @ *LOCAL* > $: $1 - -# -# Parse1 -- the bottom half of ruleset 0. -# - -SParse1 - -# handle numeric address spec -R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec -R$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path -R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send -R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer -R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer - - -# short circuit local delivery so forwarded email works - - -R$=L < @ $=w . > $#local $: @ $1 special local names -R$+ < @ $=w . > $#local $: $1 regular local name - - -# resolve remotely connected UUCP links (if any) - -# resolve fake top level domains by forwarding to other hosts - - - -# pass names that still have a host to a smarthost (if defined) -R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name - -# deal with other remote names -R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain - -# handle locally delivered names -R$=L $#local $: @ $1 special local names -R$+ $#local $: $1 regular local names - -########################################################################### -### Ruleset 5 -- special rewriting after aliases have been expanded ### -########################################################################### - -SLocal_localaddr -Slocaladdr=5 -R$+ $: $1 $| $>"Local_localaddr" $1 -R$+ $| $#ok $@ $1 no change -R$+ $| $#$* $#$2 -R$+ $| $* $: $1 - - - - -# deal with plussed users so aliases work nicely -R$+ + * $#local $@ $&h $: $1 -R$+ + $* $#local $@ + $2 $: $1 + * - -# prepend an empty "forward host" on the front -R$+ $: <> $1 - - - -R< > $+ $: < > < $1 <> $&h > nope, restore +detail - -R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail -R< > < $+ <> $* > $: < > < $1 > else discard -R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part -R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra + -R< > < $+ > $@ $1 no +detail -R$+ $: $1 <> $&h add +detail back in - -R$+ <> + $* $: $1 + $2 check whether +detail -R$+ <> $* $: $1 else discard -R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension -R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension - -R< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 > - -R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 > - - -################################################################### -### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ### -################################################################### - -SMailerToTriple=95 -R< > $* $@ $1 strip off null relay -R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 -R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2 -R< error : $+ > $* $#error $: $1 -R< local : $* > $* $>CanonLocal < $1 > $2 -R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user -R< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer -R< $=w > $* $@ $2 delete local host -R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer - -################################################################### -### Ruleset CanonLocal -- canonify local: syntax ### -################################################################### - -SCanonLocal -# strip local host from routed addresses -R< $* > < @ $+ > : $+ $@ $>Recurse $3 -R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4 - -# strip trailing dot from any host name that may appear -R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > - -# handle local: syntax -- use old user, either with or without host -R< > $* < @ $* > $* $#local $@ $1@$2 $: $1 -R< > $+ $#local $@ $1 $: $1 - -# handle local:user@host syntax -- ignore host part -R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 > - -# handle local:user syntax -R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1 -R< $+ > $* $#local $@ $2 $: $1 - -################################################################### -### Ruleset 93 -- convert header names to masqueraded form ### -################################################################### - -SMasqHdr=93 - - -# do not masquerade anything in class N -R$* < @ $* $=N . > $@ $1 < @ $2 $3 . > - -R$* < @ *LOCAL* > $@ $1 < @ $j . > - -################################################################### -### Ruleset 94 -- convert envelope names to masqueraded form ### -################################################################### - -SMasqEnv=94 -R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 - -################################################################### -### Ruleset 98 -- local part of ruleset zero (can be null) ### -################################################################### - -SParseLocal=98 - - - - -###################################################################### -### CanonAddr -- Convert an address into a standard form for -### relay checking. Route address syntax is -### crudely converted into a %-hack address. -### -### Parameters: -### $1 -- full recipient address -### -### Returns: -### parsed address, not in source route form -###################################################################### - -SCanonAddr -R$* $: $>Parse0 $>canonify $1 make domain canonical - - -###################################################################### -### ParseRecipient -- Strip off hosts in $=R as well as possibly -### $* $=m or the access database. -### Check user portion for host separators. -### -### Parameters: -### $1 -- full recipient address -### -### Returns: -### parsed, non-local-relaying address -###################################################################### - -SParseRecipient -R$* $: $>CanonAddr $1 -R $* < @ $* . > $1 < @ $2 > strip trailing dots -R $- < @ $* > $: $(dequote $1 $) < @ $2 > dequote local part - -# if no $=O character, no host in the user portion, we are done -R $* $=O $* < @ $* > $: $1 $2 $3 < @ $4> -R $* $@ $1 - - -R $* < @ $* $=R > $: $1 < @ $2 $3 > - - - -R $* < @ $* > $@ $>ParseRecipient $1 -R<$+> $* $@ $2 - - -###################################################################### -### check_relay -- check hostname/address on SMTP startup -###################################################################### - - - -SLocal_check_relay -Scheck_relay -R$* $: $1 $| $>"Local_check_relay" $1 -R$* $| $* $| $#$* $#$3 -R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2 - -SBasic_check_relay -# check for deferred delivery mode -R$* $: < $&{deliveryMode} > $1 -R< d > $* $@ deferred -R< $* > $* $: $2 - - - - -###################################################################### -### check_mail -- check SMTP `MAIL FROM:' command argument -###################################################################### - -SLocal_check_mail -Scheck_mail -R$* $: $1 $| $>"Local_check_mail" $1 -R$* $| $#$* $#$2 -R$* $| $* $@ $>"Basic_check_mail" $1 - -SBasic_check_mail -# check for deferred delivery mode -R$* $: < $&{deliveryMode} > $1 -R< d > $* $@ deferred -R< $* > $* $: $2 - -# authenticated? -R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL -R$* $| $#$+ $#$2 -R$* $| $* $: $1 - -R<> $@ we MUST accept <> (RFC 1123) -R$+ $: $1 -R<$+> $: <@> <$1> -R$+ $: <@> <$1> -R$* $: $&{daemon_flags} $| $1 -R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 > -R$* u $* $| <@> < $* > $: < $3 > -R$* $| $* $: $2 -# handle case of @localhost on address -R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost > -R<@> < $* @ [127.0.0.1] > - $: < ? $&{client_name} > < $1 @ [127.0.0.1] > -R<@> < $* @ localhost.$m > - $: < ? $&{client_name} > < $1 @ localhost.$m > -R<@> < $* @ localhost.UUCP > - $: < ? $&{client_name} > < $1 @ localhost.UUCP > -R<@> $* $: $1 no localhost as domain -R $* $: $2 local client: ok -R <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address" -R $* $: $1 -R$* $: $>CanonAddr $1 canonify sender address and mark it -R $* < @ $+ . > $1 < @ $2 > strip trailing dots -# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) -R $* < @ $* $=P > $: $1 < @ $2 $3 > -R $* < @ $j > $: $1 < @ $j > -R $* < @ $+ > $: $) > $1 < @ $2 > -R> $* < @ $+ > - $: <$2> $3 < @ $4 > - - -# handle case of no @domain on address -R $* $: $&{daemon_flags} $| $1 -R$* u $* $| $* $: $3 -R$* $| $* $: $2 -R $* $: < ? $&{client_addr} > $1 -R $* $@ ...local unqualed ok -R $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f - ...remote is not -# check results -R $* $: @ $1 mark address: nothing known about it -R<$={ResOk}> $* $@ domain ok: stop -R $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve" -R $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist" - -###################################################################### -### check_rcpt -- check SMTP `RCPT TO:' command argument -###################################################################### - -SLocal_check_rcpt -Scheck_rcpt -R$* $: $1 $| $>"Local_check_rcpt" $1 -R$* $| $#$* $#$2 -R$* $| $* $@ $>"Basic_check_rcpt" $1 - -SBasic_check_rcpt -# empty address? -R<> $#error $@ nouser $: "553 User address required" -R$@ $#error $@ nouser $: "553 User address required" -# check for deferred delivery mode -R$* $: < $&{deliveryMode} > $1 -R< d > $* $@ deferred -R< $* > $* $: $2 - - -###################################################################### -R$* $: $1 $| @ $>"Rcpt_ok" $1 -R$* $| @ $#TEMP $+ $: $1 $| T $2 -R$* $| @ $#$* $#$2 -R$* $| @ RELAY $@ RELAY -R$* $| @ $* $: O $| $>"Relay_ok" $1 -R$* $| T $+ $: T $2 $| $>"Relay_ok" $1 -R$* $| $#TEMP $+ $#error $2 -R$* $| $#$* $#$2 -R$* $| RELAY $@ RELAY -R T $+ $| $* $#error $1 -# anything else is bogus -R$* $#error $@ 5.7.1 $: "550 Relaying denied" - - -###################################################################### -### Rcpt_ok: is the recipient ok? -###################################################################### -SRcpt_ok -R$* $: $>ParseRecipient $1 strip relayable hosts - - - - -# authenticated via TLS? -R$* $: $1 $| $>RelayTLS client authenticated? -R$* $| $# $+ $# $2 error/ok? -R$* $| $* $: $1 no - -R$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type} -R$* $| $# $* $# $2 -R$* $| NO $: $1 -R$* $| $* $: $1 $| $&{auth_type} -R$* $| $: $1 -R$* $| $={TrustAuthMech} $# RELAY -R$* $| $* $: $1 -# anything terminating locally is ok -R$+ < @ $=w > $@ RELAY -R$+ < @ $* $=R > $@ RELAY - - - - -# check for local user (i.e. unqualified address) -R$* $: $1 -R $* < @ $+ > $: $1 < @ $2 > -# local user is ok -R $+ $@ RELAY -R<$+> $* $: $2 - -###################################################################### -### Relay_ok: is the relay/sender ok? -###################################################################### -SRelay_ok -# anything originating locally is ok -# check IP address -R$* $: $&{client_addr} -R$@ $@ RELAY originated locally -R0 $@ RELAY originated locally -R127.0.0.1 $@ RELAY originated locally -RIPv6:::1 $@ RELAY originated locally -R$=R $* $@ RELAY relayable IP address -R$* $: [ $1 ] put brackets around it... -R$=w $@ RELAY ... and see if it is local - - -# check client name: first: did it resolve? -R$* $: < $&{client_resolve} > -R $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr} -R $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name} -R $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name} -R$* $: <@> $&{client_name} -# pass to name server to make hostname canonical -R<@> $* $=P $: $1 $2 -R<@> $+ $: $[ $1 $] -R$* . $1 strip trailing dots -R $=w $@ RELAY -R $* $=R $@ RELAY - - - - -###################################################################### -### trust_auth: is user trusted to authenticate as someone else? -### -### Parameters: -### $1: AUTH= parameter from MAIL command -###################################################################### - -SLocal_trust_auth -Strust_auth -R$* $: $&{auth_type} $| $1 -# required by RFC 2554 section 4. -R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated" -R$* $| $&{auth_authen} $@ identical -R$* $| <$&{auth_authen}> $@ identical -R$* $| $* $: $1 $| $>"Local_trust_auth" $2 -R$* $| $#$* $#$2 -R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author} - -###################################################################### -### Relay_Auth: allow relaying based on authentication? -### -### Parameters: -### $1: ${auth_type} -###################################################################### -SLocal_Relay_Auth - -###################################################################### -### srv_features: which features to offer to a client? -### (done in server) -###################################################################### -Ssrv_features - - -###################################################################### -### try_tls: try to use STARTTLS? -### (done in client) -###################################################################### -Stry_tls - - -###################################################################### -### tls_rcpt: is connection with server "good" enough? -### (done in client, per recipient) -### -### Parameters: -### $1: recipient -###################################################################### -Stls_rcpt - - -###################################################################### -### tls_client: is connection with client "good" enough? -### (done in server) -### -### Parameters: -### ${verify} $| (MAIL|STARTTLS) -###################################################################### -Stls_client -R$* $| $* $@ $>"TLS_connection" $1 - -###################################################################### -### tls_server: is connection with server "good" enough? -### (done in client) -### -### Parameter: -### ${verify} -###################################################################### -Stls_server -R$* $@ $>"TLS_connection" $1 - -###################################################################### -### TLS_connection: is TLS connection "good" enough? -### -### Parameters: -### ${verify} -### Requirement: RHS from access map, may be ? for none. -###################################################################### -STLS_connection -RSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake." - - -###################################################################### -### RelayTLS: allow relaying based on TLS authentication -### -### Parameters: -### none -###################################################################### -SRelayTLS -# authenticated? - -###################################################################### -### authinfo: lookup authinfo in the access map -### -### Parameters: -### $1: {server_name} -### $2: {server_addr} -###################################################################### -Sauthinfo - - - - - - - - -SLocal_localaddr -R$+ $: $>ParseRecipient $1 -R$* < @ $+ > $* $#relay $@ ${MTAHost} $: $1 < @ $2 > $3 -# DECnet -R$+ :: $+ $#relay $@ ${MTAHost} $: $1 :: $2 -R$* $#relay $@ ${MTAHost} $: $1 < @ $j > -# -###################################################################### -###################################################################### -##### -##### MAIL FILTER DEFINITIONS -##### -###################################################################### -###################################################################### - -# -###################################################################### -###################################################################### -##### -##### MAILER DEFINITIONS -##### -###################################################################### -###################################################################### - - -################################################## -### Local and Program Mailer specification ### -################################################## - -##### $Id: local.m4,v 8.59 2004/11/23 00:37:25 ca Exp $ ##### - -# -# Envelope sender rewriting -# -SEnvFromL -R<@> $n errors to mailer-daemon -R@ <@ $*> $n temporarily bypass Sun bogosity -R$+ $: $>AddDomain $1 add local domain if needed -R$* $: $>MasqEnv $1 do masquerading - -# -# Envelope recipient rewriting -# -SEnvToL -R$+ < @ $* > $: $1 strip host part -R$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type -R $+ + $* $: $1 remove +detail for sender -R< $* > $+ $: $2 else remove mark - -# -# Header sender rewriting -# -SHdrFromL -R<@> $n errors to mailer-daemon -R@ <@ $*> $n temporarily bypass Sun bogosity -R$+ $: $>AddDomain $1 add local domain if needed -R$* $: $>MasqHdr $1 do masquerading - -# -# Header recipient rewriting -# -SHdrToL -R$+ $: $>AddDomain $1 add local domain if needed -R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 - -# -# Common code to add local domain name (only if always-add-domain) -# -SAddDomain - -Mlocal, P=[IPC], F=lmDFMuXkw5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, - T=DNS/RFC822/SMTP, - A=TCP $h -Mprog, P=[IPC], F=lmDFMuXk5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/, - T=X-Unix/X-Unix/X-Unix, - A=TCP $h - -##################################### -### SMTP Mailer specification ### -##################################### - -##### $Id: smtp.m4,v 8.64 2001/04/03 01:52:54 gshapiro Exp $ ##### - -# -# common sender and masquerading recipient rewriting -# -SMasqSMTP -R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified -R$+ $@ $1 < @ *LOCAL* > add local qualification - -# -# convert pseudo-domain addresses to real domain addresses -# -SPseudoToReal - -# pass s through -R< @ $+ > $* $@ < @ $1 > $2 resolve - -# output fake domains as user%fake@relay - -# do UUCP heuristics; note that these are shared with UUCP mailers -R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form -R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form - -# leave these in .UUCP form to avoid further tampering -R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. > -R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 > -R< $&h ! > $+ $@ $1 < @ $&h .UUCP. > -R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY -R$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part -R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY - - -# -# envelope sender rewriting -# -SEnvFromSMTP -R$+ $: $>PseudoToReal $1 sender/recipient common -R$* :; <@> $@ list:; special case -R$* $: $>MasqSMTP $1 qualify unqual'ed names -R$+ $: $>MasqEnv $1 do masquerading - - -# -# envelope recipient rewriting -- -# also header recipient if not masquerading recipients -# -SEnvToSMTP -R$+ $: $>PseudoToReal $1 sender/recipient common -R$+ $: $>MasqSMTP $1 qualify unqual'ed names -R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 - -# -# header sender and masquerading header recipient rewriting -# -SHdrFromSMTP -R$+ $: $>PseudoToReal $1 sender/recipient common -R:; <@> $@ list:; special case - -# do special header rewriting -R$* <@> $* $@ $1 <@> $2 pass null host through -R< @ $* > $* $@ < @ $1 > $2 pass route-addr through -R$* $: $>MasqSMTP $1 qualify unqual'ed names -R$+ $: $>MasqHdr $1 do masquerading - - -# -# relay mailer header masquerading recipient rewriting -# -SMasqRelay -R$+ $: $>MasqSMTP $1 -R$+ $: $>MasqHdr $1 - -Msmtp, P=[IPC], F=mDFMuXk5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Mesmtp, P=[IPC], F=mDFMuXak5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Msmtp8, P=[IPC], F=mDFMuX8k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Mdsmtp, P=[IPC], F=mDFMuXa%k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990, - T=DNS/RFC822/SMTP, - A=TCP $h -Mrelay, P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040, - T=DNS/RFC822/SMTP, - A=TCP $h - -### submit.mc ### -# divert(-1) -# # -# # Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. -# # All rights reserved. -# # -# # By using this file, you agree to the terms and conditions set -# # forth in the LICENSE file which can be found at the top level of -# # the sendmail distribution. -# # -# # -# -# # -# # This is the prototype file for a set-group-ID sm-msp sendmail that -# # acts as a initial mail submission program. -# # -# -# divert(0)dnl -# include(`/usr/share/sendmail-cf/m4/cf.m4') -# VERSIONID(`linux setup for Red Hat Linux')dnl -# define(`confCF_VERSION', `Submit')dnl -# define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining -# define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet -# define(`confTIME_ZONE', `USE_TZ')dnl -# define(`confDONT_INIT_GROUPS', `True')dnl -# define(`confPID_FILE', `/var/run/sm-client.pid')dnl -# dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C') -# FEATURE(`use_ct_file')dnl -# dnl -# dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] -# FEATURE(`msp', `[127.0.0.1]')dnl diff --git a/testing/mailman/mail/submit.mc b/testing/mailman/mail/submit.mc deleted file mode 100644 index 402a5ab..0000000 --- a/testing/mailman/mail/submit.mc +++ /dev/null @@ -1,30 +0,0 @@ -divert(-1) -# -# Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. -# All rights reserved. -# -# By using this file, you agree to the terms and conditions set -# forth in the LICENSE file which can be found at the top level of -# the sendmail distribution. -# -# - -# -# This is the prototype file for a set-group-ID sm-msp sendmail that -# acts as a initial mail submission program. -# - -divert(0)dnl -include(`/usr/share/sendmail-cf/m4/cf.m4') -VERSIONID(`linux setup for Red Hat Linux')dnl -define(`confCF_VERSION', `Submit')dnl -define(`__OSTYPE__',`')dnl dirty hack to keep proto.m4 from complaining -define(`_USE_DECNET_SYNTAX_', `1')dnl support DECnet -define(`confTIME_ZONE', `USE_TZ')dnl -define(`confDONT_INIT_GROUPS', `True')dnl -define(`confPID_FILE', `/var/run/sm-client.pid')dnl -dnl define(`confDIRECT_SUBMISSION_MODIFIERS',`C') -FEATURE(`use_ct_file')dnl -dnl -dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] -FEATURE(`msp', `[127.0.0.1]')dnl diff --git a/testing/mailman/mail/virtusertable b/testing/mailman/mail/virtusertable deleted file mode 100644 index e69de29..0000000 --- a/testing/mailman/mail/virtusertable +++ /dev/null diff --git a/testing/mailman/mail/virtusertable.db b/testing/mailman/mail/virtusertable.db deleted file mode 100644 index ca6a670..0000000 Binary files a/testing/mailman/mail/virtusertable.db and /dev/null differ diff --git a/testing/redhat-conf/modules.conf-targeted-fc5t2 b/testing/redhat-conf/modules.conf-targeted-fc5t2 deleted file mode 100644 index c5c447d..0000000 --- a/testing/redhat-conf/modules.conf-targeted-fc5t2 +++ /dev/null @@ -1,875 +0,0 @@ -# -# This file contains a listing of available modules. -# To prevent a module from being used in policy -# creation, set the module name to "off". -# -# For monolithic policies, modules set to "base" and "module" -# will be built into the policy. -# -# For modular policies, modules set to "base" will be -# included in the base module. "module" will be compiled -# as individual loadable modules. -# - -# Layer: kernel -# Module: filesystem -# Required in base -# -# Policy for filesystems. -# -filesystem = base - -# Layer: kernel -# Module: selinux -# Required in base -# -# Policy for kernel security interface, in particular, selinuxfs. -# -selinux = base - -# Layer: kernel -# Module: mls -# Required in base -# -# Multilevel security policy -# -mls = base - -# Layer: kernel -# Module: terminal -# Required in base -# -# Policy for terminals. -# -terminal = base - -# Layer: kernel -# Module: kernel -# Required in base -# -# Policy for kernel threads, proc filesystem,and unlabeled processes and objects. -# -kernel = base - -# Layer: kernel -# Module: devices -# Required in base -# -# Device nodes and interfaces for many basic system devices. -# -devices = base - -# Layer: kernel -# Module: corenetwork -# Required in base -# -# Policy controlling access to network objects -# -corenetwork = base - -# Layer: system -# Module: corecommands -# Required in base -# -# Core policy for shells, and generic programs -# in /bin, /sbin, /usr/bin, and /usr/sbin. -# -corecommands = base - -# Layer: system -# Module: files -# Required in base -# -# Basic filesystem types and interfaces. -# -files = base - -# Layer: system -# Module: domain -# Required in base -# -# Core policy for domains. -# -domain = base - -# Layer: admin -# Module: usermanage -# -# Policy for managing user accounts. -# -usermanage = base - -# Layer: admin -# Module: rpm -# -# Policy for the RPM package manager. -# -rpm = base - -# Layer: admin -# Module: tmpreaper -# -# Manage temporary directory sizes and file ages -# -tmpreaper = off - -# Layer: admin -# Module: kudzu -# -# Hardware detection and configuration tools -# -kudzu = base - -# Layer: admin -# Module: anaconda -# -# Policy for the Anaconda installer. -# -anaconda = base - -# Layer: admin -# Module: netutils -# -# Network analysis utilities -# -netutils = base - -# Layer: admin -# Module: acct -# -# Berkeley process accounting -# -acct = base - -# Layer: admin -# Module: sudo -# -# Execute a command with a substitute user -# -sudo = off - -# Layer: admin -# Module: firstboot -# -# Final system configuration run during the first boot -# after installation of Red Hat/Fedora systems. -# -firstboot = base - -# Layer: admin -# Module: su -# -# Run shells with substitute user and group -# -su = base - -# Layer: admin -# Module: quota -# -# File system quota management -# -quota = off - -# Layer: admin -# Module: dmesg -# -# Policy for dmesg. -# -dmesg = base - -# Layer: admin -# Module: logrotate -# -# Rotate and archive system logs -# -logrotate = off - -# Layer: admin -# Module: vpn -# -# Virtual Private Networking client -# -vpn = off - -# Layer: admin -# Module: consoletype -# -# Determine of the console connected to the controlling terminal. -# -consoletype = base - -# Layer: admin -# Module: updfstab -# -# Red Hat utility to change /etc/fstab. -# -updfstab = base - -# Layer: admin -# Module: dmidecode -# -# Decode DMI data for x86/ia64 bioses. -# -dmidecode = base - -# Layer: admin -# Module: amanda -# -# Automated backup program. -# -amanda = base - -# Layer: apps -# Module: webalizer -# -# Web server log analysis -# -webalizer = base - -# Layer: apps -# Module: loadkeys -# -# Load keyboard mappings. -# -loadkeys = base - -# Layer: apps -# Module: gpg -# -# Policy for GNU Privacy Guard and related programs. -# -gpg = off - -# Layer: kernel -# Module: bootloader -# -# Policy for the kernel modules, kernel image, and bootloader. -# -bootloader = base - -# Layer: kernel -# Module: storage -# -# Policy controlling access to storage devices -# -storage = base - -# Layer: services -# Module: portmap -# -# RPC port mapping service. -# -portmap = base - -# Layer: services -# Module: remotelogin -# -# Policy for rshd, rlogind, and telnetd. -# -remotelogin = base - -# Layer: services -# Module: ntp -# -# Network time protocol daemon -# -ntp = base - -# Layer: services -# Module: rlogin -# -# Remote login daemon -# -rlogin = base - -# Layer: services -# Module: inetd -# -# Internet services daemon. -# -inetd = base - -# Layer: services -# Module: ktalk -# -# KDE Talk daemon -# -ktalk = base - -# Layer: services -# Module: finger -# -# Finger user information service. -# -finger = base - -# Layer: services -# Module: howl -# -# Port of Apple Rendezvous multicast DNS -# -howl = base - -# Layer: services -# Module: tftp -# -# Trivial file transfer protocol daemon -# -tftp = base - -# Layer: services -# Module: kerberos -# -# MIT Kerberos admin and KDC -# -kerberos = base - -# Layer: services -# Module: gpm -# -# General Purpose Mouse driver -# -gpm = off - -# Layer: services -# Module: uucp -# -# Unix to Unix Copy -# -uucp = base - -# Layer: services -# Module: apache -# -# Apache web server -# -apache = base - -# Layer: services -# Module: dhcp -# -# Dynamic host configuration protocol (DHCP) server -# -dhcp = base - -# Layer: services -# Module: inn -# -# Internet News NNTP server -# -inn = base - -# Layer: services -# Module: sendmail -# -# Policy for sendmail. -# -sendmail = base - -# Layer: services -# Module: dbus -# -# Desktop messaging bus -# -dbus = base - -# Layer: services -# Module: rshd -# -# Remote shell service. -# -rshd = base - -# Layer: services -# Module: radvd -# -# IPv6 router advertisement daemon -# -radvd = base - -# Layer: services -# Module: sasl -# -# SASL authentication server -# -sasl = base - -# Layer: services -# Module: postgresql -# -# PostgreSQL relational database -# -postgresql = base - -# Layer: services -# Module: hal -# -# Hardware abstraction layer -# -hal = base - -# Layer: services -# Module: zebra -# -# Zebra border gateway protocol network routing service -# -zebra = base - -# Layer: services -# Module: ldap -# -# OpenLDAP directory server -# -ldap = base - -# Layer: services -# Module: mysql -# -# Policy for MySQL -# -mysql = base - -# Layer: services -# Module: bind -# -# Berkeley internet name domain DNS server. -# -bind = base - -# Layer: services -# Module: snmp -# -# Simple network management protocol services -# -snmp = base - -# Layer: services -# Module: squid -# -# Squid caching http proxy server -# -squid = base - -# Layer: services -# Module: mailman -# -# Mailman is for managing electronic mail discussion and e-newsletter lists -# -mailman = base - -# Layer: services -# Module: dictd -# -# Dictionary daemon -# -dictd = base - -# Layer: services -# Module: privoxy -# -# Privacy enhancing web proxy. -# -privoxy = base - -# Layer: services -# Module: nis -# -# Policy for NIS (YP) servers and clients -# -nis = base - -# Layer: services -# Module: telnet -# -# Telnet daemon -# -telnet = base - -# Layer: services -# Module: comsat -# -# Comsat, a biff server. -# -comsat = base - -# Layer: services -# Module: ssh -# -# Secure shell client and server policy. -# -ssh = base - -# Layer: services -# Module: cvs -# -# Concurrent versions system -# -cvs = base - -# Layer: services -# Module: ppp -# -# Point to Point Protocol daemon creates links in ppp networks -# -ppp = base - -# Layer: services -# Module: arpwatch -# -# Ethernet activity monitor. -# -arpwatch = base - -# Layer: services -# Module: bluetooth -# -# Bluetooth tools and system services. -# -bluetooth = base - -# Layer: services -# Module: apm -# -# Advanced power management daemon -# -apm = base - -# Layer: services -# Module: mta -# -# Policy common to all email tranfer agents. -# -mta = base - -# Layer: services -# Module: nscd -# -# Name service cache daemon -# -nscd = base - -# Layer: services -# Module: stunnel -# -# SSL Tunneling Proxy -# -stunnel = base - -# Layer: services -# Module: distcc -# -# Distributed compiler daemon -# -distcc = off - -# Layer: services -# Module: samba -# -# SMB and CIFS client/server programs for UNIX and -# name Service Switch daemon for resolving names -# from Windows NT servers. -# -samba = base - -# Layer: services -# Module: cyrus -# -# Cyrus is an IMAP service intended to be run on sealed servers -# -cyrus = base - -# Layer: services -# Module: ftp -# -# File transfer protocol service -# -ftp = base - -# Layer: services -# Module: cpucontrol -# -# Services for loading CPU microcode and CPU frequency scaling. -# -cpucontrol = base - -# Layer: services -# Module: dovecot -# -# Dovecot POP and IMAP mail server -# -dovecot = base - -# Layer: services -# Module: rsync -# -# Fast incremental file transfer for synchronization -# -rsync = base - -# Layer: services -# Module: canna -# -# Canna - kana-kanji conversion server -# -canna = base - -# Layer: services -# Module: cron -# -# Periodic execution of scheduled commands. -# -cron = base - -# Layer: services -# Module: tcpd -# -# Policy for TCP daemon. -# -tcpd = off - -# Layer: services -# Module: xdm -# -# X windows login display manager -# -xdm = base - -# Layer: services -# Module: networkmanager -# -# Manager for dynamically switching between networks. -# -networkmanager = base - -# Layer: services -# Module: dbskk -# -# Dictionary server for the SKK Japanese input method system. -# -dbskk = base - -# Layer: services -# Module: pegasus -# -# The Open Group Pegasus CIM/WBEM Server. -# -pegasus = base - -# Layer: services -# Module: radius -# -# RADIUS authentication and accounting server. -# -radius = base - -# Layer: services -# Module: spamassassin -# -# Filter used for removing unsolicited email. -# -spamassassin = base - -# Layer: services -# Module: postfix -# -# Postfix email server -# -postfix = base - -# Layer: services -# Module: cups -# -# Common UNIX printing system -# -cups = base - -# Layer: services -# Module: rpc -# -# Remote Procedure Call Daemon for managment of network based process communication -# -rpc = base - -# Layer: services -# Module: lpd -# -# Line printer daemon -# -lpd = base - -# Layer: services -# Module: avahi -# -# mDNS/DNS-SD daemon implementing Apple ZeroConf architecture -# -avahi = base - -# Layer: services -# Module: procmail -# -# Procmail mail delivery agent -# -procmail = base - -# Layer: system -# Module: unconfined -# -# The unconfined domain. -# -unconfined = base - -# Layer: system -# Module: selinuxutil -# -# Policy for SELinux policy and userland applications. -# -selinuxutil = base - -# Layer: system -# Module: getty -# -# Policy for getty. -# -getty = base - -# Layer: system -# Module: mount -# -# Policy for mount. -# -mount = base - -# Layer: system -# Module: ipsec -# -# TCP/IP encryption -# -ipsec = off - -# Layer: system -# Module: locallogin -# -# Policy for local logins. -# -locallogin = base - -# Layer: system -# Module: logging -# -# Policy for the kernel message logger and system logging daemon. -# -logging = base - -# Layer: system -# Module: sysnetwork -# -# Policy for network configuration: ifconfig and dhcp client. -# -sysnetwork = base - -# Layer: system -# Module: fstools -# -# Tools for filesystem management, such as mkfs and fsck. -# -fstools = base - -# Layer: system -# Module: pcmcia -# -# PCMCIA card management services -# -pcmcia = base - -# Layer: system -# Module: iptables -# -# Policy for iptables. -# -iptables = off - -# Layer: system -# Module: userdomain -# -# Policy for user domains -# -userdomain = base - -# Layer: system -# Module: hotplug -# -# Policy for hotplug system, for supporting the -# connection and disconnection of devices at runtime. -# -hotplug = base - -# Layer: system -# Module: clock -# -# Policy for reading and setting the hardware clock. -# -clock = base - -# Layer: system -# Module: lvm -# -# Policy for logical volume management programs. -# -lvm = off - -# Layer: system -# Module: modutils -# -# Policy for kernel module utilities -# -modutils = base - -# Layer: system -# Module: init -# -# System initialization programs (init and init scripts). -# -init = base - -# Layer: system -# Module: udev -# -# Policy for udev. -# -udev = base - -# Layer: system -# Module: hostname -# -# Policy for changing the system host name. -# -hostname = base - -# Layer: system -# Module: raid -# -# RAID array management tools -# -raid = off - -# Layer: system -# Module: libraries -# -# Policy for system libraries. -# -libraries = base - -# Layer: system -# Module: miscfiles -# -# Miscelaneous files. -# -miscfiles = base - -# Layer: system -# Module: authlogin -# -# Common policy for authentication and user login. -# -authlogin = base - diff --git a/testing/rsync/README b/testing/rsync/README deleted file mode 100644 index b39a247..0000000 --- a/testing/rsync/README +++ /dev/null @@ -1,11 +0,0 @@ -this README goes over starting the rsync daemon and using rsync to copy files. -copy rsyncd.conf to /etc/rsyncd.conf - -to start rsync as a daemon - rsync --daemon - -to test the rsync daemon ask it for a listing of availible items - rsync rsync://localhost - -to test rsncing - rsync -r rsync://localhost/home . diff --git a/testing/rsync/rsyncd.conf b/testing/rsync/rsyncd.conf deleted file mode 100644 index d0b3d17..0000000 --- a/testing/rsync/rsyncd.conf +++ /dev/null @@ -1,3 +0,0 @@ -[home] - path = /home/ - comment = home users diff --git a/testing/spamassassin/.forward b/testing/spamassassin/.forward deleted file mode 100644 index 515bbf8..0000000 --- a/testing/spamassassin/.forward +++ /dev/null @@ -1 +0,0 @@ -"|IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #foo" diff --git a/testing/spamassassin/.procmailrc b/testing/spamassassin/.procmailrc deleted file mode 100644 index bdb9289..0000000 --- a/testing/spamassassin/.procmailrc +++ /dev/null @@ -1,40 +0,0 @@ -# SpamAssassin sample procmailrc -# -# Pipe the mail through spamassassin (replace 'spamassassin' with 'spamc' -# if you use the spamc/spamd combination) -# -# The condition line ensures that only messages smaller than 250 kB -# (250 * 1024 = 256000 bytes) are processed by SpamAssassin. Most spam -# isn't bigger than a few k and working with big messages can bring -# SpamAssassin to its knees. -# -# The lock file ensures that only 1 spamassassin invocation happens -# at 1 time, to keep the load down. -# -:0fw: spamassassin.lock -* < 256000 -| spamassassin - -# Mails with a score of 15 or higher are almost certainly spam (with 0.05% -# false positives according to rules/STATISTICS.txt). Let's put them in a -# different mbox. (This one is optional.) -:0: -* ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\* -almost-certainly-spam - -# All mail tagged as spam (eg. with a score higher than the set threshold) -# is moved to "probably-spam". -:0: -* ^X-Spam-Status: Yes -probably-spam - -# Work around procmail bug: any output on stderr will cause the "F" in "From" -# to be dropped. This will re-add it. -:0 -* ^^rom[ ] -{ - LOG="*** Dropped F off From_ header! Fixing up. " - - :0 fhw - | sed -e '1s/^/F/' -} diff --git a/testing/spamassassin/README b/testing/spamassassin/README deleted file mode 100644 index df51d51..0000000 --- a/testing/spamassassin/README +++ /dev/null @@ -1,13 +0,0 @@ -this set up is a per user set up - -put .forward and .procmailrc in the root of a users home directory. - -in .forward change foo to the user you want to test (or just make a user called foo) - -apprently this will initilize the the Bayes Database - sa-learn --sync - -send the user some mail, it should get put through procmail and spamassassin. - -send this as the body of a message, it should always be detected as spam and not reach the user. - XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X diff --git a/testing/stunnel/README b/testing/stunnel/README deleted file mode 100644 index 803f477..0000000 --- a/testing/stunnel/README +++ /dev/null @@ -1,14 +0,0 @@ -configuration for stunnel'ing rsync daemon - -stunnel.pem, daemon.conf and client.conf belongs in /etc/stunnel/ - -start rsync dameon using the configuration from trunk/testing/rsync - -start the ssl server - stunnel /etc/stunnel/daemon.conf -start the ssl client - stunnel /etc/stunnel/client.conf -connect to rsync server over ssl from local box via a different port 837837 - rsync rsync://localhost:837837 - - diff --git a/testing/stunnel/client.conf b/testing/stunnel/client.conf deleted file mode 100644 index 28a46ef..0000000 --- a/testing/stunnel/client.conf +++ /dev/null @@ -1,10 +0,0 @@ -# -client = yes - -debug = 7 -foreground = yes -#output = rsync-stunnel-client.log - -[RSYNC] -accept=localhost:837837 -connect=localhost:2222 diff --git a/testing/stunnel/daemon.conf b/testing/stunnel/daemon.conf deleted file mode 100644 index 9d4c070..0000000 --- a/testing/stunnel/daemon.conf +++ /dev/null @@ -1,15 +0,0 @@ -#configuration for daemon - -#RNDbytes = 2048 -#RNDfile = rand.bin -#RNDoverwrite = yes - -cert = /etc/stunnel/stunnel.pem - -debug = 7 -foreground = yes -#output = rsync-stunnel-daemon.log - -[RSYNC] -accept=localhost:2222 -connect=localhost:873 diff --git a/testing/stunnel/stunnel.pem b/testing/stunnel/stunnel.pem deleted file mode 100644 index ebc642f..0000000 --- a/testing/stunnel/stunnel.pem +++ /dev/null @@ -1,36 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICXAIBAAKBgQCmD+mhtQH5B97Uh0q7zOzA+aRDgS1hx0p1EuO3ur45pX2YzN50 -qB7daBTBKkkhev+xThF4pQeeMSxAq+iUrHmDwxVr8gh6fvuwWaSN4DeybzAj8MCx -5hiUHfWt3QvjTR+X58r+f16UPsU32ZO/OjPdymSTRsybFkG4HJHoeX2NnQIDAQAB -AoGATJYQKP0C8Og5U4kl5WEIW6OGp39e/7Za142jqiuc6ZcySpNJkUGsIm6LC99F -pQRGAm6/zgVGcyW4hAcEl/THgUf4fd0aAaniSnDxKuZdUQN5dcjLl6Hxc29VpRs+ -Q4aHvjIWNhQxiQTvNvc6uc6acKZQ0QKN0NldjtReCqxXCB0CQQDQkIkh+yodp7nu -7V6CeNLHCs4pkgWZFY3puNyOxjRSwBBTX4L4Tv3Scqb08MD3AfCYmRnD/NQyTEAN -EjIGE7Z7AkEAy9S3IP2Yk+j6RvFBYIFC1ONJCYxuIuhd1aM46vo8hM0scjCdrtJK -LrG3eCZGY3rXSyzF59DKNYc1FPix8zvcxwJAEYqWfg0p1aSttrKwKDkRQTxfao+l -eOKfNPEfW8K/09XjiZ+W3FuIbZLHCALXt+6p1avKxvkUv8Y5/N9y5Z/y0QJADeyZ -GgLY8nm+5yvB+JK7+wkPyzwxpebTyi1dTQgNLFFL0P0rOG8bLDdtviJ3OoKAxJzp -ZB2qQp/a63TVyzTyrwJBAK59jXSCZaODU2oyBAw3uWzk5hAv/or2BU+v2YzrehZ7 -4sNUnVaoZuMFpGFCvUfZN4FtJ8UVezc1b4UAVSIfnHY= ------END RSA PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDbDCCAtWgAwIBAgIJAIXKx0p5ys4jMA0GCSqGSIb3DQEBBQUAMIGBMQswCQYD -VQQGEwJVUzELMAkGA1UECBMCTUQxETAPBgNVBAcTCGNvbHVtYmlhMRIwEAYDVQQK -EwlTZWxmIEluYy4xCzAJBgNVBAsTAnN3MRAwDgYDVQQDEwdnaWJib25zMR8wHQYJ -KoZIhvcNAQkBFhByb290QGdpYmJvbnMub3JnMB4XDTA1MTAyODE4MTkwN1oXDTA2 -MTAyODE4MTkwN1owgYExCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDERMA8GA1UE -BxMIY29sdW1iaWExEjAQBgNVBAoTCVNlbGYgSW5jLjELMAkGA1UECxMCc3cxEDAO -BgNVBAMTB2dpYmJvbnMxHzAdBgkqhkiG9w0BCQEWEHJvb3RAZ2liYm9ucy5vcmcw -gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKYP6aG1AfkH3tSHSrvM7MD5pEOB -LWHHSnUS47e6vjmlfZjM3nSoHt1oFMEqSSF6/7FOEXilB54xLECr6JSseYPDFWvy -CHp++7BZpI3gN7JvMCPwwLHmGJQd9a3dC+NNH5fnyv5/XpQ+xTfZk786M93KZJNG -zJsWQbgckeh5fY2dAgMBAAGjgekwgeYwHQYDVR0OBBYEFNiKZTCIS8ggRE+fX2v6 -wIT0luJSMIG2BgNVHSMEga4wgauAFNiKZTCIS8ggRE+fX2v6wIT0luJSoYGHpIGE -MIGBMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTUQxETAPBgNVBAcTCGNvbHVtYmlh -MRIwEAYDVQQKEwlTZWxmIEluYy4xCzAJBgNVBAsTAnN3MRAwDgYDVQQDEwdnaWJi -b25zMR8wHQYJKoZIhvcNAQkBFhByb290QGdpYmJvbnMub3JnggkAhcrHSnnKziMw -DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCat7KISbItYomwbVQOcInx -p6qp0QJR591SMgVZMqjhedGdGcKzcwk01n5/2pi7IMSubMupP2Fz3RjK0ZWMQkTG -HqQ0DXF/EC5+Zi6P27yTBQCJScrKYDaojgdZ/ZR51icWpCiBHZmjnxRGTGXzHGml -O1fZr++ppYMk7VJB40t2Lw== ------END CERTIFICATE----- diff --git a/testing/tcpd/README b/testing/tcpd/README deleted file mode 100644 index b268c96..0000000 --- a/testing/tcpd/README +++ /dev/null @@ -1,9 +0,0 @@ -put xproftpd in /etc/xinetd.d/ -and put proftpd.conf in /etc/ - -install proftpd - -reload xinetd - /etc/init.d/xinetd reload - -connect to localhost for ftp service diff --git a/testing/tcpd/proftpd.conf b/testing/tcpd/proftpd.conf deleted file mode 100644 index 37ffbc3..0000000 --- a/testing/tcpd/proftpd.conf +++ /dev/null @@ -1,139 +0,0 @@ -# This is the ProFTPD configuration file -# $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $ - -ServerName "ProFTPD server" -ServerIdent on "FTP Server ready." -ServerAdmin root@localhost -#ServerType standalone -ServerType inetd -DefaultServer on -AccessGrantMsg "User %u logged in." -#DisplayConnect /etc/ftpissue -#DisplayLogin /etc/ftpmotd -#DisplayGoAway /etc/ftpgoaway -DeferWelcome off - -# Use this to excude users from the chroot -DefaultRoot ~ !adm - -# Use pam to authenticate (default) and be authoritative -AuthPAMConfig proftpd -AuthOrder mod_auth_pam.c* mod_auth_unix.c - -# Do not perform ident nor DNS lookups (hangs when the port is filtered) -IdentLookups off -UseReverseDNS off - -# Port 21 is the standard FTP port. -Port 21 - -# Umask 022 is a good standard umask to prevent new dirs and files -# from being group and world writable. -Umask 022 - -# Default to show dot files in directory listings -ListOptions "-a" - -# See Configuration.html for these (here are the default values) -#MultilineRFC2228 off -#RootLogin off -#LoginPasswordPrompt on -#MaxLoginAttempts 3 -#MaxClientsPerHost none -#AllowForeignAddress off # For FXP - -# Allow to resume not only the downloads but the uploads too -AllowRetrieveRestart on -AllowStoreRestart on - -# To prevent DoS attacks, set the maximum number of child processes -# to 30. If you need to allow more than 30 concurrent connections -# at once, simply increase this value. Note that this ONLY works -# in standalone mode, in inetd mode you should use an inetd server -# that allows you to limit maximum number of processes per service -# (such as xinetd) -MaxInstances 20 - -# Set the user and group that the server normally runs at. -User nobody -Group nobody - -# This is where we want to put the pid file -ScoreboardFile /var/run/proftpd.score - -# Normally, we want users to do a few things. - - AllowOverwrite yes - - AllowAll - - - -# Define the log formats -LogFormat default "%h %l %u %t \"%r\" %s %b" -LogFormat auth "%v [%P] %h %t \"%r\" %s" - -# TLS -# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html -#TLSEngine on -#TLSRequired on -#TLSRSACertificateFile /usr/share/ssl/certs/proftpd.pem -#TLSRSACertificateKeyFile /usr/share/ssl/certs/proftpd.pem -#TLSCipherSuite ALL:!ADH:!DES -#TLSOptions NoCertRequest -#TLSVerifyClient off -##TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 -#TLSLog /var/log/proftpd/tls.log - -# A basic anonymous configuration, with an upload directory. - - User ftp - Group ftp - AccessGrantMsg "Anonymous login ok, restrictions apply." - - # We want clients to be able to login with "anonymous" as well as "ftp" - UserAlias anonymous ftp - - # Limit the maximum number of anonymous logins - MaxClients 10 "Sorry, max %m users -- try again later" - - # Put the user into /pub right after login - DefaultChdir /pub - - # We want 'welcome.msg' displayed at login, '.message' displayed in - # each newly chdired directory and tell users to read README* files. - DisplayLogin /welcome.msg - DisplayFirstChdir .message - DisplayReadme README* - - # Some more cosmetic and not vital stuff - DirFakeUser on ftp - DirFakeGroup on ftp - - # Limit WRITE everywhere in the anonymous chroot - - DenyAll - - - # An upload directory that allows storing files but not retrieving - # or creating directories. - - AllowOverwrite no - - DenyAll - - - - AllowAll - - - - # Don't write anonymous accesses to the system wtmp file (good idea!) - WtmpLog off - - # Logging for the anonymous transfers - ExtendedLog /var/log/proftpd/access.log WRITE,READ default - ExtendedLog /var/log/proftpd/auth.log AUTH auth - - - diff --git a/testing/tcpd/xproftpd b/testing/tcpd/xproftpd deleted file mode 100644 index 2248e6e..0000000 --- a/testing/tcpd/xproftpd +++ /dev/null @@ -1,16 +0,0 @@ -# default: off -# $Id: proftpd-xinetd,v 1.2 2002/06/10 15:35:47 dude Exp $ -# description: The ProFTPD FTP server serves FTP connections. It uses \ -# normal, unencrypted usernames and passwords for authentication. -service ftp -{ - socket_type = stream - wait = no - user = root - server = /usr/sbin/in.proftpd - server = /usr/sbin/tcpd - log_on_success += DURATION USERID - log_on_failure += USERID - nice = 10 - disable = no -} diff --git a/testing/telnet/README b/testing/telnet/README deleted file mode 100644 index 25dfc88..0000000 --- a/testing/telnet/README +++ /dev/null @@ -1,7 +0,0 @@ -To install telnet: "yum install telnet-server" - -The only thing that has to be done to get telnet to work is to enable it through -xinetd. - -To do this simply toggle disabled from yes to no in the file: -/etc/xinetd.d/telnet and restart xinetd. diff --git a/tools/buildtest.sh b/tools/buildtest.sh deleted file mode 100755 index 26a91ac..0000000 --- a/tools/buildtest.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash - -DISTROS="rhel4 gentoo debian" -TYPES="strict targeted strict-mcs targeted-mcs strict-mls targeted-mls" -POLVER="`checkpolicy -V |cut -f 1 -d ' '`" -SETFILES="/usr/sbin/setfiles" -SE_LINK="time -p /usr/bin/semodule_link" - -die() { - if [ "$1" -eq "1" ]; then - echo "failed with options: $2" - fi - - exit 1 -} - -cleanup_mon() { - make MONOLITHIC=y bare -} - -cleanup_mod() { - make MONOLITHIC=n bare -} - -do_test() { - local OPTS="" - - for i in $TYPES; do - # Monolithic tests - trap cleanup_mon SIGINT SIGQUIT - OPTS="TYPE=$i MONOLITHIC=y QUIET=y DIRECT_INITRC=y" - [ ! -z "$1" ] && OPTS="$OPTS DISTRO=$1" - echo "**** Options: $OPTS ****" - echo -ne "\33]0;mon $i $1\007" - make $OPTS conf || die "$?" "$OPTS" - make $OPTS || die "$?" "$OPTS" - make $OPTS file_contexts || die "$?" "$OPTS" - $SETFILES -q -c policy.$POLVER file_contexts || die "$?" "$OPTS" - cleanup_mon - - # Loadable module tests - trap cleanup_mod SIGINT SIGQUIT - OPTS="TYPE=$i MONOLITHIC=n QUIET=y DIRECT_INITRC=y" - [ ! -z "$1" ] && OPTS="$OPTS DISTRO=$1" - echo "**** Options: $OPTS ****" - echo -ne "\33]0;mod $i $1\007" - make $OPTS conf || die "$?" "$OPTS" - make $OPTS base || die "$?" "$OPTS" - make $OPTS -j2 modules || die "$?" "$OPTS" - make $OPTS validate || die "$?" "$OPTS" - cleanup_mod - done -} - -cleanup_mon -cleanup_mod -do_test - -for i in $DISTROS; do - do_test $i -done - -echo "Completed successfully." diff --git a/tools/quicktest.sh b/tools/quicktest.sh deleted file mode 100755 index 05c768b..0000000 --- a/tools/quicktest.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/bash - -TYPES="strict targeted-mcs strict-mls" -POLVER="`checkpolicy -V |cut -f 1 -d ' '`" -SETFILES="/usr/sbin/setfiles" -SE_LINK="time -p /usr/bin/semodule_link" - -die() { - if [ "$1" -eq "1" ]; then - echo "failed with options: $2" - fi - - exit 1 -} - -cleanup_mon() { - make MONOLITHIC=y bare -} - -cleanup_mod() { - make MONOLITHIC=n bare -} - -do_test() { - local OPTS="" - - for i in $TYPES; do - # Monolithic tests - trap cleanup_mon SIGINT SIGQUIT - OPTS="TYPE=$i MONOLITHIC=y QUIET=y DIRECT_INITRC=y" - [ ! -z "$1" ] && OPTS="$OPTS DISTRO=$1" - echo "**** Options: $OPTS ****" - echo -ne "\33]0;mon $i $1\007" - make $OPTS conf || die "$?" "$OPTS" - make $OPTS || die "$?" "$OPTS" - make $OPTS file_contexts || die "$?" "$OPTS" - $SETFILES -q -c policy.$POLVER file_contexts || die "$?" "$OPTS" - cleanup_mon - - # Loadable module tests - trap cleanup_mod SIGINT SIGQUIT - OPTS="TYPE=$i MONOLITHIC=n QUIET=y DIRECT_INITRC=y" - [ ! -z "$1" ] && OPTS="$OPTS DISTRO=$1" - echo "**** Options: $OPTS ****" - echo -ne "\33]0;mod $i $1\007" - make $OPTS conf || die "$?" "$OPTS" - make $OPTS base || die "$?" "$OPTS" - make $OPTS -j2 modules || die "$?" "$OPTS" - make $OPTS validate || die "$?" "$OPTS" - cleanup_mod - done -} - -cleanup_mon -cleanup_mod -do_test - -echo "Completed successfully." diff --git a/www/api-docs/admin.html b/www/api-docs/admin.html deleted file mode 100644 index aa379ca..0000000 --- a/www/api-docs/admin.html +++ /dev/null @@ -1,326 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

- -

- Policy modules for administrative functions, such as package management. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - acct

Berkeley process accounting

- - alsa

Ainit ALSA configuration tool

- - amanda

Automated backup program.

- - anaconda

Policy for the Anaconda installer.

- - bootloader

Policy for the kernel modules, kernel image, and bootloader.

- - certwatch

Digital Certificate Tracking

- - consoletype

-Determine of the console connected to the controlling terminal. -

- - ddcprobe

ddcprobe retrieves monitor and graphics card information

- - dmesg

Policy for dmesg.

- - dmidecode

Decode DMI data for x86/ia64 bioses.

- - firstboot

-Final system configuration run during the first boot -after installation of Red Hat/Fedora systems. -

- - kudzu

Hardware detection and configuration tools

- - logrotate

Rotate and archive system logs

- - logwatch

System log analyzer and reporter

- - mrtg

Network traffic graphing

- - netutils

Network analysis utilities

- - portage

-Portage Package Management System. The primary package management and -distribution system for Gentoo. -

- - prelink

Prelink ELF shared library mappings.

- - quota

File system quota management

- - readahead

Readahead, read files into page cache for improved performance

- - rpm

Policy for the RPM package manager.

- - su

Run shells with substitute user and group

- - sudo

Execute a command with a substitute user

- - tmpreaper

Manage temporary directory sizes and file ages

- - updfstab

Red Hat utility to change /etc/fstab.

- - usbmodules

List kernel modules of USB devices

- - usermanage

Policy for managing user accounts.

- - vbetool

run real-mode video BIOS code to alter hardware state

- - vpn

Virtual Private Networking client

-



- -

- - diff --git a/www/api-docs/admin_acct.html b/www/api-docs/admin_acct.html deleted file mode 100644 index fb672e8..0000000 --- a/www/api-docs/admin_acct.html +++ /dev/null @@ -1,331 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: acct

- -

Description:

- -

Berkeley process accounting

- - - - -

Interfaces:

- - -
- - -
- -acct_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Transition to the accounting management domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -acct_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute accounting management tools in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -acct_exec_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute accounting management data in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -acct_manage_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete process accounting data. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_alsa.html b/www/api-docs/admin_alsa.html deleted file mode 100644 index 5186dd9..0000000 --- a/www/api-docs/admin_alsa.html +++ /dev/null @@ -1,289 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: alsa

- -

Description:

- -

Ainit ALSA configuration tool

- - - - -

Interfaces:

- - -
- - -
- -alsa_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Domain transition to alsa -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -alsa_rw_semaphores( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read and write access to alsa semaphores. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -alsa_rw_shared_mem( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read and write access to alsa shared memory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_amanda.html b/www/api-docs/admin_amanda.html deleted file mode 100644 index f34c1ac..0000000 --- a/www/api-docs/admin_amanda.html +++ /dev/null @@ -1,452 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: amanda

- -

Description:

- -

Automated backup program.

- - - - -

Interfaces:

- - -
- - -
- -amanda_append_log_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read/writing amanda logs -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to allow -

-		 -No -
-
-
- - -
- - -
- -amanda_domtrans_recover( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute amrecover in the amanda_recover domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -amanda_dontaudit_read_dumpdates( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read /etc/dumpdates. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -amanda_run_recover( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute amrecover in the amanda_recover domain, and -allow the specified role the amanda_recover domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the amanda_recover domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the amanda_recover domain to use. -

-		 -No -
-
-
- - -
- - -
- -amanda_rw_dumpdates_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read/writing /etc/dumpdates. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to allow -

-		 -No -
-
-
- - -
- - -
- -amanda_search_lib( - - - - - domain - - - )
-
-
- -
Summary
-

-Search amanda library directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_anaconda.html b/www/api-docs/admin_anaconda.html deleted file mode 100644 index b4b09ac..0000000 --- a/www/api-docs/admin_anaconda.html +++ /dev/null @@ -1,159 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: anaconda

- -

Description:

- -

Policy for the Anaconda installer.

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/admin_bootloader.html b/www/api-docs/admin_bootloader.html deleted file mode 100644 index 71e6d53..0000000 --- a/www/api-docs/admin_bootloader.html +++ /dev/null @@ -1,455 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: bootloader

- -

Description:

- -

Policy for the kernel modules, kernel image, and bootloader.

- - - - -

Interfaces:

- - -
- - -
- -bootloader_create_runtime_file( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the bootloader -temporary data in /tmp. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -bootloader_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute bootloader in the bootloader domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -bootloader_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the bootloader configuration file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -bootloader_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute bootloader interactively and do -a domain transition to the bootloader domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the bootloader domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the bootloader domain to use. -

-		 -No -
-
-
- - -
- - -
- -bootloader_rw_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the bootloader -configuration file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -bootloader_rw_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the bootloader -temporary data in /tmp. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_certwatch.html b/www/api-docs/admin_certwatch.html deleted file mode 100644 index 40a926a..0000000 --- a/www/api-docs/admin_certwatch.html +++ /dev/null @@ -1,286 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: certwatch

- -

Description:

- -

Digital Certificate Tracking

- - - - -

Interfaces:

- - -
- - -
- -certwatach_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute certwatch in the certwatch domain, and -allow the specified role the certwatch domain, -and use the caller's terminal. Has a sigchld -backchannel. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the certwatch domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the certwatch domain to use. -

-		 -No -
-
-
- - -
- - -
- -certwatch_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Domain transition to certwatch. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_consoletype.html b/www/api-docs/admin_consoletype.html deleted file mode 100644 index 80f8336..0000000 --- a/www/api-docs/admin_consoletype.html +++ /dev/null @@ -1,328 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: consoletype

- -

Description:

- -

-Determine of the console connected to the controlling terminal. -

- - - - -

Interfaces:

- - -
- - -
- -consoletype_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute consoletype in the consoletype domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -consoletype_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute consoletype in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -consoletype_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute consoletype in the consoletype domain, and -allow the specified role the consoletype domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the consoletype domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the consoletype domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_ddcprobe.html b/www/api-docs/admin_ddcprobe.html deleted file mode 100644 index e840957..0000000 --- a/www/api-docs/admin_ddcprobe.html +++ /dev/null @@ -1,284 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: ddcprobe

- -

Description:

- -

ddcprobe retrieves monitor and graphics card information

- - - - -

Interfaces:

- - -
- - -
- -ddcprobe_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ddcprobe in the ddcprobe domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ddcprobe_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute ddcprobe in the ddcprobe domain, and -allow the specified role the ddcprobe domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-Role to be authenticated for ddcprobe domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the clock domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_dmesg.html b/www/api-docs/admin_dmesg.html deleted file mode 100644 index 0a75d29..0000000 --- a/www/api-docs/admin_dmesg.html +++ /dev/null @@ -1,247 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: dmesg

- -

Description:

- -

Policy for dmesg.

- - - - -

Interfaces:

- - -
- - -
- -dmesg_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute dmesg in the dmesg domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dmesg_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute dmesg in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_dmidecode.html b/www/api-docs/admin_dmidecode.html deleted file mode 100644 index 3fde90e..0000000 --- a/www/api-docs/admin_dmidecode.html +++ /dev/null @@ -1,284 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: dmidecode

- -

Description:

- -

Decode DMI data for x86/ia64 bioses.

- - - - -

Interfaces:

- - -
- - -
- -dmidecode_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute dmidecode in the dmidecode domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dmidecode_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute dmidecode in the dmidecode domain, and -allow the specified role the dmidecode domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the dmidecode domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the dmidecode domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_firstboot.html b/www/api-docs/admin_firstboot.html deleted file mode 100644 index 4325fc0..0000000 --- a/www/api-docs/admin_firstboot.html +++ /dev/null @@ -1,414 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: firstboot

- -

Description:

- -

-Final system configuration run during the first boot -after installation of Red Hat/Fedora systems. -

- - - - -

Interfaces:

- - -
- - -
- -firstboot_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute firstboot in the firstboot domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -firstboot_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit a -file descriptor from firstboot. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -firstboot_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute firstboot in the firstboot domain, and -allow the specified role the firstboot domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the firstboot domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the firstboot domain to use. -

-		 -No -
-
-
- - -
- - -
- -firstboot_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use a file descriptor from firstboot. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -firstboot_write_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to a firstboot unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_kudzu.html b/www/api-docs/admin_kudzu.html deleted file mode 100644 index 87e965f..0000000 --- a/www/api-docs/admin_kudzu.html +++ /dev/null @@ -1,326 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: kudzu

- -

Description:

- -

Hardware detection and configuration tools

- - - - -

Interfaces:

- - -
- - -
- -kudzu_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute kudzu in the kudzu domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -kudzu_getattr_exec_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get attributes of kudzu executable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -kudzu_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute kudzu in the kudzu domain, and -allow the specified role the kudzu domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the kudzu domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the kudzu domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_logrotate.html b/www/api-docs/admin_logrotate.html deleted file mode 100644 index 594e028..0000000 --- a/www/api-docs/admin_logrotate.html +++ /dev/null @@ -1,452 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: logrotate

- -

Description:

- -

Rotate and archive system logs

- - - - -

Interfaces:

- - -
- - -
- -logrotate_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute logrotate in the logrotate domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -logrotate_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit logrotate file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -logrotate_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute logrotate in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -logrotate_read_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read a logrotate temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -logrotate_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute logrotate in the logrotate domain, and -allow the specified role the logrotate domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the logrotate domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the logrotate domain to use. -

-		 -No -
-
-
- - -
- - -
- -logrotate_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use logrotate file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_logwatch.html b/www/api-docs/admin_logwatch.html deleted file mode 100644 index 6653d84..0000000 --- a/www/api-docs/admin_logwatch.html +++ /dev/null @@ -1,205 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: logwatch

- -

Description:

- -

System log analyzer and reporter

- - - - -

Interfaces:

- - -
- - -
- -logwatch_read_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read logwatch temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_mrtg.html b/www/api-docs/admin_mrtg.html deleted file mode 100644 index 5b6e4df..0000000 --- a/www/api-docs/admin_mrtg.html +++ /dev/null @@ -1,205 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: mrtg

- -

Description:

- -

Network traffic graphing

- - - - -

Interfaces:

- - -
- - -
- -mrtg_append_create_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create and append mrtg logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_netutils.html b/www/api-docs/admin_netutils.html deleted file mode 100644 index 6aaf727..0000000 --- a/www/api-docs/admin_netutils.html +++ /dev/null @@ -1,810 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: netutils

- -

Description:

- -

Network analysis utilities

- - - - -

Interfaces:

- - -
- - -
- -netutils_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute network utilities in the netutils domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -netutils_domtrans_ping( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ping in the ping domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -netutils_domtrans_traceroute( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute traceroute in the traceroute domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -netutils_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute network utilities in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -netutils_exec_ping( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ping in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -netutils_exec_traceroute( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute traceroute in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -netutils_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute network utilities in the netutils domain, and -allow the specified role the netutils domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the netutils domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the netutils domain to use. -

-		 -No -
-
-
- - -
- - -
- -netutils_run_ping( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute ping in the ping domain, and -allow the specified role the ping domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the ping domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the ping domain to use. -

-		 -No -
-
-
- - -
- - -
- -netutils_run_ping_cond( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Conditionally execute ping in the ping domain, and -allow the specified role the ping domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the ping domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the ping domain to use. -

-		 -No -
-
-
- - -
- - -
- -netutils_run_traceroute( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute traceroute in the traceroute domain, and -allow the specified role the traceroute domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the traceroute domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the traceroute domain to use. -

-		 -No -
-
-
- - -
- - -
- -netutils_run_traceroute_cond( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Conditionally execute traceroute in the traceroute domain, and -allow the specified role the traceroute domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the traceroute domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the traceroute domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_portage.html b/www/api-docs/admin_portage.html deleted file mode 100644 index f2be3fc..0000000 --- a/www/api-docs/admin_portage.html +++ /dev/null @@ -1,346 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: portage

- -Interfaces -Templates - -

Description:

- -

-Portage Package Management System. The primary package management and -distribution system for Gentoo. -

- - - - -

Interfaces:

- - -
- - -
- -portage_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute emerge in the portage domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -portage_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute emerge in the portage domain, and -allow the specified role the portage domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to allow the portage domain. -

-		 -No -
-terminal - -

-The type of the terminal allow for portage to use. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -portage_compile_domain_template( - - - - - prefix - - - )
-
-
- -
Summary
-

-Template for portage sandbox. -

- - -
Description
-

-

-Template for portage sandbox. Portage -does all compiling in the sandbox. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-prefix - -

-Name to be used to derive types. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/admin_prelink.html b/www/api-docs/admin_prelink.html deleted file mode 100644 index 049b94b..0000000 --- a/www/api-docs/admin_prelink.html +++ /dev/null @@ -1,374 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: prelink

- -

Description:

- -

Prelink ELF shared library mappings.

- - - - -

Interfaces:

- - -
- - -
- -prelink_delete_cache( - - - - - file_type - - - )
-
-
- -
Summary
-

-Delete the prelink cache. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -prelink_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the prelink program in the prelink domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -prelink_manage_log( - - - - - file_type - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -prelink log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -prelink_object_file( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified file type prelinkable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-File type to be prelinked. -

-		 -No -
-
-
- - -
- - -
- -prelink_read_cache( - - - - - file_type - - - )
-
-
- -
Summary
-

-Read the prelink cache. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_quota.html b/www/api-docs/admin_quota.html deleted file mode 100644 index bca2147..0000000 --- a/www/api-docs/admin_quota.html +++ /dev/null @@ -1,369 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: quota

- -

Description:

- -

File system quota management

- - - - -

Interfaces:

- - -
- - -
- -quota_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute quota management tools in the quota domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -quota_dontaudit_getattr_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of filesystem quota data files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -quota_manage_flags( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -quota_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute quota management tools in the quota domain, and -allow the specified role the quota domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the quota domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the quota domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_readahead.html b/www/api-docs/admin_readahead.html deleted file mode 100644 index 1a64d7e..0000000 --- a/www/api-docs/admin_readahead.html +++ /dev/null @@ -1,159 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: readahead

- -

Description:

- -

Readahead, read files into page cache for improved performance

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/admin_rpm.html b/www/api-docs/admin_rpm.html deleted file mode 100644 index dc6aef0..0000000 --- a/www/api-docs/admin_rpm.html +++ /dev/null @@ -1,662 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: rpm

- -

Description:

- -

Policy for the RPM package manager.

- - - - -

Interfaces:

- - -
- - -
- -rpm_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute rpm programs in the rpm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_domtrans_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute rpm_script programs in the rpm_script domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -rpm_dontaudit_manage_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to create, read, -write, and delete the RPM package database. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -rpm_manage_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the RPM package database. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_manage_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the RPM log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_read_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the RPM package database. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_read_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read from an unnamed RPM pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute RPM programs in the RPM domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the RPM domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the RPM domain to use. -

-		 -No -
-
-
- - -
- - -
- -rpm_rw_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write an unnamed RPM pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use file descriptors from RPM. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpm_use_script_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use file descriptors from RPM scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_su.html b/www/api-docs/admin_su.html deleted file mode 100644 index df68f53..0000000 --- a/www/api-docs/admin_su.html +++ /dev/null @@ -1,349 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: su

- -Interfaces -Templates - -

Description:

- -

Run shells with substitute user and group

- - - - -

Interfaces:

- - -
- - -
- -su_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute su in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -su_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the su module. -

- - -
Description
-

-

-This template creates a derived domain which is allowed -to change the linux user id, to run shells as a different -user. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -
- - -
- -su_restricted_domain_template( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/admin_sudo.html b/www/api-docs/admin_sudo.html deleted file mode 100644 index 83cc6a0..0000000 --- a/www/api-docs/admin_sudo.html +++ /dev/null @@ -1,256 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: sudo

- -

Description:

- -

Execute a command with a substitute user

- - - - - -

Templates:

- - -
- - -
- -sudo_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the sudo module. -

- - -
Description
-

-

-This template creates a derived domain which is allowed -to change the linux user id, to run commands as a different -user. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/admin_tmpreaper.html b/www/api-docs/admin_tmpreaper.html deleted file mode 100644 index 7e1e14a..0000000 --- a/www/api-docs/admin_tmpreaper.html +++ /dev/null @@ -1,205 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: tmpreaper

- -

Description:

- -

Manage temporary directory sizes and file ages

- - - - -

Interfaces:

- - -
- - -
- -tmpreaper_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute tmpreaper in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_updfstab.html b/www/api-docs/admin_updfstab.html deleted file mode 100644 index f145cae..0000000 --- a/www/api-docs/admin_updfstab.html +++ /dev/null @@ -1,205 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: updfstab

- -

Description:

- -

Red Hat utility to change /etc/fstab.

- - - - -

Interfaces:

- - -
- - -
- -updfstab_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute updfstab in the updfstab domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_usbmodules.html b/www/api-docs/admin_usbmodules.html deleted file mode 100644 index aa50e58..0000000 --- a/www/api-docs/admin_usbmodules.html +++ /dev/null @@ -1,285 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: usbmodules

- -

Description:

- -

List kernel modules of USB devices

- - - - -

Interfaces:

- - -
- - -
- -usbmodules_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute usbmodules in the usbmodules domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -usbmodules_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute usbmodules in the usbmodules domain, and -allow the specified role the usbmodules domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the usbmodules domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the usbmodules domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_usermanage.html b/www/api-docs/admin_usermanage.html deleted file mode 100644 index 3a51f04..0000000 --- a/www/api-docs/admin_usermanage.html +++ /dev/null @@ -1,812 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: usermanage

- -

Description:

- -

Policy for managing user accounts.

- - - - -

Interfaces:

- - -
- - -
- -usermanage_domtrans_admin_passwd( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute password admin functions in -the admin passwd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -usermanage_domtrans_chfn( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute chfn in the chfn domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -usermanage_domtrans_groupadd( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute groupadd in the groupadd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -usermanage_domtrans_passwd( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute passwd in the passwd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -usermanage_domtrans_useradd( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute useradd in the useradd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -usermanage_read_crack_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the crack database. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -usermanage_run_admin_passwd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute passwd admin functions in the admin -passwd domain, and allow the specified role -the admin passwd domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the admin passwd domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the admin passwd domain to use. -

-		 -No -
-
-
- - -
- - -
- -usermanage_run_chfn( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute chfn in the chfn domain, and -allow the specified role the chfn domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the chfn domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the chfn domain to use. -

-		 -No -
-
-
- - -
- - -
- -usermanage_run_groupadd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute groupadd in the groupadd domain, and -allow the specified role the groupadd domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the groupadd domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the groupadd domain to use. -

-		 -No -
-
-
- - -
- - -
- -usermanage_run_passwd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute passwd in the passwd domain, and -allow the specified role the passwd domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the passwd domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the passwd domain to use. -

-		 -No -
-
-
- - -
- - -
- -usermanage_run_useradd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute useradd in the useradd domain, and -allow the specified role the useradd domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the useradd domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the useradd domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_vbetool.html b/www/api-docs/admin_vbetool.html deleted file mode 100644 index 9b2d2a0..0000000 --- a/www/api-docs/admin_vbetool.html +++ /dev/null @@ -1,205 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: vbetool

- -

Description:

- -

run real-mode video BIOS code to alter hardware state

- - - - -

Interfaces:

- - -
- - -
- -vbetool_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute vbetool application in the vbetool domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/admin_vpn.html b/www/api-docs/admin_vpn.html deleted file mode 100644 index 2f36b57..0000000 --- a/www/api-docs/admin_vpn.html +++ /dev/null @@ -1,326 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

-

Module: vpn

- -

Description:

- -

Virtual Private Networking client

- - - - -

Interfaces:

- - -
- - -
- -vpn_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute VPN clients in the vpnc domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -vpn_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute VPN clients in the vpnc domain, and -allow the specified role the vpnc domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the vpnc domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the vpnc domain to use. -

-		 -No -
-
-
- - -
- - -
- -vpn_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to VPN clients. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/apps.html b/www/api-docs/apps.html deleted file mode 100644 index c32f33b..0000000 --- a/www/api-docs/apps.html +++ /dev/null @@ -1,204 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

- -

Policy modules for applications


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - cdrecord

Policy for cdrecord

- - gpg

Policy for GNU Privacy Guard and related programs.

- - irc

IRC client policy

- - java

Java virtual machine

- - loadkeys

Load keyboard mappings.

- - lockdev

device locking policy for lockdev

- - mono

Run .NET server and client applications on Linux.

- - screen

GNU terminal multiplexer

- - slocate

Update database for mlocate

- - tvtime

tvtime - a high quality television application

- - uml

Policy for UML

- - userhelper

SELinux utility to run a shell with a new role

- - usernetctl

User network interface configuration helper

- - webalizer

Web server log analysis

- - wine

Wine Is Not an Emulator. Run Windows programs in Linux.

-



- -

- - diff --git a/www/api-docs/apps_cdrecord.html b/www/api-docs/apps_cdrecord.html deleted file mode 100644 index 47dc647..0000000 --- a/www/api-docs/apps_cdrecord.html +++ /dev/null @@ -1,213 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: cdrecord

- -

Description:

- -

Policy for cdrecord

- - - - - -

Templates:

- - -
- - -
- -cdrecord_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the cdrecord module. -

- - -
Description
-

-

-This template creates derived domains which are used -for cdrecord. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_gpg.html b/www/api-docs/apps_gpg.html deleted file mode 100644 index 41451b3..0000000 --- a/www/api-docs/apps_gpg.html +++ /dev/null @@ -1,215 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: gpg

- -

Description:

- -

Policy for GNU Privacy Guard and related programs.

- - - - - -

Templates:

- - -
- - -
- -gpg_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - userdomain - - - - , - - - - role - - - )
-
-
- -
Summary
-

-The per user domain template for the gpg module. -

- - -
Description
-

-

-This template creates the types and rules for GPG, -GPG-agent, and GPG helper programs. This protects -the user keys and secrets, and runs the programs -in domains specific to the user type. -

-

-This is invoked automatically for each user and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-userdomain - -

-The user domain. -

-		 -No -
-role - -

-The role associated with the user. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_irc.html b/www/api-docs/apps_irc.html deleted file mode 100644 index ef61848..0000000 --- a/www/api-docs/apps_irc.html +++ /dev/null @@ -1,213 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: irc

- -

Description:

- -

IRC client policy

- - - - - -

Templates:

- - -
- - -
- -irc_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the irc module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for an irc client sessions. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_java.html b/www/api-docs/apps_java.html deleted file mode 100644 index 812977d..0000000 --- a/www/api-docs/apps_java.html +++ /dev/null @@ -1,264 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: java

- -Interfaces -Templates - -

Description:

- -

Java virtual machine

- - - - -

Interfaces:

- - -
- - -
- -java_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the java program in the java domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -java_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the java module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for java plugins that are executed by a browser. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_loadkeys.html b/www/api-docs/apps_loadkeys.html deleted file mode 100644 index bceba0a..0000000 --- a/www/api-docs/apps_loadkeys.html +++ /dev/null @@ -1,283 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: loadkeys

- -

Description:

- -

Load keyboard mappings.

- - - - -

Interfaces:

- - -
- - -
- -loadkeys_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the loadkeys program in the loadkeys domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -loadkeys_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the loadkeys program in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -loadkeys_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute the loadkeys program in the loadkeys domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the loadkeys domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the loadkeys domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/apps_lockdev.html b/www/api-docs/apps_lockdev.html deleted file mode 100644 index f478a02..0000000 --- a/www/api-docs/apps_lockdev.html +++ /dev/null @@ -1,214 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: lockdev

- -

Description:

- -

device locking policy for lockdev

- - - - - -

Templates:

- - -
- - -
- -lockdev_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the lockdev module. -

- - -
Description
-

-

-This template creates derived domains which are used -for lockdev. A derived type is also created to protect -the user's device locks. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_mono.html b/www/api-docs/apps_mono.html deleted file mode 100644 index 76c3f14..0000000 --- a/www/api-docs/apps_mono.html +++ /dev/null @@ -1,163 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: mono

- -

Description:

- -

Run .NET server and client applications on Linux.

- - - - -

Interfaces:

- - -
- - -
- -mono_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the mono program in the mono domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/apps_screen.html b/www/api-docs/apps_screen.html deleted file mode 100644 index 45011af..0000000 --- a/www/api-docs/apps_screen.html +++ /dev/null @@ -1,213 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: screen

- -

Description:

- -

GNU terminal multiplexer

- - - - - -

Templates:

- - -
- - -
- -screen_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the screen module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for screen sessions. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_slocate.html b/www/api-docs/apps_slocate.html deleted file mode 100644 index af3a5c5..0000000 --- a/www/api-docs/apps_slocate.html +++ /dev/null @@ -1,163 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: slocate

- -

Description:

- -

Update database for mlocate

- - - - -

Interfaces:

- - -
- - -
- -slocate_create_append_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Create the locate log with append mode. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/apps_tvtime.html b/www/api-docs/apps_tvtime.html deleted file mode 100644 index 73d6f70..0000000 --- a/www/api-docs/apps_tvtime.html +++ /dev/null @@ -1,213 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: tvtime

- -

Description:

- -

tvtime - a high quality television application

- - - - - -

Templates:

- - -
- - -
- -tvtime_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the tvtime module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for tvtime. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_uml.html b/www/api-docs/apps_uml.html deleted file mode 100644 index 580f4f5..0000000 --- a/www/api-docs/apps_uml.html +++ /dev/null @@ -1,306 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: uml

- -Interfaces -Templates - -

Description:

- -

Policy for UML

- - - - -

Interfaces:

- - -
- - -
- -uml_manage_util_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Manage uml utility files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -uml_setattr_util_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Set attributes on uml utility socket files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -uml_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the uml module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for uml program. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_userhelper.html b/www/api-docs/apps_userhelper.html deleted file mode 100644 index b7ba201..0000000 --- a/www/api-docs/apps_userhelper.html +++ /dev/null @@ -1,307 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: userhelper

- -Interfaces -Templates - -

Description:

- -

SELinux utility to run a shell with a new role

- - - - -

Interfaces:

- - -
- - -
- -userhelper_dontaudit_search_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search -the userhelper configuration directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userhelper_search_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the userhelper configuration directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -userhelper_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the userhelper module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for userhelper. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/apps_usernetctl.html b/www/api-docs/apps_usernetctl.html deleted file mode 100644 index 9f5fd8a..0000000 --- a/www/api-docs/apps_usernetctl.html +++ /dev/null @@ -1,242 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: usernetctl

- -

Description:

- -

User network interface configuration helper

- - - - -

Interfaces:

- - -
- - -
- -usernetctl_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute usernetctl in the usernetctl domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -usernetctl_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute usernetctl in the usernetctl domain, and -allow the specified role the usernetctl domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the usernetctl domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the usernetctl domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/apps_webalizer.html b/www/api-docs/apps_webalizer.html deleted file mode 100644 index b0ccde3..0000000 --- a/www/api-docs/apps_webalizer.html +++ /dev/null @@ -1,242 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: webalizer

- -

Description:

- -

Web server log analysis

- - - - -

Interfaces:

- - -
- - -
- -webalizer_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute webalizer in the webalizer domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -webalizer_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute webalizer in the webalizer domain, and -allow the specified role the webalizer domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the webalizer domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the webalizer domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/apps_wine.html b/www/api-docs/apps_wine.html deleted file mode 100644 index 0157947..0000000 --- a/www/api-docs/apps_wine.html +++ /dev/null @@ -1,163 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: apps

-

Module: wine

- -

Description:

- -

Wine Is Not an Emulator. Run Windows programs in Linux.

- - - - -

Interfaces:

- - -
- - -
- -wine_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the wine program in the wine domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/global_booleans.html b/www/api-docs/global_booleans.html deleted file mode 100644 index b0e670a..0000000 --- a/www/api-docs/global_booleans.html +++ /dev/null @@ -1,590 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
-

Global booleans:

- - -
-
secure_mode
-
-
Default value
-

false

- -
Description
-

-

-Enabling secure mode disallows programs, such as -newrole, from transitioning to administrative -user domains. -

-

- -
- -
-
secure_mode_insmod
-
-
Default value
-

false

- -
Description
-

-

-Disable transitions to insmod. -

-

- -
- -
-
secure_mode_policyload
-
-
Default value
-

false

- -
Description
-

-

-boolean to determine whether the system permits loading policy, setting -enforcing mode, and changing boolean values. Set this to true and you -have to reboot to set it back -

-

- -
- - -
- - diff --git a/www/api-docs/global_tunables.html b/www/api-docs/global_tunables.html deleted file mode 100644 index 1bde781..0000000 --- a/www/api-docs/global_tunables.html +++ /dev/null @@ -1,1496 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
-

Global tunables:

- - -
-
allow_cvs_read_shadow
-
-
Default value
-

false

- -
Description
-

-

-Allow cvs daemon to read shadow -

-

- -
- -
-
allow_execheap
-
-
Default value
-

false

- -
Description
-

-

-Allow making the heap executable. -

-

- -
- -
-
allow_execmem
-
-
Default value
-

false

- -
Description
-

-

-Allow making anonymous memory executable, e.g. -for runtime-code generation or executable stack. -

-

- -
- -
-
allow_execmod
-
-
Default value
-

false

- -
Description
-

-

-Allow making a modified private file -mapping executable (text relocation). -

-

- -
- -
-
allow_execstack
-
-
Default value
-

false

- -
Description
-

-

-Allow making the stack executable via mprotect. -Also requires allow_execmem. -

-

- -
- -
-
allow_ftpd_anon_write
-
-
Default value
-

false

- -
Description
-

-

-Allow ftp servers to modify public files -used for public file transfer services. -

-

- -
- -
-
allow_gpg_execstack
-
-
Default value
-

false

- -
Description
-

-

-Allow gpg executable stack -

-

- -
- -
-
allow_gssd_read_tmp
-
-
Default value
-

true

- -
Description
-

-

-Allow gssd to read temp directory. -

-

- -
- -
-
allow_httpd_anon_write
-
-
Default value
-

false

- -
Description
-

-

-Allow Apache to modify public files -used for public file transfer services. -

-

- -
- -
-
allow_java_execstack
-
-
Default value
-

false

- -
Description
-

-

-Allow java executable stack -

-

- -
- -
-
allow_kerberos
-
-
Default value
-

false

- -
Description
-

-

-Allow system to run with kerberos -

-

- -
- -
-
allow_ptrace
-
-
Default value
-

false

- -
Description
-

-

-Allow sysadm to ptrace all processes -

-

- -
- -
-
allow_rsync_anon_write
-
-
Default value
-

false

- -
Description
-

-

-Allow rsync to modify public files -used for public file transfer services. -

-

- -
- -
-
allow_saslauthd_read_shadow
-
-
Default value
-

false

- -
Description
-

-

-Allow sasl to read shadow -

-

- -
- -
-
allow_smbd_anon_write
-
-
Default value
-

false

- -
Description
-

-

-Allow samba to modify public files -used for public file transfer services. -

-

- -
- -
-
allow_ssh_keysign
-
-
Default value
-

false

- -
Description
-

-

-allow host key based authentication -

-

- -
- -
-
allow_user_mysql_connect
-
-
Default value
-

false

- -
Description
-

-

-Allow users to connect to mysql -

-

- -
- -
-
allow_write_xshm
-
-
Default value
-

false

- -
Description
-

-

-Allows clients to write to the X server shared -memory segments. -

-

- -
- -
-
allow_ypbind
-
-
Default value
-

false

- -
Description
-

-

-Allow system to run with NIS -

-

- -
- -
-
cdrecord_read_content
-
-
Default value
-

false

- -
Description
-

-

-Allow cdrecord to read various content. -nfs, samba, removable devices, user temp -and untrusted content files -

-

- -
- -
-
cron_can_relabel
-
-
Default value
-

false

- -
Description
-

-

-Allow system cron jobs to relabel filesystem -for restoring file contexts. -

-

- -
- -
-
fcron_crond
-
-
Default value
-

false

- -
Description
-

-

-Enable extra rules in the cron domain -to support fcron. -

-

- -
- -
-
ftp_home_dir
-
-
Default value
-

false

- -
Description
-

-

-Allow ftp to read and write files in the user home directories -

-

- -
- -
-
ftpd_is_daemon
-
-
Default value
-

false

- -
Description
-

-

-Allow ftpd to run directly without inetd -

-

- -
- -
-
httpd_builtin_scripting
-
-
Default value
-

false

- -
Description
-

-

-Allow httpd to use built in scripting (usually php) -

-

- -
- -
-
httpd_can_network_connect
-
-
Default value
-

false

- -
Description
-

-

-Allow http daemon to tcp connect -

-

- -
- -
-
httpd_can_network_connect_db
-
-
Default value
-

false

- -
Description
-

-

-Allow httpd to connect to mysql/posgresql -

-

- -
- -
-
httpd_can_network_relay
-
-
Default value
-

false

- -
Description
-

-

-Allow httpd to act as a relay -

-

- -
- -
-
httpd_enable_cgi
-
-
Default value
-

false

- -
Description
-

-

-Allow httpd cgi support -

-

- -
- -
-
httpd_enable_ftp_server
-
-
Default value
-

false

- -
Description
-

-

-Allow httpd to act as a FTP server by -listening on the ftp port. -

-

- -
- -
-
httpd_enable_homedirs
-
-
Default value
-

false

- -
Description
-

-

-Allow httpd to read home directories -

-

- -
- -
-
httpd_ssi_exec
-
-
Default value
-

false

- -
Description
-

-

-Run SSI execs in system CGI script domain. -

-

- -
- -
-
httpd_tty_comm
-
-
Default value
-

false

- -
Description
-

-

-Allow http daemon to communicate with the TTY -

-

- -
- -
-
httpd_unified
-
-
Default value
-

false

- -
Description
-

-

-Run CGI in the main httpd domain -

-

- -
- -
-
named_write_master_zones
-
-
Default value
-

false

- -
Description
-

-

-Allow BIND to write the master zone files. -Generally this is used for dynamic DNS. -

-

- -
- -
-
nfs_export_all_ro
-
-
Default value
-

false

- -
Description
-

-

-Allow nfs to be exported read only -

-

- -
- -
-
nfs_export_all_rw
-
-
Default value
-

false

- -
Description
-

-

-Allow nfs to be exported read/write. -

-

- -
- -
-
pppd_can_insmod
-
-
Default value
-

false

- -
Description
-

-

-Allow pppd to load kernel modules for certain modems -

-

- -
- -
-
pppd_for_user
-
-
Default value
-

false

- -
Description
-

-

-Allow pppd to be run for a regular user -

-

- -
- -
-
read_default_t
-
-
Default value
-

false

- -
Description
-

-

-Allow reading of default_t files. -

-

- -
- -
-
read_untrusted_content
-
-
Default value
-

false

- -
Description
-

-

-Allow applications to read untrusted content -If this is disallowed, Internet content has -to be manually relabeled for read access to be granted -

-

- -
- -
-
run_ssh_inetd
-
-
Default value
-

false

- -
Description
-

-

-Allow ssh to run from inetd instead of as a daemon. -

-

- -
- -
-
samba_enable_home_dirs
-
-
Default value
-

false

- -
Description
-

-

-Allow samba to export user home directories. -

-

- -
- -
-
spamassasin_can_network
-
-
Default value
-

false

- -
Description
-

-

-Allow spamassassin to do DNS lookups -

-

- -
- -
-
spamassassin_can_network
-
-
Default value
-

false

- -
Description
-

-

-Allow user spamassassin clients to use the network. -

-

- -
- -
-
spamd_enable_home_dirs
-
-
Default value
-

true

- -
Description
-

-

-Allow spammd to read/write user home directories. -

-

- -
- -
-
squid_connect_any
-
-
Default value
-

false

- -
Description
-

-

-Allow squid to connect to all ports, not just -HTTP, FTP, and Gopher ports. -

-

- -
- -
-
ssh_sysadm_login
-
-
Default value
-

false

- -
Description
-

-

-Allow ssh logins as sysadm_r:sysadm_t -

-

- -
- -
-
staff_read_sysadm_file
-
-
Default value
-

false

- -
Description
-

-

-Allow staff_r users to search the sysadm home -dir and read files (such as ~/.bashrc) -

-

- -
- -
-
stunnel_is_daemon
-
-
Default value
-

false

- -
Description
-

-

-Configure stunnel to be a standalone daemon or -inetd service. -

-

- -
- -
-
use_nfs_home_dirs
-
-
Default value
-

false

- -
Description
-

-

-Support NFS home directories -

-

- -
- -
-
use_samba_home_dirs
-
-
Default value
-

false

- -
Description
-

-

-Support SAMBA home directories -

-

- -
- -
-
user_direct_mouse
-
-
Default value
-

false

- -
Description
-

-

-Allow regular users direct mouse access -

-

- -
- -
-
user_dmesg
-
-
Default value
-

false

- -
Description
-

-

-Allow users to read system messages. -

-

- -
- -
-
user_net_control
-
-
Default value
-

false

- -
Description
-

-

-Allow users to control network interfaces -(also needs USERCTL=true) -

-

- -
- -
-
user_ping
-
-
Default value
-

false

- -
Description
-

-

-Control users use of ping and traceroute -

-

- -
- -
-
user_rw_noexattrfile
-
-
Default value
-

false

- -
Description
-

-

-Allow user to r/w files on filesystems -that do not have extended attributes (FAT, CDROM, FLOPPY) -

-

- -
- -
-
user_rw_usb
-
-
Default value
-

false

- -
Description
-

-

-Allow users to rw usb devices -

-

- -
- -
-
user_tcp_server
-
-
Default value
-

false

- -
Description
-

-

-Allow users to run TCP servers (bind to ports and accept connection from -the same domain and outside users) disabling this forces FTP passive mode -and may change other protocols. -

-

- -
- -
-
user_ttyfile_stat
-
-
Default value
-

false

- -
Description
-

-

-Allow w to display everyone -

-

- -
- -
-
write_untrusted_content
-
-
Default value
-

false

- -
Description
-

-

-Allow applications to write untrusted content -If this is disallowed, no Internet content -will be stored. -

-

- -
- -
-
xdm_sysadm_login
-
-
Default value
-

false

- -
Description
-

-

-Allow xdm logins as sysadm -

-

- -
- - -
- - diff --git a/www/api-docs/index.html b/www/api-docs/index.html deleted file mode 100644 index 8732390..0000000 --- a/www/api-docs/index.html +++ /dev/null @@ -1,1505 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: admin

- -

- Policy modules for administrative functions, such as package management. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - acct

Berkeley process accounting

- - alsa

Ainit ALSA configuration tool

- - amanda

Automated backup program.

- - anaconda

Policy for the Anaconda installer.

- - bootloader

Policy for the kernel modules, kernel image, and bootloader.

- - certwatch

Digital Certificate Tracking

- - consoletype

-Determine of the console connected to the controlling terminal. -

- - ddcprobe

ddcprobe retrieves monitor and graphics card information

- - dmesg

Policy for dmesg.

- - dmidecode

Decode DMI data for x86/ia64 bioses.

- - firstboot

-Final system configuration run during the first boot -after installation of Red Hat/Fedora systems. -

- - kudzu

Hardware detection and configuration tools

- - logrotate

Rotate and archive system logs

- - logwatch

System log analyzer and reporter

- - mrtg

Network traffic graphing

- - netutils

Network analysis utilities

- - portage

-Portage Package Management System. The primary package management and -distribution system for Gentoo. -

- - prelink

Prelink ELF shared library mappings.

- - quota

File system quota management

- - readahead

Readahead, read files into page cache for improved performance

- - rpm

Policy for the RPM package manager.

- - su

Run shells with substitute user and group

- - sudo

Execute a command with a substitute user

- - tmpreaper

Manage temporary directory sizes and file ages

- - updfstab

Red Hat utility to change /etc/fstab.

- - usbmodules

List kernel modules of USB devices

- - usermanage

Policy for managing user accounts.

- - vbetool

run real-mode video BIOS code to alter hardware state

- - vpn

Virtual Private Networking client

-



- -

Layer: kernel

- -

-Policy for kernel threads, proc filesystem, -and unlabeled processes and objects. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - corecommands

-Core policy for shells, and generic programs -in /bin, /sbin, /usr/bin, and /usr/sbin. -

- - corenetwork

Policy controlling access to network objects

- - devices

-Device nodes and interfaces for many basic system devices. -

- - domain

Core policy for domains.

- - files

-Basic filesystem types and interfaces. -

- - filesystem

Policy for filesystems.

- - kernel

-Policy for kernel threads, proc filesystem, -and unlabeled processes and objects. -

- - mcs

Multicategory security policy

- - mls

Multilevel security policy

- - selinux

-Policy for kernel security interface, in particular, selinuxfs. -

- - storage

Policy controlling access to storage devices

- - terminal

Policy for terminals.

-



- -

Layer: apps

- -

Policy modules for applications


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - cdrecord

Policy for cdrecord

- - gpg

Policy for GNU Privacy Guard and related programs.

- - irc

IRC client policy

- - java

Java virtual machine

- - loadkeys

Load keyboard mappings.

- - lockdev

device locking policy for lockdev

- - mono

Run .NET server and client applications on Linux.

- - screen

GNU terminal multiplexer

- - slocate

Update database for mlocate

- - tvtime

tvtime - a high quality television application

- - uml

Policy for UML

- - userhelper

SELinux utility to run a shell with a new role

- - usernetctl

User network interface configuration helper

- - webalizer

Web server log analysis

- - wine

Wine Is Not an Emulator. Run Windows programs in Linux.

-



- -

Layer: system

- -

- Policy modules for system functions from init to multi-user login. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - authlogin

Common policy for authentication and user login.

- - clock

Policy for reading and setting the hardware clock.

- - daemontools

Collection of tools for managing UNIX services

- - fstools

Tools for filesystem management, such as mkfs and fsck.

- - getty

Policy for getty.

- - hostname

Policy for changing the system host name.

- - hotplug

-Policy for hotplug system, for supporting the -connection and disconnection of devices at runtime. -

- - init

System initialization programs (init and init scripts).

- - ipsec

TCP/IP encryption

- - iptables

Policy for iptables.

- - libraries

Policy for system libraries.

- - locallogin

Policy for local logins.

- - logging

Policy for the kernel message logger and system logging daemon.

- - lvm

Policy for logical volume management programs.

- - miscfiles

Miscelaneous files.

- - modutils

Policy for kernel module utilities

- - mount

Policy for mount.

- - pcmcia

PCMCIA card management services

- - raid

RAID array management tools

- - selinuxutil

Policy for SELinux policy and userland applications.

- - sysnetwork

Policy for network configuration: ifconfig and dhcp client.

- - udev

Policy for udev.

- - unconfined

The unconfined domain.

- - userdomain

Policy for user domains

-



- -

Layer: services

- -

- Policy modules for system services, like cron, and network services, - like sshd. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - apache

Apache web server

- - apm

Advanced power management daemon

- - arpwatch

Ethernet activity monitor.

- - automount

Filesystem automounter service.

- - avahi

mDNS/DNS-SD daemon implementing Apple ZeroConf architecture

- - bind

Berkeley internet name domain DNS server.

- - bluetooth

Bluetooth tools and system services.

- - canna

Canna - kana-kanji conversion server

- - comsat

Comsat, a biff server.

- - cpucontrol

Services for loading CPU microcode and CPU frequency scaling.

- - cron

Periodic execution of scheduled commands.

- - cups

Common UNIX printing system

- - cvs

Concurrent versions system

- - cyrus

Cyrus is an IMAP service intended to be run on sealed servers

- - dbskk

Dictionary server for the SKK Japanese input method system.

- - dbus

Desktop messaging bus

- - dhcp

Dynamic host configuration protocol (DHCP) server

- - dictd

Dictionary daemon

- - distcc

Distributed compiler daemon

- - djbdns

small and secure DNS daemon

- - dovecot

Dovecot POP and IMAP mail server

- - fetchmail

Remote-mail retrieval and forwarding utility

- - finger

Finger user information service.

- - ftp

File transfer protocol service

- - gpm

General Purpose Mouse driver

- - hal

Hardware abstraction layer

- - howl

Port of Apple Rendezvous multicast DNS

- - i18n_input

IIIMF htt server

- - inetd

Internet services daemon.

- - inn

Internet News NNTP server

- - irqbalance

IRQ balancing daemon

- - kerberos

MIT Kerberos admin and KDC

- - ktalk

KDE Talk daemon

- - ldap

OpenLDAP directory server

- - lpd

Line printer daemon

- - mailman

Mailman is for managing electronic mail discussion and e-newsletter lists

- - mta

Policy common to all email tranfer agents.

- - mysql

Policy for MySQL

- - networkmanager

Manager for dynamically switching between networks.

- - nis

Policy for NIS (YP) servers and clients

- - nscd

Name service cache daemon

- - ntp

Network time protocol daemon

- - openct

Service for handling smart card readers.

- - pegasus

The Open Group Pegasus CIM/WBEM Server.

- - portmap

RPC port mapping service.

- - postfix

Postfix email server

- - postgresql

PostgreSQL relational database

- - ppp

Point to Point Protocol daemon creates links in ppp networks

- - privoxy

Privacy enhancing web proxy.

- - procmail

Procmail mail delivery agent

- - publicfile

publicfile supplies files to the public through HTTP and FTP

- - radius

RADIUS authentication and accounting server.

- - radvd

IPv6 router advertisement daemon

- - rdisc

Network router discovery daemon

- - remotelogin

Policy for rshd, rlogind, and telnetd.

- - rlogin

Remote login daemon

- - roundup

Roundup Issue Tracking System policy

- - rpc

Remote Procedure Call Daemon for managment of network based process communication

- - rshd

Remote shell service.

- - rsync

Fast incremental file transfer for synchronization

- - samba

-SMB and CIFS client/server programs for UNIX and -name Service Switch daemon for resolving names -from Windows NT servers. -

- - sasl

SASL authentication server

- - sendmail

Policy for sendmail.

- - slrnpull

Service for downloading news feeds the slrn newsreader.

- - smartmon

Smart disk monitoring daemon policy

- - snmp

Simple network management protocol services

- - spamassassin

Filter used for removing unsolicited email.

- - squid

Squid caching http proxy server

- - ssh

Secure shell client and server policy.

- - stunnel

SSL Tunneling Proxy

- - sysstat

Policy for sysstat. Reports on various system states

- - tcpd

Policy for TCP daemon.

- - telnet

Telnet daemon

- - tftp

Trivial file transfer protocol daemon

- - timidity

MIDI to WAV converter and player configured as a service

- - ucspitcp

ucspitcp policy

- - uucp

Unix to Unix Copy

- - xfs

X Windows Font Server

- - xserver

X Windows Server

- - zebra

Zebra border gateway protocol network routing service

-



- -

- - diff --git a/www/api-docs/interfaces.html b/www/api-docs/interfaces.html deleted file mode 100644 index 46df10f..0000000 --- a/www/api-docs/interfaces.html +++ /dev/null @@ -1,64399 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
-

Master interface index:

- - -
-Module: -acct

-Layer: -admin

-

- -acct_domtrans( - - - - - domain - - - )
-
- -
-

-Transition to the accounting management domain. -

-
- -
- -
-Module: -acct

-Layer: -admin

-

- -acct_exec( - - - - - domain - - - )
-
- -
-

-Execute accounting management tools in the caller domain. -

-
- -
- -
-Module: -acct

-Layer: -admin

-

- -acct_exec_data( - - - - - domain - - - )
-
- -
-

-Execute accounting management data in the caller domain. -

-
- -
- -
-Module: -acct

-Layer: -admin

-

- -acct_manage_data( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete process accounting data. -

-
- -
- -
-Module: -alsa

-Layer: -admin

-

- -alsa_domtrans( - - - - - domain - - - )
-
- -
-

-Domain transition to alsa -

-
- -
- -
-Module: -alsa

-Layer: -admin

-

- -alsa_rw_semaphores( - - - - - domain - - - )
-
- -
-

-Allow read and write access to alsa semaphores. -

-
- -
- -
-Module: -alsa

-Layer: -admin

-

- -alsa_rw_shared_mem( - - - - - domain - - - )
-
- -
-

-Allow read and write access to alsa shared memory. -

-
- -
- -
-Module: -amanda

-Layer: -admin

-

- -amanda_append_log_files( - - - - - domain - - - )
-
- -
-

-Allow read/writing amanda logs -

-
- -
- -
-Module: -amanda

-Layer: -admin

-

- -amanda_domtrans_recover( - - - - - domain - - - )
-
- -
-

-Execute amrecover in the amanda_recover domain. -

-
- -
- -
-Module: -amanda

-Layer: -admin

-

- -amanda_dontaudit_read_dumpdates( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read /etc/dumpdates. -

-
- -
- -
-Module: -amanda

-Layer: -admin

-

- -amanda_run_recover( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute amrecover in the amanda_recover domain, and -allow the specified role the amanda_recover domain. -

-
- -
- -
-Module: -amanda

-Layer: -admin

-

- -amanda_rw_dumpdates_files( - - - - - domain - - - )
-
- -
-

-Allow read/writing /etc/dumpdates. -

-
- -
- -
-Module: -amanda

-Layer: -admin

-

- -amanda_search_lib( - - - - - domain - - - )
-
- -
-

-Search amanda library directories. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_append_squirrelmail_data( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to append -apache squirrelmail data. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_domtrans( - - - - - domain - - - )
-
- -
-

-Transition to apache. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_domtrans_all_scripts( - - - - - domain - - - )
-
- -
-

-Execute all user scripts in the user -script domain. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_domtrans_helper( - - - - - domain - - - )
-
- -
-

-Execute the Apache helper program with -a domain transition. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_domtrans_sys_script( - - - - - domain - - - )
-
- -
-

-Execute all web scripts in the system -script domain. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_dontaudit_append_log( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to append to the -Apache logs. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_dontaudit_rw_stream_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write Apache -unix domain stream sockets. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_dontaudit_rw_sys_script_stream_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write Apache -system script unix domain stream sockets. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_dontaudit_rw_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write Apache -TCP sockets. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_dontaudit_search_modules( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search Apache -module directories. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_exec_modules( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to execute -apache modules. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_list_modules( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to list -the contents of the apache modules -directory. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_manage_sys_content( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to manage -apache system content files. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_read_config( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read -apache configuration files. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_read_log( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read -apache log files. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_read_squirrelmail_data( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read -apache squirrelmail data. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_read_sys_content( - - - - - domain - - - )
-
- -
-

-Read apache system content -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_run_all_scripts( - - - - - domain - - - - , - - - - role - - - )
-
- -
-

-Execute all user scripts in the user -script domain. Add user script domains -to the specified role. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_run_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute the Apache helper program with -a domain transition, and allow the -specified role the dmidecode domain. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_search_sys_script_state( - - - - - domain - - - )
-
- -
-

-Search system script state directory. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_sigchld( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to apache. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_signull( - - - - - domain - - - )
-
- -
-

-Send a null signal to apache. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use file descriptors from Apache. -

-
- -
- -
-Module: -apm

-Layer: -services

-

- -apm_append_log( - - - - - domain - - - )
-
- -
-

-Append to apm's log file. -

-
- -
- -
-Module: -apm

-Layer: -services

-

- -apm_domtrans_client( - - - - - domain - - - )
-
- -
-

-Execute APM in the apm domain. -

-
- -
- -
-Module: -apm

-Layer: -services

-

- -apm_rw_stream_sockets( - - - - - domain - - - )
-
- -
-

-Read and write to an apm unix stream socket. -

-
- -
- -
-Module: -apm

-Layer: -services

-

- -apm_stream_connect( - - - - - domain - - - )
-
- -
-

-Connect to apmd over an unix stream socket. -

-
- -
- -
-Module: -apm

-Layer: -services

-

- -apm_use_fds( - - - - - domain - - - )
-
- -
-

-Use file descriptors for apmd. -

-
- -
- -
-Module: -apm

-Layer: -services

-

- -apm_write_pipes( - - - - - domain - - - )
-
- -
-

-Write to apmd unnamed pipes. -

-
- -
- -
-Module: -arpwatch

-Layer: -services

-

- -arpwatch_dontaudit_rw_packet_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write -arpwatch packet sockets. -

-
- -
- -
-Module: -arpwatch

-Layer: -services

-

- -arpwatch_manage_data_files( - - - - - domain - - - )
-
- -
-

-Create arpwatch data files. -

-
- -
- -
-Module: -arpwatch

-Layer: -services

-

- -arpwatch_manage_tmp_files( - - - - - domain - - - )
-
- -
-

-Read and write arpwatch temporary files. -

-
- -
- -
-Module: -arpwatch

-Layer: -services

-

- -arpwatch_rw_tmp_files( - - - - - domain - - - )
-
- -
-

-Read and write arpwatch temporary files. -

-
- -
- -
-Module: -arpwatch

-Layer: -services

-

- -arpwatch_search_data( - - - - - domain - - - )
-
- -
-

-Search arpwatch's data file directories. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_append_faillog( - - - - - domain - - - )
-
- -
-

-Append to the login failure log. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_append_lastlog( - - - - - domain - - - )
-
- -
-

-Append only to the last logins log. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_append_login_records( - - - - - domain - - - )
-
- -
-

-Append to login records (wtmp). -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_can_read_shadow_passwords( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_delete_pam_console_data( - - - - - domain - - - )
-
- -
-

-Delete pam_console data. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_delete_pam_pid( - - - - - domain - - - )
-
- -
-

-Delete pam PID files. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_domtrans_chk_passwd( - - - - - domain - - - )
-
- -
-

-Run unix_chkpwd to check a password. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_domtrans_login_program( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a login_program in the target domain. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_domtrans_pam( - - - - - domain - - - )
-
- -
-

-Execute pam programs in the pam domain. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_domtrans_pam_console( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_domtrans_utempter( - - - - - domain - - - )
-
- -
-

-Execute utempter programs in the utempter domain. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_dontaudit_exec_utempter( - - - - - domain - - - )
-
- -
-

-Do not audit attemps to execute utempter executable. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_dontaudit_getattr_shadow( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of the shadow passwords file. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_dontaudit_read_pam_pid( - - - - - domain - - - )
-
- -
-

-Do not audit attemps to read PAM pid files. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_dontaudit_read_shadow( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the shadow -password file (/etc/shadow). -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_dontaudit_write_login_records( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_exec_pam( - - - - - domain - - - )
-
- -
-

-Execute the pam program. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_getattr_shadow( - - - - - domain - - - )
-
- -
-

-Get the attributes of the shadow passwords file. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_list_pam_console_data( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_log_filetrans_login_records( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_login_entry_type( - - - - - domain - - - )
-
- -
-

-Use the login program as an entry point program. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_manage_all_files_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Manage all files on the filesystem, except -the shadow passwords and listed exceptions. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_manage_login_records( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_manage_pam_console_data( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_manage_pam_pid( - - - - - domain - - - )
-
- -
-

-Manage pam PID files. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_manage_shadow( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_manage_var_auth( - - - - - domain - - - )
-
- -
-

-Manage var auth files. Used by various other applications -and pam applets etc. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_all_dirs_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Read all directories on the filesystem, except -the shadow passwords and listed exceptions. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_all_files_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Read all files on the filesystem, except -the shadow passwords and listed exceptions. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_all_symlinks_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Read all symbolic links on the filesystem, except -the shadow passwords and listed exceptions. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_lastlog( - - - - - domain - - - )
-
- -
-

-Read the last logins log. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_login_records( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_pam_console_data( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_pam_pid( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_read_shadow( - - - - - domain - - - )
-
- -
-

-Read the shadow passwords file (/etc/shadow) -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_relabel_all_files_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Relabel all files on the filesystem, except -the shadow passwords and listed exceptions. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_relabel_shadow( - - - - - domain - - - )
-
- -
-

-Relabel from and to the shadow -password file type. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_relabelto_shadow( - - - - - domain - - - )
-
- -
-

-Relabel to the shadow -password file type. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_run_pam( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute pam programs in the PAM domain. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_run_utempter( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute utempter programs in the utempter domain. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_rw_faillog( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_rw_lastlog( - - - - - domain - - - )
-
- -
-

-Read and write to the last logins log. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_rw_login_records( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_rw_shadow( - - - - - domain - - - )
-
- -
-

-Read and write the shadow password file (/etc/shadow). -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_search_pam_console_data( - - - - - domain - - - )
-
- -
-

-Search the contents of the -pam_console data directory. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_setattr_login_records( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_tunable_read_shadow( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to the authlogin module. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_use_nsswitch( - - - - - domain - - - )
-
- -
-

-Use nsswitch to look up uid-username mappings. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_write_login_records( - - - - - domain - - - )
-
- -
-

-Write to login records (wtmp). -

-
- -
- -
-Module: -automount

-Layer: -services

-

- -automount_domtrans( - - - - - domain - - - )
-
- -
-

-Execute automount in the automount domain. -

-
- -
- -
-Module: -automount

-Layer: -services

-

- -automount_dontaudit_getattr_tmp_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of automount temporary directories. -

-
- -
- -
-Module: -automount

-Layer: -services

-

- -automount_exec_config( - - - - - domain - - - )
-
- -
-

-Execute automount in the caller domain. -

-
- -
- -
-Module: -avahi

-Layer: -services

-

- -avahi_dbus_chat( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -avahi over dbus. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_domtrans( - - - - - domain - - - )
-
- -
-

-Execute bind in the named domain. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_domtrans_ndc( - - - - - domain - - - )
-
- -
-

-Execute ndc in the ndc domain. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_manage_cache( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -BIND cache files. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_manage_config_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -BIND configuration directories. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_read_config( - - - - - domain - - - )
-
- -
-

-Read BIND named configuration files. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_read_dnssec_keys( - - - - - domain - - - )
-
- -
-

-Read DNSSEC keys. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_read_zone( - - - - - domain - - - )
-
- -
-

-Read BIND zone files. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_run_ndc( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute ndc in the ndc domain, and -allow the specified role the ndc domain. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_search_cache( - - - - - domain - - - )
-
- -
-

-Search the BIND cache directory. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_setattr_pid_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the attributes -of the BIND pid directory. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_signal( - - - - - domain - - - )
-
- -
-

-Send generic signals to BIND. -

-
- -
- -
-Module: -bind

-Layer: -services

-

- -bind_write_config( - - - - - domain - - - )
-
- -
-

-Write BIND named configuration files. -

-
- -
- -
-Module: -bluetooth

-Layer: -services

-

- -bluetooth_dbus_chat( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -bluetooth over dbus. -

-
- -
- -
-Module: -bluetooth

-Layer: -services

-

- -bluetooth_domtrans_helper( - - - - - domain - - - )
-
- -
-

-Execute bluetooth_helper in the bluetooth_helper domain. -

-
- -
- -
-Module: -bluetooth

-Layer: -services

-

- -bluetooth_dontaudit_read_helper_files( - - - - - domain - - - )
-
- -
-

-Read bluetooth helper files. -

-
- -
- -
-Module: -bluetooth

-Layer: -services

-

- -bluetooth_read_config( - - - - - domain - - - )
-
- -
-

-Read bluetooth daemon configuration. -

-
- -
- -
-Module: -bluetooth

-Layer: -services

-

- -bluetooth_run_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute bluetooth_helper in the bluetooth_helper domain, and -allow the specified role the bluetooth_helper domain. -

-
- -
- -
-Module: -bootloader

-Layer: -admin

-

- -bootloader_create_runtime_file( - - - - - domain - - - )
-
- -
-

-Read and write the bootloader -temporary data in /tmp. -

-
- -
- -
-Module: -bootloader

-Layer: -admin

-

- -bootloader_domtrans( - - - - - domain - - - )
-
- -
-

-Execute bootloader in the bootloader domain. -

-
- -
- -
-Module: -bootloader

-Layer: -admin

-

- -bootloader_read_config( - - - - - domain - - - )
-
- -
-

-Read the bootloader configuration file. -

-
- -
- -
-Module: -bootloader

-Layer: -admin

-

- -bootloader_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute bootloader interactively and do -a domain transition to the bootloader domain. -

-
- -
- -
-Module: -bootloader

-Layer: -admin

-

- -bootloader_rw_config( - - - - - domain - - - )
-
- -
-

-Read and write the bootloader -configuration file. -

-
- -
- -
-Module: -bootloader

-Layer: -admin

-

- -bootloader_rw_tmp_files( - - - - - domain - - - )
-
- -
-

-Read and write the bootloader -temporary data in /tmp. -

-
- -
- -
-Module: -canna

-Layer: -services

-

- -canna_stream_connect( - - - - - domain - - - )
-
- -
-

-Connect to Canna using a unix domain stream socket. -

-
- -
- -
-Module: -certwatch

-Layer: -admin

-

- -certwatach_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute certwatch in the certwatch domain, and -allow the specified role the certwatch domain, -and use the caller's terminal. Has a sigchld -backchannel. -

-
- -
- -
-Module: -certwatch

-Layer: -admin

-

- -certwatch_domtrans( - - - - - domain - - - )
-
- -
-

-Domain transition to certwatch. -

-
- -
- -
-Module: -clock

-Layer: -system

-

- -clock_domtrans( - - - - - domain - - - )
-
- -
-

-Execute hwclock in the clock domain. -

-
- -
- -
-Module: -clock

-Layer: -system

-

- -clock_exec( - - - - - domain - - - )
-
- -
-

-Execute hwclock in the caller domain. -

-
- -
- -
-Module: -clock

-Layer: -system

-

- -clock_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute hwclock in the clock domain, and -allow the specified role the hwclock domain. -

-
- -
- -
-Module: -clock

-Layer: -system

-

- -clock_rw_adjtime( - - - - - domain - - - )
-
- -
-

-Allow executing domain to modify clock drift -

-
- -
- -
-Module: -consoletype

-Layer: -admin

-

- -consoletype_domtrans( - - - - - domain - - - )
-
- -
-

-Execute consoletype in the consoletype domain. -

-
- -
- -
-Module: -consoletype

-Layer: -admin

-

- -consoletype_exec( - - - - - domain - - - )
-
- -
-

-Execute consoletype in the caller domain. -

-
- -
- -
-Module: -consoletype

-Layer: -admin

-

- -consoletype_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute consoletype in the consoletype domain, and -allow the specified role the consoletype domain. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_bin_alias( - - - - - domain - - - )
-
- -
-

-Create a aliased type to generic bin files. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_bin_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a file in a bin directory -in the specified domain. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_bin_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a file in a bin directory -in the specified domain but do not -do it automatically. This is an explicit -transition, requiring the caller to use setexeccon(). -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_check_exec_shell( - - - - - domain - - - )
-
- -
-

-Check if a shell is executable (DAC-wise). -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_dontaudit_getattr_sbin_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_dontaudit_search_sbin( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search -sbin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_exec_bin( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_exec_chroot( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_exec_ls( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_exec_sbin( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_exec_shell( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_getattr_bin_files( - - - - - domain - - - )
-
- -
-

-Get the attributes of files in bin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_getattr_sbin_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_list_bin( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_list_sbin( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_manage_bin_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete bin files. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_manage_sbin_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete sbin files. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_mmap_bin_files( - - - - - domain - - - )
-
- -
-

-Mmap a bin file as executable. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_mmap_sbin_files( - - - - - domain - - - )
-
- -
-

-Mmap a sbin file as executable. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_bin_files( - - - - - domain - - - )
-
- -
-

-Read files in bin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_bin_pipes( - - - - - domain - - - )
-
- -
-

-Read pipes in bin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_bin_sockets( - - - - - domain - - - )
-
- -
-

-Read named sockets in bin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_bin_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links in bin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_sbin_files( - - - - - domain - - - )
-
- -
-

-Read files in sbin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_sbin_pipes( - - - - - domain - - - )
-
- -
-

-Read named pipes in sbin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_sbin_sockets( - - - - - domain - - - )
-
- -
-

-Read named sockets in sbin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_read_sbin_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links in sbin directories. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_relabel_bin_files( - - - - - domain - - - )
-
- -
-

-Relabel to and from the bin type. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_relabel_sbin_files( - - - - - domain - - - )
-
- -
-

-Relabel to and from the sbin type. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_sbin_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a file in a sbin directory -in the specified domain. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_sbin_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a file in a sbin directory -in the specified domain but do not -do it automatically. This is an explicit -transition, requiring the caller to use setexeccon(). -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_search_bin( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_search_sbin( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_shell_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a shell in the specified domain. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_shell_entry_type( - - - - - domain - - - )
-
- -
-

-Make the shell an entrypoint for the specified domain. -

-
- -
- -
-Module: -corecommands

-Layer: -kernel

-

- -corecmd_shell_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a shell in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_dontaudit_tcp_bind_all_ports( - - - - - domain - - - )
-
- -
-

-Do not audit attepts to bind TCP sockets to any ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_dontaudit_tcp_bind_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to bind TCP sockets to all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_dontaudit_tcp_connect_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to connect TCP sockets -all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_dontaudit_udp_bind_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to bind UDP sockets to all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_non_ipsec_sendrecv( - - - - - domain - - - )
-
- -
-

-Send and receive messages on a -non-encrypted (no IPSEC) network -session. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_bind_all_nodes( - - - - - domain - - - )
-
- -
-

-Bind raw sockets to all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_all_if( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_all_nodes( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_generic_if( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_generic_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_link_local_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_lo_if( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_lo_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_multicast_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_site_local_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_receive_unspec_node( - - - - - domain - - - )
-
- -
-

-Receive raw IP packets on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_all_if( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_all_nodes( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_generic_if( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_generic_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_link_local_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_lo_if( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_lo_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_multicast_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_site_local_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_send_unspec_node( - - - - - domain - - - )
-
- -
-

-Send raw IP packets on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_all_if( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_all_nodes( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_generic_if( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_generic_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_link_local_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_lo_if( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_lo_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_multicast_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_site_local_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_raw_sendrecv_unspec_node( - - - - - domain - - - )
-
- -
-

-Send and receive raw IP packets on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_rw_ppp_dev( - - - - - domain - - - )
-
- -
-

-Read and write the point-to-point device. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_rw_tun_tap_dev( - - - - - domain - - - )
-
- -
-

-Read and write the TUN/TAP virtual network device. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_all_nodes( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_all_ports( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_amanda_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_asterisk_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_auth_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_bgp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_clamd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node compat_ipv4. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_comsat_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_cvs_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_dcc_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_dict_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_distccd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_dns_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_fingerd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ftp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_generic_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_generic_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_giftd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_gopher_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_howl_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_hplip_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_http_cache_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_http_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_imaze_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node inaddr_any. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_innd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ipp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ircd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_isakmp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_kerberos_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ldap_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_link_local_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node link_local. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_lo_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node lo. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_mail_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node mapped_ipv4. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_monopd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_multicast_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node multicast. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_mysqld_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_nessus_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_nmbd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ntp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_openvpn_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_pop_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_portmap_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_postgresql_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_postgrey_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_printer_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ptal_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_pxe_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_pyzor_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_radacct_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_radius_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_razor_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_reserved_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_rlogind_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_rndc_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_router_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_rsh_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_rsync_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_site_local_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node site_local. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_smbd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_smtp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_snmp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_soundd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_spamd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_ssh_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_swat_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_syslogd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_telnetd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_tftp_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_transproxy_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_unspec_node( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to node unspec. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_uucpd_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_vnc_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_xserver_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_zebra_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_bind_zope_port( - - - - - domain - - - )
-
- -
-

-Bind TCP sockets to the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_all_ports( - - - - - domain - - - )
-
- -
-

-Connect TCP sockets to all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Connect TCP sockets to reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_amanda_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_asterisk_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_auth_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_bgp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_clamd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_comsat_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_cvs_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_dcc_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_dict_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_distccd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_dns_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_fingerd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ftp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_generic_port( - - - - - domain - - - )
-
- -
-

-Connect TCP sockets to generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_giftd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_gopher_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_howl_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_hplip_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_http_cache_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_http_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_imaze_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_innd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ipp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ircd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_isakmp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_kerberos_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ldap_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_mail_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_monopd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_mysqld_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_nessus_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_nmbd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ntp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_openvpn_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_pop_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_portmap_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_postgresql_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_postgrey_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_printer_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ptal_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_pxe_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_pyzor_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_radacct_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_radius_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_razor_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_reserved_port( - - - - - domain - - - )
-
- -
-

-Connect TCP sockets to generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_rlogind_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_rndc_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_router_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_rsh_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_rsync_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_smbd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_smtp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_snmp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_soundd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_spamd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_ssh_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_swat_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_syslogd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_telnetd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_tftp_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_transproxy_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_uucpd_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_vnc_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_xserver_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_zebra_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_connect_zope_port( - - - - - domain - - - )
-
- -
-

-Make a TCP connection to the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_all_if( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_all_nodes( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_all_ports( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_amanda_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_asterisk_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_auth_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_bgp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_clamd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_comsat_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_cvs_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_dcc_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_dict_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_distccd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_dns_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_fingerd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ftp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_generic_if( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on the generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_generic_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_generic_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_giftd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_gopher_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_howl_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_hplip_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_http_cache_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_http_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_imaze_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_innd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ipp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ircd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_isakmp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_kerberos_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ldap_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_link_local_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_lo_if( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_lo_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_mail_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_monopd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_multicast_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_mysqld_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_nessus_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_nmbd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ntp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_openvpn_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_pop_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_portmap_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_postgresql_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_postgrey_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_printer_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ptal_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_pxe_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_pyzor_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_radacct_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_radius_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_razor_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_reserved_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP network traffic on generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_rlogind_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_rndc_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_router_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_rsh_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_rsync_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_site_local_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_smbd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_smtp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_snmp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_soundd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_spamd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_ssh_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_swat_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_syslogd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_telnetd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_tftp_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_transproxy_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_unspec_node( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_uucpd_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_vnc_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_xserver_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_zebra_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_tcp_sendrecv_zope_port( - - - - - domain - - - )
-
- -
-

-Send and receive TCP traffic on the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_all_nodes( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_all_ports( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_amanda_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_asterisk_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_auth_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_bgp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_clamd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_comsat_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_cvs_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_dcc_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_dict_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_distccd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_dns_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_fingerd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ftp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_generic_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_generic_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_giftd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_gopher_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_howl_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_hplip_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_http_cache_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_http_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_imaze_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_innd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ipp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ircd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_isakmp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_kerberos_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ldap_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_link_local_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_lo_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_mail_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_monopd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_multicast_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_mysqld_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_nessus_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_nmbd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ntp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_openvpn_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_pop_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_portmap_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_postgresql_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_postgrey_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_printer_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ptal_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_pxe_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_pyzor_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_radacct_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_radius_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_razor_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_reserved_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_rlogind_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_rndc_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_router_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_rsh_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_rsync_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_site_local_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_smbd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_smtp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_snmp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_soundd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_spamd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_ssh_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_swat_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_syslogd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_telnetd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_tftp_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_transproxy_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_unspec_node( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_uucpd_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_vnc_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_xserver_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_zebra_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_bind_zope_port( - - - - - domain - - - )
-
- -
-

-Bind UDP sockets to the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_all_if( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_all_nodes( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_all_ports( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_amanda_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_asterisk_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_auth_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_bgp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_clamd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_comsat_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_cvs_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_dcc_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_dict_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_distccd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_dns_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_fingerd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ftp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_generic_if( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_generic_node( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_generic_port( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_giftd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_gopher_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_howl_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_hplip_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_http_cache_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_http_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_imaze_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_innd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ipp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ircd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_isakmp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_kerberos_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ldap_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_link_local_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_lo_if( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_lo_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_mail_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_monopd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_multicast_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_mysqld_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_nessus_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_nmbd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ntp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_openvpn_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_pop_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_portmap_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_postgresql_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_postgrey_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_printer_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ptal_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_pxe_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_pyzor_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_radacct_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_radius_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_razor_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_reserved_port( - - - - - domain - - - )
-
- -
-

-Receive UDP network traffic on generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_rlogind_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_rndc_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_router_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_rsh_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_rsync_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_site_local_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_smbd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_smtp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_snmp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_soundd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_spamd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_ssh_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_swat_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_syslogd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_telnetd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_tftp_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_transproxy_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_unspec_node( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_uucpd_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_vnc_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_xserver_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_zebra_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_receive_zope_port( - - - - - domain - - - )
-
- -
-

-Receive UDP traffic on the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_all_if( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_all_nodes( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_all_ports( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_amanda_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_asterisk_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_auth_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_bgp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_clamd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_comsat_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_cvs_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_dcc_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_dict_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_distccd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_dns_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_fingerd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ftp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_generic_if( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_generic_node( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_generic_port( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_giftd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_gopher_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_howl_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_hplip_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_http_cache_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_http_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_imaze_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_innd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ipp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ircd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_isakmp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_kerberos_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ldap_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_link_local_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_lo_if( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_lo_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_mail_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_monopd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_multicast_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_mysqld_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_nessus_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_nmbd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ntp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_openvpn_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_pop_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_portmap_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_postgresql_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_postgrey_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_printer_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ptal_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_pxe_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_pyzor_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_radacct_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_radius_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_razor_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_reserved_port( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic on generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_rlogind_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_rndc_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_router_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_rsh_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_rsync_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_site_local_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_smbd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_smtp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_snmp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_soundd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_spamd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_ssh_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_swat_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_syslogd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_telnetd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_tftp_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_transproxy_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_unspec_node( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_uucpd_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_vnc_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_xserver_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_zebra_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_send_zope_port( - - - - - domain - - - )
-
- -
-

-Send UDP traffic on the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_afs_bos_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the afs_bos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_afs_fs_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the afs_fs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_afs_ka_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the afs_ka port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_afs_pt_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the afs_pt port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_afs_vl_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the afs_vl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_all_if( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on all interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_all_nodes( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on all nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_all_ports( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on all ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_all_reserved_ports( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on all reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_amanda_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the amanda port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_amavisd_recv_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the amavisd_recv port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_amavisd_send_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the amavisd_send port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_asterisk_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the asterisk port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_auth_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the auth port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_bgp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the bgp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_clamd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the clamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_clockspeed_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the clockspeed port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_compat_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the compat_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_comsat_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the comsat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_cvs_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the cvs port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_dbskkd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the dbskkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_dcc_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the dcc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_dhcpc_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the dhcpc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_dhcpd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the dhcpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_dict_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the dict port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_distccd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the distccd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_dns_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the dns port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_fingerd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the fingerd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ftp_data_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ftp_data port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ftp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_gatekeeper_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the gatekeeper port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_generic_if( - - - - - domain - - - )
-
- -
-

-Send and Receive UDP network traffic on generic interfaces. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_generic_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on generic nodes. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_generic_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on generic ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_giftd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the giftd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_gopher_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the gopher port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_howl_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the howl port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_hplip_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the hplip port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_http_cache_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the http_cache port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_http_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_i18n_input_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the i18n_input port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_imaze_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the imaze port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_inaddr_any_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the inaddr_any node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_inetd_child_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the inetd_child port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_innd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the innd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ipp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ipp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ircd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ircd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_isakmp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the isakmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_jabber_client_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the jabber_client port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_jabber_interserver_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the jabber_interserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_kerberos_admin_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the kerberos_admin port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_kerberos_master_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the kerberos_master port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_kerberos_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the kerberos port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ktalkd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ktalkd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ldap_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ldap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_link_local_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the link_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_lo_if( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on the lo interface. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_lo_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the lo node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_mail_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the mail port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_mapped_ipv4_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the mapped_ipv4 node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_monopd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the monopd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_multicast_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the multicast node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_mysqld_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the mysqld port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_nessus_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the nessus port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_nmbd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the nmbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ntp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ntp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_openvpn_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the openvpn port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_pegasus_http_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the pegasus_http port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_pegasus_https_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the pegasus_https port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_pop_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the pop port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_portmap_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the portmap port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_postgresql_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the postgresql port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_postgrey_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the postgrey port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_printer_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the printer port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ptal_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ptal port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_pxe_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the pxe port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_pyzor_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the pyzor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_radacct_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the radacct port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_radius_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the radius port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_razor_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the razor port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_reserved_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic on generic reserved ports. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_rlogind_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the rlogind port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_rndc_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the rndc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_router_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the router port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_rsh_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the rsh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_rsync_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the rsync port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_site_local_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the site_local node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_smbd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the smbd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_smtp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the smtp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_snmp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the snmp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_soundd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the soundd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_spamd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the spamd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_ssh_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the ssh port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_swat_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the swat port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_syslogd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the syslogd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_telnetd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the telnetd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_tftp_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the tftp port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_transproxy_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the transproxy port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_unspec_node( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the unspec node. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_uucpd_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the uucpd port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_vnc_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the vnc port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_xserver_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the xserver port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_zebra_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the zebra port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_udp_sendrecv_zope_port( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic on the zope port. -

-
- -
- -
-Module: -corenetwork

-Layer: -kernel

-

- -corenet_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to network objects. -

-
- -
- -
-Module: -cpucontrol

-Layer: -services

-

- -cpucontrol_stub( - - - - - domain - - - )
-
- -
-

-CPUcontrol stub interface. No access allowed. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_anacron_domtrans_system_job( - - - - - domain - - - )
-
- -
-

-Execute APM in the apm domain. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_dontaudit_append_system_job_tmp_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to append temporary -files from the system cron jobs. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_dontaudit_write_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write cron daemon unnamed pipes. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_read_pipes( - - - - - domain - - - )
-
- -
-

-Read a cron daemon unnamed pipe. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_read_system_job_tmp_files( - - - - - domain - - - )
-
- -
-

-Read temporary files from the system cron jobs. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_rw_pipes( - - - - - domain - - - )
-
- -
-

-Read and write a cron daemon unnamed pipe. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_rw_system_job_pipes( - - - - - domain - - - )
-
- -
-

-Read and write a system cron job unnamed pipe. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_rw_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Read, and write cron daemon TCP sockets. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_search_spool( - - - - - domain - - - )
-
- -
-

-Search the directory containing user cron tables. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_sigchld( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to the cron daemon. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_system_entry( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Make the specified program domain accessable -from the system cron jobs. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use a file descriptor -from the cron daemon. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_use_system_job_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use a file descriptor -from system cron jobs. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_write_system_job_pipes( - - - - - domain - - - )
-
- -
-

-Write a system cron job unnamed pipe. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_dbus_chat( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -cups over dbus. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_dbus_chat_config( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -cupsd_config over dbus. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_domtrans( - - - - - domain - - - )
-
- -
-

-Execute cups in the cups domain. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_domtrans_config( - - - - - domain - - - )
-
- -
-

-Execute cups_config in the cups_config domain. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_read_config( - - - - - domain - - - )
-
- -
-

-Read cups configuration files. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_read_log( - - - - - domain - - - )
-
- -
-

-Read cups log files. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_read_rw_config( - - - - - domain - - - )
-
- -
-

-Read cups-writable configuration files. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_signal_config( - - - - - domain - - - )
-
- -
-

-Send generic signals to the cups -configuration daemon. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_stream_connect_ptal( - - - - - domain - - - )
-
- -
-

-Connect to ptal over an unix domain stream socket. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_tcp_connect( - - - - - domain - - - )
-
- -
-

-Connect to cups over TCP. -

-
- -
- -
-Module: -cups

-Layer: -services

-

- -cups_write_log( - - - - - domain - - - )
-
- -
-

-Write cups log files. -

-
- -
- -
-Module: -cvs

-Layer: -services

-

- -cvs_read_data( - - - - - domain - - - )
-
- -
-

-Read the CVS data and metadata. -

-
- -
- -
-Module: -cyrus

-Layer: -services

-

- -cyrus_manage_data( - - - - - domain - - - )
-
- -
-

-Allow caller to create, read, write, -and delete cyrus data files. -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_domtrans_multilog( - - - - - domain - - - )
-
- -
-

-Execute in the svc_multilog_t domain. -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_domtrans_run( - - - - - domain - - - )
-
- -
-

-Execute in the svc_run_t domain. -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_domtrans_start( - - - - - domain - - - )
-
- -
-

-Execute in the svc_start_t domain. -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_ipc_domain( - - - - - domain - - - )
-
- -
-

-An ipc channel between the supervised domain and svc_start_t -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_manage_svc( - - - - - domain - - - )
-
- -
-

-Allow a domain to create svc_svc_t files. -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_read_svc( - - - - - domain - - - )
-
- -
-

-Allow a domain to read svc_svc_t files. -

-
- -
- -
-Module: -daemontools

-Layer: -system

-

- -daemontools_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Define a specified domain as a supervised service. -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_connect_system_bus( - - - - - domain - - - )
-
- -
-

-Connect to the the system DBUS -for service (acquire_svc). -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_read_config( - - - - - domain - - - )
-
- -
-

-Read dbus configuration. -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_send_system_bus( - - - - - domain - - - )
-
- -
-

-Send a message on the system DBUS. -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_stub( - - - - - domain - - - )
-
- -
-

-DBUS stub interface. No access allowed. -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_system_bus_unconfined( - - - - - domain - - - )
-
- -
-

-Allow unconfined access to the system DBUS. -

-
- -
- -
-Module: -ddcprobe

-Layer: -admin

-

- -ddcprobe_domtrans( - - - - - domain - - - )
-
- -
-

-Execute ddcprobe in the ddcprobe domain. -

-
- -
- -
-Module: -ddcprobe

-Layer: -admin

-

- -ddcprobe_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute ddcprobe in the ddcprobe domain, and -allow the specified role the ddcprobe domain. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_append_printer( - - - - - domain - - - )
-
- -
-

-Append the printer device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_associate_usbfs( - - - - - file_type - - - )
-
- -
-

-Associate a file to a usbfs filesystem. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_create_cardmgr_dev( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -the PCMCIA card manager device -with the correct type. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_create_generic_chr_files( - - - - - domain - - - )
-
- -
-

-Allow read, write, and create for generic character device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_create_generic_dirs( - - - - - domain - - - )
-
- -
-

-Create a directory in the device directory. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_delete_generic_files( - - - - - domain - - - )
-
- -
-

-Delete generic files in /dev. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_delete_generic_symlinks( - - - - - domain - - - )
-
- -
-

-Delete symbolic links in device directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_delete_lvm_control_dev( - - - - - domain - - - )
-
- -
-

-Delete the lvm control device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_all_blk_files( - - - - - domain - - - )
-
- -
-

-Dontaudit getattr on all block file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_all_chr_files( - - - - - domain - - - )
-
- -
-

-Dontaudit getattr on all character file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_apm_bios_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes of -the apm bios device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_generic_blk_files( - - - - - domain - - - )
-
- -
-

-Dontaudit getattr on generic block devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_generic_chr_files( - - - - - domain - - - )
-
- -
-

-Dontaudit getattr for generic character device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_generic_pipes( - - - - - domain - - - )
-
- -
-

-Dontaudit getattr on generic pipes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_memory_dev( - - - - - domain - - - )
-
- -
-

-dontaudit getattr raw memory devices (e.g. /dev/mem). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_misc_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_scanner_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes of -the scanner device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_usbfs_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of a directory in the usb filesystem. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_getattr_video_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of video4linux device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_list_all_dev_nodes( - - - - - domain - - - )
-
- -
-

-Dontaudit attempts to list all device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_read_all_blk_files( - - - - - domain - - - )
-
- -
-

-Dontaudit read on all block file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_read_all_chr_files( - - - - - domain - - - )
-
- -
-

-Dontaudit read on all character file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_read_framebuffer( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the framebuffer. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_read_rand( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read from random -number generator devices (e.g., /dev/random) -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_rw_cardmgr( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and -write the PCMCIA card manager device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_rw_dri( - - - - - domain - - - )
-
- -
-

-Dontaudit read and write on the dri devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_rw_generic_dev_nodes( - - - - - domain - - - )
-
- -
-

-Dontaudit getattr for generic device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_rw_misc( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_search_sysfs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search sysfs. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_apm_bios_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the attributes of -the apm bios device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_framebuffer_dev( - - - - - domain - - - )
-
- -
-

-Dot not audit attempts to set the attributes -of the framebuffer device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_generic_blk_files( - - - - - domain - - - )
-
- -
-

-Dontaudit setattr on generic block devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_generic_chr_files( - - - - - domain - - - )
-
- -
-

-Dontaudit setattr for generic character device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_generic_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the attributes -of symbolic links in device directories (/dev). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_misc_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the attributes -of miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_scanner_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the attributes of -the scanner device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_dontaudit_setattr_video_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the attributes -of video4linux device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_filetrans( - - - - - domain - - - - , - - - - file - - - - , - - - - objectclass(es) - - - )
-
- -
-

-Create, read, and write device nodes. The node -will be transitioned to the type provided. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_agp_dev( - - - - - domain - - - )
-
- -
-

-Getattr the agp devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_all_blk_files( - - - - - domain - - - )
-
- -
-

-Getattr on all block file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_all_chr_files( - - - - - domain - - - )
-
- -
-

-Getattr on all character file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_apm_bios_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the apm bios device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_cpu_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the CPU -microcode and id interfaces. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_dri_dev( - - - - - domain - - - )
-
- -
-

-getattr the dri devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_framebuffer_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the framebuffer device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_generic_blk_files( - - - - - domain - - - )
-
- -
-

-Allow getattr on generic block devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_generic_chr_files( - - - - - domain - - - )
-
- -
-

-Allow getattr for generic character device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_misc_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_mouse_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the mouse devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_mtrr_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the mtrr device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_power_mgmt_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the the power management device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_scanner_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the scanner device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_sound_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of the sound devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_sysfs_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of sysfs directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_usbfs_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a directory in the usb filesystem. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_video_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of video4linux devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_getattr_xserver_misc_dev( - - - - - domain - - - )
-
- -
-

-Get the attributes of X server miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_list_all_dev_nodes( - - - - - domain - - - )
-
- -
-

-List all of the device nodes in a device directory. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_list_sysfs( - - - - - domain - - - )
-
- -
-

-List the contents of the sysfs directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_list_usbfs( - - - - - domain - - - )
-
- -
-

-Allow caller to get a list of usb hardware. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_all_blk_files( - - - - - domain - - - )
-
- -
-

-Read, write, create, and delete all block device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_all_chr_files( - - - - - domain - - - )
-
- -
-

-Read, write, create, and delete all character device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_all_dev_nodes( - - - - - domain - - - )
-
- -
-

-Create, delete, read, and write device nodes in device directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_cardmgr_dev( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -the PCMCIA card manager device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_dri_dev( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the dri devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_generic_blk_files( - - - - - domain - - - )
-
- -
-

-Create, delete, read, and write block device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_generic_chr_files( - - - - - domain - - - )
-
- -
-

-Create, delete, read, and write character device files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_generic_files( - - - - - domain - - - )
-
- -
-

-Create a file in the device directory. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_manage_generic_symlinks( - - - - - domain - - - )
-
- -
-

-Create, delete, read, and write symbolic links in device directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_mount_usbfs( - - - - - domain - - - )
-
- -
-

-Mount a usbfs filesystem. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_node( - - - - - object_type - - - )
-
- -
-

-Make the passed in type a type appropriate for -use on device nodes (usually files in /dev). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_cpuid( - - - - - domain - - - )
-
- -
-

-Read the CPU identity. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_framebuffer( - - - - - domain - - - )
-
- -
-

-Read the framebuffer. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_input( - - - - - domain - - - )
-
- -
-

-Read input event devices (/dev/input). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_lvm_control( - - - - - domain - - - )
-
- -
-

-Read the lvm comtrol device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_misc( - - - - - domain - - - )
-
- -
-

-Read miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_mouse( - - - - - domain - - - )
-
- -
-

-Read the mouse devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_mtrr( - - - - - domain - - - )
-
- -
-

-Read the mtrr device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_rand( - - - - - domain - - - )
-
- -
-

-Read from random number generator -devices (e.g., /dev/random) -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_raw_memory( - - - - - domain - - - )
-
- -
-

-Read raw memory devices (e.g. /dev/mem). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_realtime_clock( - - - - - domain - - - )
-
- -
-

-Read the realtime clock (/dev/rtc). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_sound( - - - - - domain - - - )
-
- -
-

-Read the sound devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_sound_mixer( - - - - - domain - - - )
-
- -
-

-Read the sound mixer devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_sysfs( - - - - - domain - - - )
-
- -
-

-Allow caller to read hardware state information. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_urand( - - - - - domain - - - )
-
- -
-

-Read from pseudo random devices (e.g., /dev/urandom) -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_read_usbfs( - - - - - domain - - - )
-
- -
-

-Read USB hardware information using -the usbfs filesystem interface. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_relabel_all_dev_nodes( - - - - - domain - - - )
-
- -
-

-Allow full relabeling (to and from) of all device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_relabel_generic_dev_dirs( - - - - - domain - - - )
-
- -
-

-Allow full relabeling (to and from) of directories in /dev. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_relabel_generic_symlinks( - - - - - domain - - - )
-
- -
-

-Relabel symbolic links in device directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_agp( - - - - - domain - - - )
-
- -
-

-Read and write the agp devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_apm_bios( - - - - - domain - - - )
-
- -
-

-Read and write the apm bios. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_cardmgr( - - - - - domain - - - )
-
- -
-

-Read and write the PCMCIA card manager device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_cpu_microcode( - - - - - domain - - - )
-
- -
-

-Read and write the the CPU microcode device. This -is required to load CPU microcode. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_crypto( - - - - - domain - - - )
-
- -
-

-Read and write the the hardware SSL accelerator. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_dri( - - - - - domain - - - )
-
- -
-

-Read and write the dri devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_framebuffer( - - - - - domain - - - )
-
- -
-

-Read and write the framebuffer. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_generic_files( - - - - - domain - - - )
-
- -
-

-Read and write generic files in /dev. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_generic_usb_dev( - - - - - domain - - - )
-
- -
-

-Read and write generic the USB devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_input_dev( - - - - - domain - - - )
-
- -
-

-Read input event devices (/dev/input). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_lvm_control( - - - - - domain - - - )
-
- -
-

-Read and write the lvm control device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_mouse( - - - - - domain - - - )
-
- -
-

-Read and write to mouse devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_mtrr( - - - - - domain - - - )
-
- -
-

-Read and write the mtrr device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_null( - - - - - domain - - - )
-
- -
-

-Read and write to the null device (/dev/null). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_power_management( - - - - - domain - - - )
-
- -
-

-Read and write the the power management device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_printer( - - - - - domain - - - )
-
- -
-

-Read and write the printer device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_realtime_clock( - - - - - domain - - - )
-
- -
-

-Read and set the realtime clock (/dev/rtc). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_scanner( - - - - - domain - - - )
-
- -
-

-Read and write the scanner device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_sysfs( - - - - - domain - - - )
-
- -
-

-Allow caller to modify hardware state information. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_usbfs( - - - - - domain - - - )
-
- -
-

-Allow caller to modify usb hardware configuration files. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_xserver_misc( - - - - - domain - - - )
-
- -
-

-Read and write X server miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rw_zero( - - - - - domain - - - )
-
- -
-

-Read and write to the zero device (/dev/zero). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rwx_zero( - - - - - domain - - - )
-
- -
-

-Read, write, and execute the zero device (/dev/zero). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_rx_raw_memory( - - - - - domain - - - )
-
- -
-

-Read and execute raw memory devices (e.g. /dev/mem). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_search_sysfs( - - - - - domain - - - )
-
- -
-

-Search the sysfs directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_search_usbfs( - - - - - domain - - - )
-
- -
-

-Search the directory containing USB hardware information. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_all_blk_files( - - - - - domain - - - )
-
- -
-

-Setattr on all block file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_all_chr_files( - - - - - domain - - - )
-
- -
-

-Setattr on all character file device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_apm_bios_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the apm bios device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_dri_dev( - - - - - domain - - - )
-
- -
-

-Setattr the dri devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_framebuffer_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the framebuffer device node. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_generic_dirs( - - - - - domain - - - )
-
- -
-

-Set the attributes of /dev directories. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_misc_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_mouse_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the mouse devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_power_mgmt_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the the power management device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_printer_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the printer device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_scanner_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the scanner device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_sound_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of the sound devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_video_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of video4linux device nodes. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_setattr_xserver_misc_dev( - - - - - domain - - - )
-
- -
-

-Set the attributes of X server miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_framebuffer( - - - - - domain - - - )
-
- -
-

-Write the framebuffer. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_misc( - - - - - domain - - - )
-
- -
-

-Write miscellaneous devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_mtrr( - - - - - domain - - - )
-
- -
-

-Write the mtrr device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_rand( - - - - - domain - - - )
-
- -
-

-Write to the random device (e.g., /dev/random). This adds -entropy used to generate the random data read from the -random device. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_raw_memory( - - - - - domain - - - )
-
- -
-

-Write raw memory devices (e.g. /dev/mem). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_realtime_clock( - - - - - domain - - - )
-
- -
-

-Set the realtime clock (/dev/rtc). -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_sound( - - - - - domain - - - )
-
- -
-

-Write the sound devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_sound_mixer( - - - - - domain - - - )
-
- -
-

-Write the sound mixer devices. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_write_urand( - - - - - domain - - - )
-
- -
-

-Write to the pseudo random device (e.g., /dev/urandom). This -sets the random number generator seed. -

-
- -
- -
-Module: -devices

-Layer: -kernel

-

- -dev_wx_raw_memory( - - - - - domain - - - )
-
- -
-

-Write and execute raw memory devices (e.g. /dev/mem). -

-
- -
- -
-Module: -dhcp

-Layer: -services

-

- -dhcpd_setattr_state_files( - - - - - domain - - - )
-
- -
-

-Set the attributes of the DCHP -server state files. -

-
- -
- -
-Module: -dictd

-Layer: -services

-

- -dictd_tcp_connect( - - - - - domain - - - )
-
- -
-

-Use dictionary services by connecting -over TCP. -

-
- -
- -
-Module: -dmesg

-Layer: -admin

-

- -dmesg_domtrans( - - - - - domain - - - )
-
- -
-

-Execute dmesg in the dmesg domain. -

-
- -
- -
-Module: -dmesg

-Layer: -admin

-

- -dmesg_exec( - - - - - domain - - - )
-
- -
-

-Execute dmesg in the caller domain. -

-
- -
- -
-Module: -dmidecode

-Layer: -admin

-

- -dmidecode_domtrans( - - - - - domain - - - )
-
- -
-

-Execute dmidecode in the dmidecode domain. -

-
- -
- -
-Module: -dmidecode

-Layer: -admin

-

- -dmidecode_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute dmidecode in the dmidecode domain, and -allow the specified role the dmidecode domain. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_base_type( - - - - - type - - - )
-
- -
-

-Make the specified type usable as a basic domain. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_cron_exemption_source( - - - - - domain - - - )
-
- -
-

-Make the specified domain the source of -the cron domain exception of the -SELinux role and identity change -constraints. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_cron_exemption_target( - - - - - domain - - - )
-
- -
-

-Make the specified domain the target of -the cron domain exception of the -SELinux role and identity change -constraints. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_dgram_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all domains unix datagram sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_domains( - - - - - domain - - - )
-
- -
-

-Get the attributes of all domains of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_key_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get attribues of -all domains IPSEC key management sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_packet_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get attribues of -all domains packet sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all domains unnamed pipes. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_raw_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get attribues of -all domains raw sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all domains sockets, for all socket types. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_stream_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all domains unix datagram sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all domains TCP sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getattr_all_udp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all domains UDP sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_getsession_all_domains( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -session ID of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_list_all_domains_state( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the process state -directories of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_ptrace_all_domains( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to ptrace all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_ptrace_confined_domains( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to ptrace confined domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_read_all_domains_state( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the process -state (/proc/pid) of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_rw_all_key_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -all domains key sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_rw_all_udp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -all domains UDP sockets. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_search_all_domains_state( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the process -state directory (/proc/pid) of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dontaudit_use_interactive_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_dyntrans_type( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_entry_file( - - - - - domain - - - - , - - - - type - - - )
-
- -
-

-Make the specified type usable as -an entry point for the domain. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_entry_file_spec_domtrans( - - - - - domain - - - )
-
- -
-

-Execute an entry_type in the specified domain. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_exec_all_entry_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_getattr_all_domains( - - - - - domain - - - )
-
- -
-

-Get the attributes of all domains of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_getattr_all_entry_files( - - - - - domain - - - )
-
- -
-

-Get the attributes of entry point -files for all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_getattr_all_sockets( - - - - - domain - - - )
-
- -
-

-Get the attributes of all domains -sockets, for all socket types. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_getattr_confined_domains( - - - - - domain - - - )
-
- -
-

-Get the attributes of all confined domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_getsession_all_domains( - - - - - domain - - - )
-
- -
-

-Get the session ID of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_interactive_fd( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_kill_all_domains( - - - - - domain - - - )
-
- -
-

-Send a kill signal to all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_manage_all_entry_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete all -entrypoint files. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_mmap_all_entry_files( - - - - - domain - - - )
-
- -
-

-Mmap all entry point files as executable. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_obj_id_change_exemption( - - - - - domain - - - )
-
- -
-

-Makes caller an exception to the constraint preventing -changing the user identity in object contexts. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_ptrace_all_domains( - - - - - domain - - - )
-
- -
-

-Ptrace all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_read_all_domains_state( - - - - - domain - - - )
-
- -
-

-Read the process state (/proc/pid) of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_read_all_entry_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_read_confined_domains_state( - - - - - domain - - - )
-
- -
-

-Read the process state (/proc/pid) of all confined domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_relabel_all_entry_files( - - - - - domain - - - )
-
- -
-

-Relabel to and from all entry point -file types. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_role_change_exemption( - - - - - domain - - - )
-
- -
-

-Makes caller an exception to the constraint preventing -changing of role. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_search_all_domains_state( - - - - - domain - - - )
-
- -
-

-Search the process state directory (/proc/pid) of all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_setpriority_all_domains( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_sigchld_all_domains( - - - - - domain - - - )
-
- -
-

-Send a child terminated signal to all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_sigchld_interactive_fds( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to domains whose file -discriptors are widely inheritable. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_signal_all_domains( - - - - - domain - - - )
-
- -
-

-Send general signals to all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_signull_all_domains( - - - - - domain - - - )
-
- -
-

-Send a null signal to all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_sigstop_all_domains( - - - - - domain - - - )
-
- -
-

-Send a stop signal to all domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_subj_id_change_exemption( - - - - - domain - - - )
-
- -
-

-Makes caller an exception to the constraint preventing -changing of user identity. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_system_change_exemption( - - - - - domain - - - )
-
- -
-

-Makes caller and execption to the constraint -preventing changing to the system user -identity and system role. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_type( - - - - - type - - - )
-
- -
-

-Make the specified type usable as a domain. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to domains. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_use_interactive_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_user_exemption_target( - - - - - domain - - - )
-
- -
-

-Make the specified domain the target of -the user domain exception of the -SELinux role and identity change -constraints. -

-
- -
- -
-Module: -dovecot

-Layer: -services

-

- -dovecot_manage_spool( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the dovecot spool files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_associate_tmp( - - - - - file_type - - - )
-
- -
-

-Allow the specified type to associate -to a filesystem with the type of the -temporary directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_boot_filetrans( - - - - - domain - - - - , - - - - private_type - - - - , - - - - object_class - - - )
-
- -
-

-Create a private type object in boot -with an automatic type transition -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_config_file( - - - - - file_type - - - )
-
- -
-

-Make the specified type a -configuration file. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_create_boot_dirs( - - - - - domain - - - )
-
- -
-

-Create directories in /boot -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_create_boot_flag( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_create_kernel_img( - - - - - domain - - - )
-
- -
-

-Install a kernel into the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_create_kernel_symbol_table( - - - - - domain - - - )
-
- -
-

-Install a system.map into the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_all_locks( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_all_pid_dirs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_all_pids( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_etc_files( - - - - - domain - - - )
-
- -
-

-Delete system configuration files in /etc. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_kernel( - - - - - domain - - - )
-
- -
-

-Delete a kernel from /boot. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_kernel_modules( - - - - - domain - - - )
-
- -
-

-Delete kernel module files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_kernel_symbol_table( - - - - - domain - - - )
-
- -
-

-Delete a system.map in the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_delete_root_dir_entry( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_all_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_all_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_all_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all named pipes. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_all_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all named sockets. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_all_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all symbolic links. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_boot_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get attributes -of the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_default_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes of -directories with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_default_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes of -files with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_home_dir( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of the home directories root -(/home). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_non_security_blk_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of non security block devices. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_non_security_chr_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of non security character devices. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_non_security_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of non security files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_non_security_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of non security named pipes. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_non_security_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of non security named sockets. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_non_security_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of non security symbolic links. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_pid_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of the /var/run directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_getattr_tmp_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_ioctl_all_pids( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to ioctl daemon runtime data files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_list_default( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list contents of -directories with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_list_home( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list -home directories root (/home). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_list_non_security( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list all -non-security directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_list_tmp( - - - - - domain - - - )
-
- -
-

-Do not audit listing of the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_read_default_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read files -with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_read_etc_runtime_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read files -in /etc that are dynamically -created on boot, such as mtab. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_read_root_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_rw_root_chr_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_rw_root_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_all_dirs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_boot( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_home( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search -home directories root (/home). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_isid_type_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search directories on new filesystems -that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_locks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the -locks directory (/var/lock). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_pids( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search -the /var/run directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_spool( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search generic -spool directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_src( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_search_var( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search -the contents of /var. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_write_all_pids( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write to daemon runtime data files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_dontaudit_write_var_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write to /var. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_etc_filetrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_exec_etc_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_exec_usr_files( - - - - - domain - - - )
-
- -
-

-Execute generic programs in /usr in the caller domain. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_exec_usr_src_files( - - - - - domain - - - )
-
- -
-

-Execute programs in /usr/src in the caller domain. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_all_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of all directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_all_files( - - - - - domain - - - )
-
- -
-

-Get the attributes of all files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_all_pipes( - - - - - domain - - - )
-
- -
-

-Get the attributes of all named pipes. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_all_sockets( - - - - - domain - - - )
-
- -
-

-Get the attributes of all named sockets. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_all_symlinks( - - - - - domain - - - )
-
- -
-

-Get the attributes of all symbolic links. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_boot_dirs( - - - - - domain - - - )
-
- -
-

-Get attributes of the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_default_dirs( - - - - - domain - - - )
-
- -
-

-Getattr of directories with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_generic_locks( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_home_dir( - - - - - domain - - - )
-
- -
-

-Get the attributes of the home directories root -(/home). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_isid_type_dirs( - - - - - domain - - - )
-
- -
-

-Getattr of directories on new filesystems -that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_kernel_modules( - - - - - domain - - - )
-
- -
-

-Get the attributes of kernel module files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_tmp_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_usr_files( - - - - - domain - - - )
-
- -
-

-Get the attributes of files in /usr. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_getattr_var_lib_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of the /var/lib directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_home_filetrans( - - - - - domain - - - - , - - - - home_type - - - - , - - - - object - - - )
-
- -
-

-Create objects in /home. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_kernel_modules_filetrans( - - - - - domain - - - - , - - - - private_type - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in the kernel module directories -with a private type via an automatic type transition. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_all( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_default( - - - - - domain - - - )
-
- -
-

-List contents of directories with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_etc( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_home( - - - - - domain - - - )
-
- -
-

-Get listing of home directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_isid_type_dirs( - - - - - domain - - - )
-
- -
-

-List the contents of directories on new filesystems -that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_kernel_modules( - - - - - domain - - - )
-
- -
-

-List the contents of the kernel module directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_mnt( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_non_security( - - - - - domain - - - )
-
- -
-

-List all non-security directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_pids( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_root( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_tmp( - - - - - domain - - - )
-
- -
-

-Read the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_usr( - - - - - domain - - - )
-
- -
-

-List the contents of generic -directories in /usr. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_var( - - - - - domain - - - )
-
- -
-

-List the contents of /var. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_var_lib( - - - - - domain - - - )
-
- -
-

-List the contents of the /var/lib directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_list_world_readable( - - - - - domain - - - )
-
- -
-

-List world-readable directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_lock_file( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_lock_filetrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_all_files( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Manage all files on the filesystem, except -the listed exceptions. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_boot_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files -in the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_boot_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic links -in the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_etc_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_etc_runtime_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files in -/etc that are dynamically created on boot, -such as mtab. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_generic_locks( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_generic_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_generic_spool_dirs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_isid_type_blk_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete block device nodes -on new filesystems that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_isid_type_chr_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete character device nodes -on new filesystems that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_isid_type_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete directories -on new filesystems that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_isid_type_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files -on new filesystems that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_isid_type_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic links -on new filesystems that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_kernel_modules( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -kernel module files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_lost_found( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete objects in -lost+found directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_mnt_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete directories in /mnt. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_mnt_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files in /mnt. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_mnt_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic links in /mnt. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_mounttab( - - - - - domain - - - )
-
- -
-

-Allow domain to manage mount tables -necessary for rpcd, nfsd, etc. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_urandom_seed( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_var_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete directories -in the /var directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_var_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files in the /var directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_manage_var_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic -links in the /var directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mount_all_file_type_fs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mounton_all_mountpoints( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mounton_all_poly_members( - - - - - domain - - - )
-
- -
-

-Mount filesystems on all polyinstantiation -member directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mounton_default( - - - - - domain - - - )
-
- -
-

-Mount a filesystem on a directory with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mounton_isid_type_dirs( - - - - - domain - - - )
-
- -
-

-Mount a filesystem on a directory on new filesystems -that has not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mounton_mnt( - - - - - domain - - - )
-
- -
-

-Mount a filesystem on /mnt. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_mountpoint( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_pid_file( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_pid_filetrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_poly( - - - - - file_type - - - )
-
- -
-

-Make the specified type a -polyinstantiated directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_poly_member( - - - - - file_type - - - )
-
- -
-

-Make the specified type a -polyinstantiation member directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_poly_member_tmp( - - - - - domain - - - - , - - - - file_type - - - )
-
- -
-

-Make the domain use the specified -type of polyinstantiated directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_poly_parent( - - - - - file_type - - - )
-
- -
-

-Make the specified type a parent -of a polyinstantiated directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_polyinstantiate_all( - - - - - domain - - - )
-
- -
-

-Allow access to manage all polyinstantiated -directories on the system. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_purge_tmp( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_blk_files( - - - - - domain - - - )
-
- -
-

-Read all block nodes with file types. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_chr_files( - - - - - domain - - - )
-
- -
-

-Read all character nodes with file types. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_dirs_except( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Read all directories on the filesystem, except -the listed exceptions. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_files( - - - - - domain - - - )
-
- -
-

-Read all files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_files_except( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Read all files on the filesystem, except -the listed exceptions. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_locks( - - - - - domain - - - )
-
- -
-

-Read all lock files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_pids( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_symlinks( - - - - - domain - - - )
-
- -
-

-Read all symbolic links. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_all_symlinks_except( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Read all symbolic links on the filesystem, except -the listed exceptions. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_default_files( - - - - - domain - - - )
-
- -
-

-Read files with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_default_pipes( - - - - - domain - - - )
-
- -
-

-Read named pipes with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_default_sockets( - - - - - domain - - - )
-
- -
-

-Read sockets with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_default_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_etc_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_etc_runtime_files( - - - - - domain - - - )
-
- -
-

-Read files in /etc that are dynamically -created on boot, such as mtab. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_generic_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_generic_tmp_files( - - - - - domain - - - )
-
- -
-

-Read files in the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_generic_tmp_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links in the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_isid_type_files( - - - - - domain - - - )
-
- -
-

-Read files on new filesystems -that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_kernel_modules( - - - - - domain - - - )
-
- -
-

-Read kernel module files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_kernel_symbol_table( - - - - - domain - - - )
-
- -
-

-Read system.map in the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_non_security_files( - - - - - domain - - - )
-
- -
-

-Read all non-security files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_usr_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_usr_src_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_usr_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links in /usr. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_var_files( - - - - - domain - - - )
-
- -
-

-Read files in the /var directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_var_lib_files( - - - - - domain - - - )
-
- -
-

-Read generic files in /var/lib. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_var_lib_symlinks( - - - - - domain - - - )
-
- -
-

-Read generic symbolic links in /var/lib -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_var_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links in the /var directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_world_readable_files( - - - - - domain - - - )
-
- -
-

-Read world-readable files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_world_readable_pipes( - - - - - domain - - - )
-
- -
-

-Read world-readable named pipes. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_world_readable_sockets( - - - - - domain - - - )
-
- -
-

-Read world-readable sockets. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_read_world_readable_symlinks( - - - - - domain - - - )
-
- -
-

-Read world-readable symbolic links. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_relabel_all_files( - - - - - domain - - - - , - - - - exception_types - - - )
-
- -
-

-Relabel all files on the filesystem, except -the listed exceptions. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_relabel_etc_files( - - - - - domain - - - )
-
- -
-

-Relabel from and to generic files in /etc. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_relabel_kernel_modules( - - - - - domain - - - )
-
- -
-

-Relabel from and to kernel module files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_relabelfrom_boot_files( - - - - - domain - - - )
-
- -
-

-Relabel from files in the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_relabelto_all_file_type_fs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_relabelto_usr_files( - - - - - domain - - - )
-
- -
-

-Relabel a file to the type used in /usr. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_root_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object - - - )
-
- -
-

-Create an object in the root directory, with a private -type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_boot_symlinks( - - - - - domain - - - )
-
- -
-

-Read and write symbolic links -in the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_etc_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_etc_runtime_files( - - - - - domain - - - )
-
- -
-

-Read and write files in /etc that are dynamically -created on boot, such as mtab. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_generic_pids( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_generic_tmp_sockets( - - - - - domain - - - )
-
- -
-

-Read and write generic named sockets in the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_isid_type_blk_files( - - - - - domain - - - )
-
- -
-

-Read and write block device nodes on new filesystems -that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_isid_type_dirs( - - - - - domain - - - )
-
- -
-

-Read and write directories on new filesystems -that have not yet been labeled. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_rw_lock_dirs( - - - - - domain - - - )
-
- -
-

-Add and remove entries in the /var/lock -directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_all( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_boot( - - - - - domain - - - )
-
- -
-

-Search the /boot directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_default( - - - - - domain - - - )
-
- -
-

-Search the contents of directories with the default file type. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_etc( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_home( - - - - - domain - - - )
-
- -
-

-Search home directories root (/home). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_kernel_modules( - - - - - domain - - - )
-
- -
-

-Search the contents of the kernel module directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_locks( - - - - - domain - - - )
-
- -
-

-Search the locks directory (/var/lock). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_mnt( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_pids( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_tmp( - - - - - domain - - - )
-
- -
-

-Search the tmp directory (/tmp). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_usr( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_var( - - - - - domain - - - )
-
- -
-

-Search the contents of /var. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_search_var_lib( - - - - - domain - - - )
-
- -
-

-Search the /var/lib directory. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_security_file( - - - - - file_type - - - )
-
- -
-

-Make the specified type a file that -should not be dontaudited from -browsing from user domains. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_setattr_all_tmp_dirs( - - - - - domain - - - )
-
- -
-

-Set the attributes of all tmp directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_setattr_etc_dirs( - - - - - domain - - - )
-
- -
-

-Set the attributes of the /etc directories. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_tmp_file( - - - - - file_type - - - )
-
- -
-

-Make the specified type a file -used for temporary files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_tmp_filetrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_tmpfs_file( - - - - - type - - - )
-
- -
-

-Transform the type into a file, for use on a -virtual memory filesystem (tmpfs). -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_type( - - - - - type - - - )
-
- -
-

-Make the specified type usable for files -in a filesystem. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_unmount_all_file_type_fs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_unmount_rootfs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_usr_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in the /usr directory -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_var_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in the /var directory -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_var_lib_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in the /var/lib directory -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_write_kernel_modules( - - - - - domain - - - )
-
- -
-

-Write kernel module files. -

-
- -
- -
-Module: -files

-Layer: -kernel

-

- -files_write_non_security_dirs( - - - - - domain - - - )
-
- -
-

-Allow attempts to modify any directory -

-
- -
- -
-Module: -finger

-Layer: -services

-

- -finger_domtrans( - - - - - domain - - - )
-
- -
-

-Execute fingerd in the fingerd domain. -

-
- -
- -
-Module: -finger

-Layer: -services

-

- -finger_tcp_connect( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to connect to fingerd with a tcp socket. -

-
- -
- -
-Module: -firstboot

-Layer: -admin

-

- -firstboot_domtrans( - - - - - domain - - - )
-
- -
-

-Execute firstboot in the firstboot domain. -

-
- -
- -
-Module: -firstboot

-Layer: -admin

-

- -firstboot_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit a -file descriptor from firstboot. -

-
- -
- -
-Module: -firstboot

-Layer: -admin

-

- -firstboot_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute firstboot in the firstboot domain, and -allow the specified role the firstboot domain. -

-
- -
- -
-Module: -firstboot

-Layer: -admin

-

- -firstboot_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use a file descriptor from firstboot. -

-
- -
- -
-Module: -firstboot

-Layer: -admin

-

- -firstboot_write_pipes( - - - - - domain - - - )
-
- -
-

-Write to a firstboot unnamed pipe. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_associate( - - - - - file_type - - - )
-
- -
-

-Associate the specified file type to persistent -filesystems with extended attributes. This -allows a file of this type to be created on -a filesystem such as ext3, JFS, and XFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_associate_noxattr( - - - - - file_type - - - )
-
- -
-

-Associate the specified file type to -filesystems which lack extended attributes -support. This allows a file of this type -to be created on a filesystem such as -FAT32, and NFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_associate_tmpfs( - - - - - type - - - )
-
- -
-

-Allow the type to associate to tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_cifs_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a file on a CIFS or SMB filesystem -in the specified domain. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_donaudit_read_removable_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read removable storage files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_getattr_all_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all files with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_getattr_all_fs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -all filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_getattr_all_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all named pipes with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_getattr_all_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all named sockets with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_getattr_all_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all symbolic links with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_getattr_xattr_fs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to -get the attributes of a persistent -filesystem which has extended -attributes, such as ext3, JFS, or XFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_list_auto_mountpoints( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list directories of automatically -mounted filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_list_cifs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list the contents -of directories on a CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_list_nfs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list the contents -of directories on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_list_removable( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list removable storage directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_list_tmpfs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list the -contents of generic tmpfs directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_manage_cifs_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to create, read, -write, and delete directories -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_manage_cifs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to create, read, -write, and delete files -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_manage_nfs_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to create, read, -write, and delete directories -on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_manage_nfs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to create, -read, write, and delete files -on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_read_cifs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read -files on a CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_read_nfs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read -files on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_read_ramfs_files( - - - - - domain - - - )
-
- -
-

-Dontaudit read on a ramfs files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_read_ramfs_pipes( - - - - - domain - - - )
-
- -
-

-Dontaudit read on a ramfs fifo_files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_rw_cifs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or -write files on a CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_rw_nfs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or -write files on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_rw_tmpfs_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -generic tmpfs files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_search_ramfs( - - - - - domain - - - )
-
- -
-

-Dontaudit Search directories on a ramfs -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_dontaudit_use_tmpfs_chr_dev( - - - - - domain - - - )
-
- -
-

-dontaudit Read and write character nodes on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_exec_cifs_files( - - - - - domain - - - )
-
- -
-

-Execute files on a CIFS or SMB -network filesystem, in the caller -domain. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_exec_nfs_files( - - - - - domain - - - )
-
- -
-

-Execute files on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_exec_noxattr( - - - - - domain - - - )
-
- -
-

-Execute files on a filesystem that does -not support extended attributes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_get_all_fs_quotas( - - - - - domain - - - )
-
- -
-

-Get the quotas of all filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_get_xattr_fs_quotas( - - - - - domain - - - )
-
- -
-

-Get the filesystem quotas of a filesystem -with extended attributes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_all_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of all directories -with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_all_files( - - - - - domain - - - )
-
- -
-

-Get the attributes of all files with -a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_all_fs( - - - - - domain - - - )
-
- -
-

-Get the attributes of all persistent -filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_all_pipes( - - - - - domain - - - )
-
- -
-

-Get the attributes of all named pipes with -a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_all_sockets( - - - - - domain - - - )
-
- -
-

-Get the attributes of all named sockets with -a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_all_symlinks( - - - - - domain - - - )
-
- -
-

-Get the attributes of all symbolic links with -a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_autofs( - - - - - domain - - - )
-
- -
-

-Get the attributes of an automount -pseudo filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_cifs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a CIFS or -SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_dos_fs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a DOS -filesystem, such as FAT32 or NTFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_iso9660_fs( - - - - - domain - - - )
-
- -
-

-Get the attributes of an iso9660 -filesystem, which is usually used on CDs. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_nfs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_nfsd_fs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a NFS server -pseudo filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_ramfs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a RAM filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_romfs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a ROM -filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_rpc_dirs( - - - - - domain - - - )
-
- -
-

-Read directories of RPC file system pipes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_rpc_pipefs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a RPC pipe -filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_tmpfs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a tmpfs -filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_tmpfs_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of tmpfs directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_getattr_xattr_fs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a persistent -filesystem which has extended -attributes, such as ext3, JFS, or XFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_all( - - - - - domain - - - )
-
- -
-

-List all directories with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_auto_mountpoints( - - - - - domain - - - )
-
- -
-

-Read directories of automatically -mounted filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_cifs( - - - - - domain - - - )
-
- -
-

-List the contents of directories on a -CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_inotifyfs( - - - - - domain - - - )
-
- -
-

-List inotifyfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_nfs( - - - - - domain - - - )
-
- -
-

-List NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_noxattr_fs( - - - - - domain - - - )
-
- -
-

-Read all noxattrfs directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_rpc( - - - - - domain - - - )
-
- -
-

-Read directories of RPC file system pipes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_list_tmpfs( - - - - - domain - - - )
-
- -
-

-List the contents of generic tmpfs directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_auto_mountpoints( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -auto moutpoints. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_cifs_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete directories -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_cifs_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_cifs_named_pipes( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named pipes -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_cifs_named_sockets( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named sockets -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_cifs_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic links -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_nfs_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete directories -on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_nfs_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files -on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_nfs_named_pipes( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named pipes -on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_nfs_named_sockets( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named sockets -on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_nfs_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic links -on a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_tmpfs_blk_files( - - - - - domain - - - )
-
- -
-

-Read and write, create and delete block nodes -on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_tmpfs_chr_files( - - - - - domain - - - )
-
- -
-

-Read and write, create and delete character -nodes on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_tmpfs_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -tmpfs directories -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_tmpfs_files( - - - - - domain - - - )
-
- -
-

-Read and write, create and delete generic -files on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_tmpfs_sockets( - - - - - domain - - - )
-
- -
-

-Read and write, create and delete socket -files on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_manage_tmpfs_symlinks( - - - - - domain - - - )
-
- -
-

-Read and write, create and delete symbolic -links on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_all_fs( - - - - - domain - - - )
-
- -
-

-Mount all filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_autofs( - - - - - domain - - - )
-
- -
-

-Mount an automount pseudo filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_cifs( - - - - - domain - - - )
-
- -
-

-Mount a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_dos_fs( - - - - - domain - - - )
-
- -
-

-Mount a DOS filesystem, such as -FAT32 or NTFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_iso9660_fs( - - - - - domain - - - )
-
- -
-

-Mount an iso9660 filesystem, which -is usually used on CDs. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_nfs( - - - - - domain - - - )
-
- -
-

-Mount a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_nfsd_fs( - - - - - domain - - - )
-
- -
-

-Mount a NFS server pseudo filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_ramfs( - - - - - domain - - - )
-
- -
-

-Mount a RAM filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_romfs( - - - - - domain - - - )
-
- -
-

-Mount a ROM filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_rpc_pipefs( - - - - - domain - - - )
-
- -
-

-Mount a RPC pipe filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_tmpfs( - - - - - domain - - - )
-
- -
-

-Mount a tmpfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_mount_xattr_fs( - - - - - domain - - - )
-
- -
-

-Mount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_nfs_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a file on a NFS filesystem -in the specified domain. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_noxattr_type( - - - - - domain - - - )
-
- -
-

-Transform specified type into a filesystem -type which does not have extended attribute -support. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_cifs_files( - - - - - domain - - - )
-
- -
-

-Read files on a CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_cifs_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links on a CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_eventpollfs( - - - - - domain - - - )
-
- -
-

-Read eventpollfs files -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_nfs_files( - - - - - domain - - - )
-
- -
-

-Read files on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_nfs_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_noxattr_fs_files( - - - - - domain - - - )
-
- -
-

-Read all noxattrfs files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_noxattr_fs_symlinks( - - - - - domain - - - )
-
- -
-

-Read all noxattrfs symbolic links. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_removable_files( - - - - - domain - - - )
-
- -
-

-Read removable storage files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_removable_symlinks( - - - - - domain - - - )
-
- -
-

-Read removable storage symbolic links. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_rpc_files( - - - - - domain - - - )
-
- -
-

-Read files of RPC file system pipes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_rpc_sockets( - - - - - domain - - - )
-
- -
-

-Read sockets of RPC file system pipes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_rpc_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links of RPC file system pipes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_read_tmpfs_symlinks( - - - - - domain - - - )
-
- -
-

-Read tmpfs link files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_register_binary_executable_type( - - - - - domain - - - )
-
- -
-

-Register an interpreter for new binary -file types, using the kernel binfmt_misc -support. A common use for this is to -register a JVM as an interpreter for -Java byte code. Registered binaries -can be directly executed on a command line -without specifying the interpreter. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_relabel_tmpfs_blk_file( - - - - - domain - - - )
-
- -
-

-Relabel block nodes on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_relabel_tmpfs_chr_file( - - - - - domain - - - )
-
- -
-

-Relabel character nodes on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_relabelfrom_all_fs( - - - - - domain - - - )
-
- -
-

-Relabelfrom all filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_relabelfrom_dos_fs( - - - - - domain - - - )
-
- -
-

-Allow changing of the label of a -DOS filesystem using the context= mount option. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_relabelfrom_xattr_fs( - - - - - domain - - - )
-
- -
-

-Allow changing of the label of a -filesystem with extended attributes -using the context= mount option. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_all_fs( - - - - - domain - - - )
-
- -
-

-Remount all filesystems. This -allows some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_autofs( - - - - - domain - - - )
-
- -
-

-Remount an automount pseudo filesystem -This allows some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_cifs( - - - - - domain - - - )
-
- -
-

-Remount a CIFS or SMB network filesystem. -This allows some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_dos_fs( - - - - - domain - - - )
-
- -
-

-Remount a DOS filesystem, such as -FAT32 or NTFS. This allows -some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_iso9660_fs( - - - - - domain - - - )
-
- -
-

-Remount an iso9660 filesystem, which -is usually used on CDs. This allows -some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_nfs( - - - - - domain - - - )
-
- -
-

-Remount a NFS filesystem. This allows -some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_nfsd_fs( - - - - - domain - - - )
-
- -
-

-Mount a NFS server pseudo filesystem. -This allows some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_ramfs( - - - - - domain - - - )
-
- -
-

-Remount a RAM filesystem. This allows -some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_romfs( - - - - - domain - - - )
-
- -
-

-Remount a ROM filesystem. This allows -some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_rpc_pipefs( - - - - - domain - - - )
-
- -
-

-Remount a RPC pipe filesystem. This -allows some mount option to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_tmpfs( - - - - - domain - - - )
-
- -
-

-Remount a tmpfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_remount_xattr_fs( - - - - - domain - - - )
-
- -
-

-Remount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. This allows -some mount options to be changed. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_rw_nfsd_fs( - - - - - domain - - - )
-
- -
-

-Read and write NFS server files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_rw_ramfs_pipes( - - - - - domain - - - )
-
- -
-

-Read and write a named pipe on a ramfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_rw_tmpfs_blk_files( - - - - - domain - - - )
-
- -
-

-Read and write block nodes on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_rw_tmpfs_chr_files( - - - - - domain - - - )
-
- -
-

-Read and write character nodes on tmpfs filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_rw_tmpfs_files( - - - - - domain - - - )
-
- -
-

-Read and write generic tmpfs files. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_all( - - - - - domain - - - )
-
- -
-

-Search all directories with a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_auto_mountpoints( - - - - - domain - - - )
-
- -
-

-Search automount filesystem to use automatically -mounted filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_cifs( - - - - - domain - - - )
-
- -
-

-Search directories on a CIFS or SMB filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_inotifyfs( - - - - - domain - - - )
-
- -
-

-Search inotifyfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_nfs( - - - - - domain - - - )
-
- -
-

-Search directories on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_nfsd_fs( - - - - - domain - - - )
-
- -
-

-Search NFS server directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_ramfs( - - - - - domain - - - )
-
- -
-

-Search directories on a ramfs -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_removable( - - - - - domain - - - )
-
- -
-

-Search removable storage directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_rpc( - - - - - domain - - - )
-
- -
-

-Search directories of RPC file system pipes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_search_tmpfs( - - - - - domain - - - )
-
- -
-

-Search tmpfs directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_set_all_quotas( - - - - - domain - - - )
-
- -
-

-Set the quotas of all filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_set_xattr_fs_quotas( - - - - - domain - - - )
-
- -
-

-Set the filesystem quotas of a filesystem -with extended attributes. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_setattr_tmpfs_dirs( - - - - - domain - - - )
-
- -
-

-Set the attributes of tmpfs directories. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_tmpfs_filetrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_type( - - - - - domain - - - )
-
- -
-

-Transform specified type into a filesystem type. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to filesystems -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_all_fs( - - - - - domain - - - )
-
- -
-

-Unmount all filesystems. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_autofs( - - - - - domain - - - )
-
- -
-

-Unmount an automount pseudo filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_cifs( - - - - - domain - - - )
-
- -
-

-Unmount a CIFS or SMB network filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_dos_fs( - - - - - domain - - - )
-
- -
-

-Unmount a DOS filesystem, such as -FAT32 or NTFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_iso9660_fs( - - - - - domain - - - )
-
- -
-

-Unmount an iso9660 filesystem, which -is usually used on CDs. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_nfs( - - - - - domain - - - )
-
- -
-

-Unmount a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_nfsd_fs( - - - - - domain - - - )
-
- -
-

-Unmount a NFS server pseudo filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_ramfs( - - - - - domain - - - )
-
- -
-

-Unmount a RAM filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_romfs( - - - - - domain - - - )
-
- -
-

-Unmount a ROM filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_rpc_pipefs( - - - - - domain - - - )
-
- -
-

-Unmount a RPC pipe filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_tmpfs( - - - - - domain - - - )
-
- -
-

-Unmount a tmpfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_unmount_xattr_fs( - - - - - domain - - - )
-
- -
-

-Unmount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_write_nfs_files( - - - - - domain - - - )
-
- -
-

-Read files on a NFS filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_write_ramfs_pipes( - - - - - domain - - - )
-
- -
-

-Write to named pipe on a ramfs filesystem. -

-
- -
- -
-Module: -filesystem

-Layer: -kernel

-

- -fs_write_ramfs_sockets( - - - - - domain - - - )
-
- -
-

-Write to named socket on a ramfs filesystem. -

-
- -
- -
-Module: -fstools

-Layer: -system

-

- -fstools_domtrans( - - - - - domain - - - )
-
- -
-

-Execute fs tools in the fstools domain. -

-
- -
- -
-Module: -fstools

-Layer: -system

-

- -fstools_exec( - - - - - domain - - - )
-
- -
-

-Execute fsadm in the caller domain. -

-
- -
- -
-Module: -fstools

-Layer: -system

-

- -fstools_manage_entry_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete a file used by the -filesystem tools programs. -

-
- -
- -
-Module: -fstools

-Layer: -system

-

- -fstools_relabelto_entry_files( - - - - - domain - - - )
-
- -
-

-Relabel a file to the type used by the -filesystem tools programs. -

-
- -
- -
-Module: -fstools

-Layer: -system

-

- -fstools_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute fs tools in the fstools domain, and -allow the specified role the fs tools domain. -

-
- -
- -
-Module: -ftp

-Layer: -services

-

- -ftp_check_exec( - - - - - domain - - - )
-
- -
-

-Execute FTP daemon entry point programs. -

-
- -
- -
-Module: -ftp

-Layer: -services

-

- -ftp_read_config( - - - - - domain - - - )
-
- -
-

-Read ftpd etc files -

-
- -
- -
-Module: -ftp

-Layer: -services

-

- -ftp_read_log( - - - - - domain - - - )
-
- -
-

-Read FTP transfer logs -

-
- -
- -
-Module: -ftp

-Layer: -services

-

- -ftp_tcp_connect( - - - - - domain - - - )
-
- -
-

-Use ftp by connecting over TCP. -

-
- -
- -
-Module: -getty

-Layer: -system

-

- -getty_domtrans( - - - - - domain - - - )
-
- -
-

-Execute gettys in the getty domain. -

-
- -
- -
-Module: -getty

-Layer: -system

-

- -getty_read_config( - - - - - domain - - - )
-
- -
-

-Allow process to read getty config file. -

-
- -
- -
-Module: -getty

-Layer: -system

-

- -getty_read_log( - - - - - domain - - - )
-
- -
-

-Allow process to read getty log file. -

-
- -
- -
-Module: -getty

-Layer: -system

-

- -getty_rw_config( - - - - - domain - - - )
-
- -
-

-Allow process to edit getty config file. -

-
- -
- -
-Module: -getty

-Layer: -system

-

- -getty_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use getty file descriptors. -

-
- -
- -
-Module: -gpm

-Layer: -services

-

- -gpm_dontaudit_getattr_gpmctl( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of the GPM control channel -named socket. -

-
- -
- -
-Module: -gpm

-Layer: -services

-

- -gpm_getattr_gpmctl( - - - - - domain - - - )
-
- -
-

-Get the attributes of the GPM -control channel named socket. -

-
- -
- -
-Module: -gpm

-Layer: -services

-

- -gpm_setattr_gpmctl( - - - - - domain - - - )
-
- -
-

-Set the attributes of the GPM -control channel named socket. -

-
- -
- -
-Module: -gpm

-Layer: -services

-

- -gpm_stream_connect( - - - - - domain - - - )
-
- -
-

-Connect to GPM over a unix domain -stream socket. -

-
- -
- -
-Module: -hal

-Layer: -services

-

- -hal_dbus_chat( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -hal over dbus. -

-
- -
- -
-Module: -hal

-Layer: -services

-

- -hal_dbus_send( - - - - - domain - - - )
-
- -
-

-Send a dbus message to hal. -

-
- -
- -
-Module: -hal

-Layer: -services

-

- -hal_dgram_send( - - - - - domain - - - )
-
- -
-

-Send to hal over a unix domain -datagram socket. -

-
- -
- -
-Module: -hal

-Layer: -services

-

- -hal_domtrans( - - - - - domain - - - )
-
- -
-

-Execute hal in the hal domain. -

-
- -
- -
-Module: -hal

-Layer: -services

-

- -hal_stream_connect( - - - - - domain - - - )
-
- -
-

-Send to hal over a unix domain -stream socket. -

-
- -
- -
-Module: -hostname

-Layer: -system

-

- -hostname_domtrans( - - - - - domain - - - )
-
- -
-

-Execute hostname in the hostname domain. -

-
- -
- -
-Module: -hostname

-Layer: -system

-

- -hostname_exec( - - - - - domain - - - )
-
- -
-

-Execute hostname in the caller domain. -

-
- -
- -
-Module: -hostname

-Layer: -system

-

- -hostname_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute hostname in the hostname domain, and -allow the specified role the hostname domain. -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_domtrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_dontaudit_search_config( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_dontaudit_use_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_exec( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_getattr_config_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of the hotplug configuration directory. -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_read_config( - - - - - domain - - - )
-
- -
-

-Read the configuration files for hotplug. -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_search_config( - - - - - domain - - - )
-
- -
-

-Search the hotplug configuration directory. -

-
- -
- -
-Module: -hotplug

-Layer: -system

-

- -hotplug_use_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -howl

-Layer: -services

-

- -howl_signal( - - - - - domain - - - )
-
- -
-

-Send generic signals to howl. -

-
- -
- -
-Module: -i18n_input

-Layer: -services

-

- -i18n_use( - - - - - domain - - - )
-
- -
-

-Use i18n_input over a TCP connection. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_core_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Define the specified domain as a inetd service. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_domtrans_child( - - - - - domain - - - )
-
- -
-

-Run inetd child process in the inet child domain -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_rw_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Read and write inetd TCP sockets. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Define the specified domain as a TCP and UDP inetd service. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_tcp_connect( - - - - - domain - - - )
-
- -
-

-Connect to the inetd service using a TCP connection. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_tcp_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Define the specified domain as a TCP inetd service. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_udp_send( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to inetd. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_udp_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Define the specified domain as a UDP inetd service. -

-
- -
- -
-Module: -inetd

-Layer: -services

-

- -inetd_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use file descriptors from inetd. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_daemon_domain( - - - - - domain - - - - , - - - - entry_point - - - )
-
- -
-

-Create a domain for long running processes -(daemons) which can be started by init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dbus_chat_script( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -init scripts over dbus. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_domain( - - - - - domain - - - - , - - - - entry_point - - - )
-
- -
-

-Create a domain which can be started by init. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_domtrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_domtrans_script( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_getattr_initctl( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_lock_utmp( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to lock -init script pid files. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_rw_initctl( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_rw_utmp( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_stream_connect_script( - - - - - domain - - - )
-
- -
-

-Dont audit the specified domain connecting to -init scripts with a unix domain stream socket. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_use_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_use_script_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_use_script_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and -write the init script pty. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_dontaudit_write_utmp( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_exec( - - - - - domain - - - )
-
- -
-

-Execute the init program in the caller domain. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_exec_script_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_getattr_initctl( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_getattr_script_files( - - - - - domain - - - )
-
- -
-

-Get the attribute of init script entrypoint files. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_getattr_utmp( - - - - - domain - - - )
-
- -
-

-Get the attributes of init script process id files. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_getpgid( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_getpgid_script( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_manage_utmp( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete utmp. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_read_script_files( - - - - - domain - - - )
-
- -
-

-Read init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_read_script_state( - - - - - domain - - - )
-
- -
-

-Read the process state (/proc/pid) of the init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_read_utmp( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_run_daemon( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Start and stop daemon programs directly. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_rw_initctl( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_rw_script_pipes( - - - - - domain - - - )
-
- -
-

-Read and write init script unnamed pipes. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_rw_script_tmp_files( - - - - - domain - - - )
-
- -
-

-Read and write init script temporary data. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_rw_utmp( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_script_file_domtrans( - - - - - source_domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute a init script in a specified domain. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_script_file_entry_type( - - - - - domain - - - )
-
- -
-

-Make init scripts an entry point for -the specified domain. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_script_tmp_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
- -
-

-Create files in a init script -temporary data directory. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_sigchld( - - - - - domain - - - )
-
- -
-

-Send init a SIGCHLD signal. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_sigchld_script( - - - - - domain - - - )
-
- -
-

-Send SIGCHLD signals to init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_signal_script( - - - - - domain - - - )
-
- -
-

-Send generic signals to init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_signull( - - - - - domain - - - )
-
- -
-

-Send init a null signal. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_signull_script( - - - - - domain - - - )
-
- -
-

-Send null signals to init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_stream_connect_script( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to connect to -init scripts with a unix socket. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_system_domain( - - - - - domain - - - - , - - - - entry_point - - - )
-
- -
-

-Create a domain for short running processes -which can be started by init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_udp_send( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to init. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_udp_send_script( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to init scripts. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_use_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_use_script_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_use_script_ptys( - - - - - domain - - - )
-
- -
-

-Read and write the init script pty. -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_write_initctl( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -init

-Layer: -system

-

- -init_write_script_pipes( - - - - - domain - - - )
-
- -
-

-Write an init script unnamed pipe. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_dgram_send( - - - - - domain - - - )
-
- -
-

-Send to a innd unix dgram socket. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_exec( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to execute innd -in the caller domain. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_exec_config( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to execute -inn configuration files in /etc. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_manage_log( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the innd log. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_manage_pid( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the innd pid files. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_read_config( - - - - - domain - - - )
-
- -
-

-Read innd configuration files. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_read_news_lib( - - - - - domain - - - )
-
- -
-

-Read innd news library files. -

-
- -
- -
-Module: -inn

-Layer: -services

-

- -inn_read_news_spool( - - - - - domain - - - )
-
- -
-

-Read innd news library files. -

-
- -
- -
-Module: -ipsec

-Layer: -system

-

- -ipsec_domtrans( - - - - - domain - - - )
-
- -
-

-Execute ipsec in the ipsec domain. -

-
- -
- -
-Module: -ipsec

-Layer: -system

-

- -ipsec_exec_mgmt( - - - - - domain - - - )
-
- -
-

-Execute the IPSEC management program in the caller domain. -

-
- -
- -
-Module: -ipsec

-Layer: -system

-

- -ipsec_getattr_key_sockets( - - - - - domain - - - )
-
- -
-

-Get the attributes of an IPSEC key socket. -

-
- -
- -
-Module: -ipsec

-Layer: -system

-

- -ipsec_manage_pid( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the IPSEC pid files. -

-
- -
- -
-Module: -ipsec

-Layer: -system

-

- -ipsec_read_config( - - - - - domain - - - )
-
- -
-

-Read the IPSEC configuration -

-
- -
- -
-Module: -ipsec

-Layer: -system

-

- -ipsec_stream_connect( - - - - - domain - - - )
-
- -
-

-Connect to IPSEC using a unix domain stream socket. -

-
- -
- -
-Module: -iptables

-Layer: -system

-

- -iptables_domtrans( - - - - - domain - - - )
-
- -
-

-Execute iptables in the iptables domain. -

-
- -
- -
-Module: -iptables

-Layer: -system

-

- -iptables_exec( - - - - - domain - - - )
-
- -
-

-Execute iptables in the caller domain. -

-
- -
- -
-Module: -iptables

-Layer: -system

-

- -iptables_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute iptables in the iptables domain, and -allow the specified role the iptables domain. -

-
- -
- -
-Module: -java

-Layer: -apps

-

- -java_domtrans( - - - - - domain - - - )
-
- -
-

-Execute the java program in the java domain. -

-
- -
- -
-Module: -kerberos

-Layer: -services

-

- -kerberos_dontaudit_write_config( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write the kerberos -configuration file (/etc/krb5.conf). -

-
- -
- -
-Module: -kerberos

-Layer: -services

-

- -kerberos_read_config( - - - - - domain - - - )
-
- -
-

-Read the kerberos configuration file (/etc/krb5.conf). -

-
- -
- -
-Module: -kerberos

-Layer: -services

-

- -kerberos_read_keytab( - - - - - domain - - - )
-
- -
-

-Read the kerberos key table. -

-
- -
- -
-Module: -kerberos

-Layer: -services

-

- -kerberos_rw_config( - - - - - domain - - - )
-
- -
-

-Read and write the kerberos configuration file (/etc/krb5.conf). -

-
- -
- -
-Module: -kerberos

-Layer: -services

-

- -kerberos_use( - - - - - domain - - - )
-
- -
-

-Use kerberos services -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_change_ring_buffer_level( - - - - - domain - - - )
-
- -
-

-Change the level of kernel messages logged to the console. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_clear_ring_buffer( - - - - - domain - - - )
-
- -
-

-Allows the caller to clear the ring buffer. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dgram_send( - - - - - domain - - - )
-
- -
-

-Send messages to kernel unix datagram sockets. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_domtrans_to( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Allows to start userland processes -by transitioning to the specified domain. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_core_if( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes of -core kernel interfaces. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_message_if( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get the attributes of kernel -message interfaces. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_unlabeled_blk_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get attributes for -unlabeled block devices. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_unlabeled_chr_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get attributes for -unlabeled character devices. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_unlabeled_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get the -attributes of an unlabeled file. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_unlabeled_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get the -attributes of unlabeled named pipes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_unlabeled_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get the -attributes of unlabeled named sockets. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_getattr_unlabeled_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to get the -attributes of unlabeled symbolic links. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_list_proc( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list the -contents of directories in /proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_list_unlabeled( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list unlabeled directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_read_proc_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to -read system state information in proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_read_ring_buffer( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the ring buffer. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_read_system_state( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to -read system state information in proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_read_unlabeled_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to -read an unlabeled file. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_search_kernel_sysctl( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search generic kernel sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_search_network_state( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the network -state directory. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_search_network_sysctl( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to search network sysctl directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_search_sysctl( - - - - - domain - - - )
-
- -
-

-Do not audit attempts by caller to search -the base directory of sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to use -kernel file descriptors. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_dontaudit_write_kernel_sysctl( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write generic kernel sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_get_sysvipc_info( - - - - - domain - - - )
-
- -
-

-Get information on all System V IPC objects. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_getattr_core_if( - - - - - domain - - - )
-
- -
-

-Allows caller to get attribues of core kernel interface. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_getattr_debugfs( - - - - - domain - - - )
-
- -
-

-Get the attributes of a kernel debugging filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_getattr_message_if( - - - - - domain - - - )
-
- -
-

-Allow caller to get the attributes of kernel message -interface (/proc/kmsg). -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_getattr_proc( - - - - - domain - - - )
-
- -
-

-Get the attributes of the proc filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_getattr_proc_files( - - - - - domain - - - )
-
- -
-

-Get the attributes of files in /proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_kill_unlabeled( - - - - - domain - - - )
-
- -
-

-Send a kill signal to unlabeled processes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_list_proc( - - - - - domain - - - )
-
- -
-

-List the contents of directories in /proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_list_unlabeled( - - - - - domain - - - )
-
- -
-

-List unlabeled directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_load_module( - - - - - domain - - - )
-
- -
-

-Allows caller to load kernel modules -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_mount_debugfs( - - - - - domain - - - )
-
- -
-

-Mount a kernel debugging filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_all_sysctls( - - - - - domain - - - )
-
- -
-

-Allow caller to read all sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_debugfs( - - - - - domain - - - )
-
- -
-

-Read information from the debugging filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_device_sysctls( - - - - - domain - - - )
-
- -
-

-Allow caller to read the device sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_fs_sysctls( - - - - - domain - - - )
-
- -
-

-Read filesystem sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_hotplug_sysctls( - - - - - domain - - - )
-
- -
-

-Read the hotplug sysctl. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_irq_sysctls( - - - - - domain - - - )
-
- -
-

-Read IRQ sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_kernel_sysctls( - - - - - domain - - - )
-
- -
-

-Read generic kernel sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_messages( - - - - - domain - - - )
-
- -
-

-Allow caller to read kernel messages -using the /proc/kmsg interface. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_modprobe_sysctls( - - - - - domain - - - )
-
- -
-

-Read the modprobe sysctl. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_net_sysctls( - - - - - domain - - - )
-
- -
-

-Allow caller to read network sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_network_state( - - - - - domain - - - )
-
- -
-

-Allow caller to read the network state information. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_network_state_symlinks( - - - - - domain - - - )
-
- -
-

-Allow caller to read the network state symbolic links. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_proc_symlinks( - - - - - domain - - - )
-
- -
-

-Read symbolic links in /proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_ring_buffer( - - - - - domain - - - )
-
- -
-

-Allows caller to read the ring buffer. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_rpc_sysctls( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_software_raid_state( - - - - - domain - - - )
-
- -
-

-Allow caller to read the state information for software raid. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_sysctl( - - - - - domain - - - )
-
- -
-

-Allow access to read sysctl directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_system_state( - - - - - domain - - - )
-
- -
-

-Allows caller to read system state information in proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_unix_sysctls( - - - - - domain - - - )
-
- -
-

-Allow caller to read unix domain -socket sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_read_vm_sysctls( - - - - - domain - - - )
-
- -
-

-Allow caller to read virtual memory sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_relabelfrom_unlabeled_dirs( - - - - - domain - - - )
-
- -
-

-Allow caller to relabel unlabeled directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_relabelfrom_unlabeled_files( - - - - - domain - - - )
-
- -
-

-Allow caller to relabel unlabeled files. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_relabelfrom_unlabeled_pipes( - - - - - domain - - - )
-
- -
-

-Allow caller to relabel unlabeled named pipes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_relabelfrom_unlabeled_sockets( - - - - - domain - - - )
-
- -
-

-Allow caller to relabel unlabeled named sockets. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_relabelfrom_unlabeled_symlinks( - - - - - domain - - - )
-
- -
-

-Allow caller to relabel unlabeled symbolic links. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_remount_debugfs( - - - - - domain - - - )
-
- -
-

-Remount a kernel debugging filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rootfs_mountpoint( - - - - - directory_type - - - )
-
- -
-

-Allows the kernel to mount filesystems on -the specified directory type. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_all_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write all sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_device_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write device sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_fs_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write fileystem sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_hotplug_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write the hotplug sysctl. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_irq_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write IRQ sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_kernel_sysctl( - - - - - domain - - - )
-
- -
-

-Read and write generic kernel sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_modprobe_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write the modprobe sysctl. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_net_sysctls( - - - - - domain - - - )
-
- -
-

-Allow caller to modiry contents of sysctl network files. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_pipes( - - - - - domain - - - )
-
- -
-

-Read and write kernel unnamed pipes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_rpc_sysctls( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_software_raid_state( - - - - - domain - - - )
-
- -
-

-Allow caller to read and set the state information for software raid. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_unix_dgram_sockets( - - - - - domain - - - )
-
- -
-

-Read and write kernel unix datagram sockets. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_unix_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write unix domain -socket sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_unlabeled_blk_files( - - - - - domain - - - )
-
- -
-

-Read and write unlabeled block device nodes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_unlabeled_dirs( - - - - - domain - - - )
-
- -
-

-Read and write unlabeled directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_rw_vm_sysctls( - - - - - domain - - - )
-
- -
-

-Read and write virtual memory sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_search_debugfs( - - - - - domain - - - )
-
- -
-

-Search the contents of a kernel debugging filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_search_network_state( - - - - - domain - - - )
-
- -
-

-Allow searching of network state directory. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_search_network_sysctl( - - - - - domain - - - )
-
- -
-

-Search network sysctl directories. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_search_proc( - - - - - domain - - - )
-
- -
-

-Search directories in /proc. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_search_vm_sysctl( - - - - - domain - - - )
-
- -
-

-Allow caller to search virtual memory sysctls. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_sendrecv_unlabeled_association( - - - - - domain - - - )
-
- -
-

-Send and receive messages from an -unlabeled IPSEC association. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_setpgid( - - - - - domain - - - )
-
- -
-

-Set the process group of kernel threads. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_share_state( - - - - - domain - - - )
-
- -
-

-Allows the kernel to share state information with -the caller. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_sigchld( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to kernel threads. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_sigchld_unlabeled( - - - - - domain - - - )
-
- -
-

-Send a child terminated signal to unlabeled processes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_signal( - - - - - domain - - - )
-
- -
-

-Send a generic signal to kernel threads. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_signal_unlabeled( - - - - - domain - - - )
-
- -
-

-Send general signals to unlabeled processes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_signull_unlabeled( - - - - - domain - - - )
-
- -
-

-Send a null signal to unlabeled processes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_sigstop_unlabeled( - - - - - domain - - - )
-
- -
-

-Send a stop signal to unlabeled processes. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_tcp_recvfrom( - - - - - domain - - - )
-
- -
-

-Receive messages from kernel TCP sockets. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_udp_recvfrom( - - - - - domain - - - )
-
- -
-

-Receive messages from kernel UDP sockets. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_udp_send( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to the kernel. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to kernel module resources. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_unmount_debugfs( - - - - - domain - - - )
-
- -
-

-Unmount a kernel debugging filesystem. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_use_fds( - - - - - domain - - - )
-
- -
-

-Permits caller to use kernel file descriptors. -

-
- -
- -
-Module: -kernel

-Layer: -kernel

-

- -kernel_write_proc_files( - - - - - domain - - - )
-
- -
-

-Write to generic proc entries. -

-
- -
- -
-Module: -kudzu

-Layer: -admin

-

- -kudzu_domtrans( - - - - - domain - - - )
-
- -
-

-Execute kudzu in the kudzu domain. -

-
- -
- -
-Module: -kudzu

-Layer: -admin

-

- -kudzu_getattr_exec_files( - - - - - domain - - - )
-
- -
-

-Get attributes of kudzu executable. -

-
- -
- -
-Module: -kudzu

-Layer: -admin

-

- -kudzu_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute kudzu in the kudzu domain, and -allow the specified role the kudzu domain. -

-
- -
- -
-Module: -ldap

-Layer: -services

-

- -ldap_list_db( - - - - - domain - - - )
-
- -
-

-Read the contents of the OpenLDAP -database directories. -

-
- -
- -
-Module: -ldap

-Layer: -services

-

- -ldap_read_config( - - - - - domain - - - )
-
- -
-

-Read the OpenLDAP configuration files. -

-
- -
- -
-Module: -ldap

-Layer: -services

-

- -ldap_use( - - - - - domain - - - )
-
- -
-

-Use LDAP over TCP connection. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_delete_lib_symlinks( - - - - - domain - - - )
-
- -
-

-Delete generic symlinks in library directories. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_domtrans_ldconfig( - - - - - domain - - - )
-
- -
-

-Execute ldconfig in the ldconfig domain. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_exec_ld_so( - - - - - domain - - - )
-
- -
-

-Execute the dynamic link/loader in the caller's domain. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_exec_lib_files( - - - - - domain - - - )
-
- -
-

-Execute library scripts in the caller domain. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_legacy_use_ld_so( - - - - - domain - - - )
-
- -
-

-Use the dynamic link/loader for automatic loading -of shared libraries with legacy support. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_legacy_use_shared_libs( - - - - - domain - - - )
-
- -
-

-Load and execute functions from shared libraries, -with legacy support. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_manage_ld_so( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the -dynamic link/loader. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_manage_lib_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete generic -files in library directories. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_manage_shared_libs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete shared libraries. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_read_lib_files( - - - - - domain - - - )
-
- -
-

-Read files in the library directories, such -as static libraries. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_relabel_ld_so( - - - - - domain - - - )
-
- -
-

-Relabel to and from the type used for -the dynamic link/loader. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_relabel_lib_files( - - - - - domain - - - )
-
- -
-

-Relabel to and from the type used -for generic lib files. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_relabel_shared_libs( - - - - - domain - - - )
-
- -
-

-Relabel to and from the type used for -shared libraries. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_relabelto_lib_files( - - - - - domain - - - )
-
- -
-

-Relabel files to the type used in library directories. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_run_ldconfig( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute ldconfig in the ldconfig domain. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_rw_ld_so_cache( - - - - - domain - - - )
-
- -
-

-Modify the dynamic link/loader's cached listing -of shared libraries. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_search_lib( - - - - - domain - - - )
-
- -
-

-Search lib directories. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_use_ld_so( - - - - - domain - - - )
-
- -
-

-Use the dynamic link/loader for automatic loading -of shared libraries. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_use_lib_files( - - - - - domain - - - )
-
- -
-

-Load and execute functions from generic -lib files as shared libraries. -

-
- -
- -
-Module: -libraries

-Layer: -system

-

- -libs_use_shared_libs( - - - - - domain - - - )
-
- -
-

-Load and execute functions from shared libraries. -

-
- -
- -
-Module: -loadkeys

-Layer: -apps

-

- -loadkeys_domtrans( - - - - - domain - - - )
-
- -
-

-Execute the loadkeys program in the loadkeys domain. -

-
- -
- -
-Module: -loadkeys

-Layer: -apps

-

- -loadkeys_exec( - - - - - domain - - - )
-
- -
-

-Execute the loadkeys program in the caller domain. -

-
- -
- -
-Module: -loadkeys

-Layer: -apps

-

- -loadkeys_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute the loadkeys program in the loadkeys domain. -

-
- -
- -
-Module: -locallogin

-Layer: -system

-

- -locallogin_domtrans( - - - - - domain - - - )
-
- -
-

-Execute local logins in the local login domain. -

-
- -
- -
-Module: -locallogin

-Layer: -system

-

- -locallogin_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit local login file descriptors. -

-
- -
- -
-Module: -locallogin

-Layer: -system

-

- -locallogin_signull( - - - - - domain - - - )
-
- -
-

-Send a null signal to local login processes. -

-
- -
- -
-Module: -locallogin

-Layer: -system

-

- -locallogin_use_fds( - - - - - domain - - - )
-
- -
-

-Allow processes to inherit local login file descriptors. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_append_all_logs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_domtrans_auditctl( - - - - - domain - - - )
-
- -
-

-Execute auditctl in the auditctl domain. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_domtrans_syslog( - - - - - domain - - - )
-
- -
-

-Execute syslogd in the syslog domain. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_dontaudit_getattr_all_logs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_exec_all_logs( - - - - - domain - - - )
-
- -
-

-Execute all log files in the caller domain. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_list_logs( - - - - - domain - - - )
-
- -
-

-List the contents of the generic log directory (/var/log). -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_log_file( - - - - - file_type - - - )
-
- -
-

-Make the specified type a file -used for logs. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_log_filetrans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_manage_all_logs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_manage_generic_logs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -generic log files. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_read_all_logs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_read_audit_config( - - - - - domain - - - )
-
- -
-

-Read the auditd configuration files. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_read_audit_log( - - - - - domain - - - )
-
- -
-

-Read the audit log. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_read_generic_logs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_rw_generic_log_dirs( - - - - - domain - - - )
-
- -
-

-Read and write the generic log directory (/var/log). -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_rw_generic_logs( - - - - - domain - - - )
-
- -
-

-Read and write generic log files. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_search_logs( - - - - - domain - - - )
-
- -
-

-Allows the domain to open a file in the -log directory, but does not allow the listing -of the contents of the log directory. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_send_syslog_msg( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_write_generic_logs( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -logrotate

-Layer: -admin

-

- -logrotate_domtrans( - - - - - domain - - - )
-
- -
-

-Execute logrotate in the logrotate domain. -

-
- -
- -
-Module: -logrotate

-Layer: -admin

-

- -logrotate_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit logrotate file descriptors. -

-
- -
- -
-Module: -logrotate

-Layer: -admin

-

- -logrotate_exec( - - - - - domain - - - )
-
- -
-

-Execute logrotate in the caller domain. -

-
- -
- -
-Module: -logrotate

-Layer: -admin

-

- -logrotate_read_tmp_files( - - - - - domain - - - )
-
- -
-

-Read a logrotate temporary files. -

-
- -
- -
-Module: -logrotate

-Layer: -admin

-

- -logrotate_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute logrotate in the logrotate domain, and -allow the specified role the logrotate domain. -

-
- -
- -
-Module: -logrotate

-Layer: -admin

-

- -logrotate_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use logrotate file descriptors. -

-
- -
- -
-Module: -logwatch

-Layer: -admin

-

- -logwatch_read_tmp_files( - - - - - domain - - - )
-
- -
-

-Read logwatch temporary files. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpd_domtrans_checkpc( - - - - - domain - - - )
-
- -
-

-Execute lpd in the lpd domain. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpd_list_spool( - - - - - domain - - - )
-
- -
-

-List the contents of the printer spool directories. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpd_manage_spool( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete printer spool files. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpd_read_config( - - - - - domain - - - )
-
- -
-

-List the contents of the printer spool directories. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpd_run_checkpc( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute amrecover in the lpd domain, and -allow the specified role the lpd domain. -

-
- -
- -
-Module: -lvm

-Layer: -system

-

- -lvm_domtrans( - - - - - domain - - - )
-
- -
-

-Execute lvm programs in the lvm domain. -

-
- -
- -
-Module: -lvm

-Layer: -system

-

- -lvm_read_config( - - - - - domain - - - )
-
- -
-

-Read LVM configuration files. -

-
- -
- -
-Module: -lvm

-Layer: -system

-

- -lvm_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute lvm programs in the lvm domain. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_domtrans( - - - - - domain - - - )
-
- -
-

-Execute mailman in the mailman domain. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_domtrans_cgi( - - - - - domain - - - )
-
- -
-

-Execute mailman CGI scripts in the -mailman CGI domain. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_exec( - - - - - domain - - - )
-
- -
-

-Execute mailman in the caller domain. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_list_data( - - - - - domain - - - )
-
- -
-

-List the contents of mailman data directories. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_manage_log( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -mailman logs. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_read_archive( - - - - - domain - - - )
-
- -
-

-Allow domain to read mailman archive files. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_read_data_symlinks( - - - - - domain - - - )
-
- -
-

-Allow read acces to mailman data symbolic links. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_search_data( - - - - - domain - - - )
-
- -
-

-Allow domain to search data directories. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_signal_cgi( - - - - - domain - - - )
-
- -
-

-Send generic signals to the mailman cgi domain. -

-
- -
- -
-Module: -mcs

-Layer: -kernel

-

- -mcs_killall( - - - - - domain - - - )
-
- -
-

-This domain is allowed to sigkill and sigstop -all domains regardless of their MCS level. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_delete_man_pages( - - - - - domain - - - )
-
- -
-

-Delete man pages -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_dontaudit_search_man_pages( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search man pages. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_exec_tetex_data( - - - - - domain - - - )
-
- -
-

-Execute TeX data programs in the caller domain. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_legacy_read_localization( - - - - - domain - - - )
-
- -
-

-Allow process to read legacy time localization info -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_manage_fonts( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete fonts. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_manage_man_pages( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete man pages -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_manage_public_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete public files -and directories used for file transfer services. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_certs( - - - - - domain - - - )
-
- -
-

-Read system SSL certificates. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_fonts( - - - - - domain - - - )
-
- -
-

-Read fonts. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_hwdata( - - - - - domain - - - )
-
- -
-

-Read hardware identification data. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_localization( - - - - - domain - - - )
-
- -
-

-Allow process to read localization info -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_man_pages( - - - - - domain - - - )
-
- -
-

-Read man pages -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_public_files( - - - - - domain - - - )
-
- -
-

-Read public files used for file -transfer services. -

-
- -
- -
-Module: -miscfiles

-Layer: -system

-

- -miscfiles_read_tetex_data( - - - - - domain - - - )
-
- -
-

-Read TeX data -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_file_downgrade( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for lowering the level of files. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_file_read_up( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for reading from files at higher levels. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_file_upgrade( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for raising the level of files. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_file_write_down( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for writing to files at lower levels. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_process_read_up( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for reading from processes at higher levels. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_process_set_level( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for setting the level of processes -it executes. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_process_write_down( - - - - - domain - - - )
-
- -
-

-Make specified domain MLS trusted -for writing to processes at lower levels. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_rangetrans_source( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to do a MLS -range transition that changes -the current level. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_rangetrans_target( - - - - - domain - - - )
-
- -
-

-Make specified domain a target domain -for MLS range transitions that change -the current level. -

-
- -
- -
-Module: -mls

-Layer: -kernel

-

- -mls_trusted_object( - - - - - domain - - - )
-
- -
-

-Make specified object MLS trusted. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_domtrans_depmod( - - - - - domain - - - )
-
- -
-

-Execute depmod in the depmod domain. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_domtrans_insmod( - - - - - domain - - - )
-
- -
-

-Execute insmod in the insmod domain. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_domtrans_insmod_uncond( - - - - - domain - - - )
-
- -
-

-Unconditionally execute insmod in the insmod domain. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_domtrans_update_mods( - - - - - domain - - - )
-
- -
-

-Execute depmod in the depmod domain. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_exec_depmod( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_exec_insmod( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_exec_update_mods( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_read_module_config( - - - - - domain - - - )
-
- -
-

-Read the configuration options used when -loading modules. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_read_module_deps( - - - - - domain - - - )
-
- -
-

-Read the dependencies of kernel modules. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_rename_module_config( - - - - - domain - - - )
-
- -
-

-Rename a file with the configuration options used when -loading modules. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_run_depmod( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute depmod in the depmod domain. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_run_insmod( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute insmod in the insmod domain, and -allow the specified role the insmod domain, -and use the caller's terminal. Has a sigchld -backchannel. -

-
- -
- -
-Module: -modutils

-Layer: -system

-

- -modutils_run_update_mods( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute update_modules in the update_modules domain. -

-
- -
- -
-Module: -mono

-Layer: -apps

-

- -mono_domtrans( - - - - - domain - - - )
-
- -
-

-Execute the mono program in the mono domain. -

-
- -
- -
-Module: -mount

-Layer: -system

-

- -mount_domtrans( - - - - - domain - - - )
-
- -
-

-Execute mount in the mount domain. -

-
- -
- -
-Module: -mount

-Layer: -system

-

- -mount_exec( - - - - - domain - - - )
-
- -
-

-Execute mount in the caller domain. -

-
- -
- -
-Module: -mount

-Layer: -system

-

- -mount_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute mount in the mount domain, and -allow the specified role the mount domain, -and use the caller's terminal. -

-
- -
- -
-Module: -mount

-Layer: -system

-

- -mount_send_nfs_client_request( - - - - - domain - - - )
-
- -
-

-Allow the mount domain to send nfs requests for mounting -network drives -

-
- -
- -
-Module: -mount

-Layer: -system

-

- -mount_use_fds( - - - - - domain - - - )
-
- -
-

-Use file descriptors for mount. -

-
- -
- -
-Module: -mrtg

-Layer: -admin

-

- -mrtg_append_create_logs( - - - - - domain - - - )
-
- -
-

-Create and append mrtg logs. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_append_spool( - - - - - domain - - - )
-
- -
-

-Create, read, and write the mail spool. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_delete_spool( - - - - - domain - - - )
-
- -
-

-Delete from the mail spool. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_dontaudit_getattr_spool_files( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_dontaudit_read_spool_symlinks( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read a symlink -in the mail spool. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_dontaudit_rw_delivery_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write TCP -sockets of mail delivery domains. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_dontaudit_rw_queue( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and -write the mail queue. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_etc_filetrans_aliases( - - - - - domain - - - )
-
- -
-

-Type transition files created in /etc -to the mail address aliases type. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_exec( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_getattr_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_mailserver( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_mailserver_delivery( - - - - - domain - - - )
-
- -
-

-Make a type a mailserver type used -for delivering mail to local users. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_mailserver_sender( - - - - - domain - - - )
-
- -
-

-Make a type a mailserver type used -for sending mail. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_mailserver_user_agent( - - - - - domain - - - )
-
- -
-

-Make a type a mailserver type used -for sending mail on behalf of local -users to the local mail spool. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_manage_queue( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_manage_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_read_aliases( - - - - - domain - - - )
-
- -
-

-Read mail address aliases. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_read_config( - - - - - domain - - - )
-
- -
-

-Read mail server configuration. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_read_sendmail_bin( - - - - - domain - - - )
-
- -
-

-Read sendmail binary. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_rw_aliases( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_rw_spool( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_rw_user_mail_stream_sockets( - - - - - domain - - - )
-
- -
-

-Read and write unix domain stream sockets -of user mail domains. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_send_mail( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_sendmail_mailserver( - - - - - domain - - - - , - - - - entry_point - - - )
-
- -
-

-Modified mailserver interface for -sendmail daemon use. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_spool_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object - - - )
-
- -
-

-Create private objects in the -mail spool directory. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_stub( - - - - - domain - - - )
-
- -
-

-MTA stub interface. No access allowed. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_tcp_connect_all_mailservers( - - - - - domain - - - )
-
- -
-

-Connect to all mail servers over TCP. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_manage_db_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete MySQL database directories. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_read_config( - - - - - domain - - - )
-
- -
-

-Read MySQL configuration files. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_rw_db_dirs( - - - - - domain - - - )
-
- -
-

-Read and write to the MySQL database directory. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_rw_db_sockets( - - - - - domain - - - )
-
- -
-

-Read and write to the MySQL database -named socket. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_search_db( - - - - - domain - - - )
-
- -
-

-Search the directories that contain MySQL -database storage. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_signal( - - - - - domain - - - )
-
- -
-

-Send a generic signal to MySQL. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_stream_connect( - - - - - domain - - - )
-
- -
-

-Connect to MySQL using a unix domain stream socket. -

-
- -
- -
-Module: -mysql

-Layer: -services

-

- -mysql_write_log( - - - - - domain - - - )
-
- -
-

-Write to the MySQL log. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_domtrans( - - - - - domain - - - )
-
- -
-

-Execute network utilities in the netutils domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_domtrans_ping( - - - - - domain - - - )
-
- -
-

-Execute ping in the ping domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_domtrans_traceroute( - - - - - domain - - - )
-
- -
-

-Execute traceroute in the traceroute domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_exec( - - - - - domain - - - )
-
- -
-

-Execute network utilities in the caller domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_exec_ping( - - - - - domain - - - )
-
- -
-

-Execute ping in the caller domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_exec_traceroute( - - - - - domain - - - )
-
- -
-

-Execute traceroute in the caller domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute network utilities in the netutils domain, and -allow the specified role the netutils domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_run_ping( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute ping in the ping domain, and -allow the specified role the ping domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_run_ping_cond( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Conditionally execute ping in the ping domain, and -allow the specified role the ping domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_run_traceroute( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute traceroute in the traceroute domain, and -allow the specified role the traceroute domain. -

-
- -
- -
-Module: -netutils

-Layer: -admin

-

- -netutils_run_traceroute_cond( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Conditionally execute traceroute in the traceroute domain, and -allow the specified role the traceroute domain. -

-
- -
- -
-Module: -networkmanager

-Layer: -services

-

- -networkmanager_dbus_chat( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -NetworkManager over dbus. -

-
- -
- -
-Module: -networkmanager

-Layer: -services

-

- -networkmanager_rw_packet_sockets( - - - - - domain - - - )
-
- -
-

-Read and write NetworkManager packet sockets. -

-
- -
- -
-Module: -networkmanager

-Layer: -services

-

- -networkmanager_rw_routing_sockets( - - - - - domain - - - )
-
- -
-

-Read and write NetworkManager netlink -routing sockets. -

-
- -
- -
-Module: -networkmanager

-Layer: -services

-

- -networkmanager_rw_udp_sockets( - - - - - domain - - - )
-
- -
-

-Read and write NetworkManager UDP sockets. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_delete_ypbind_pid( - - - - - domain - - - )
-
- -
-

-Delete ypbind pid files. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_domtrans_ypbind( - - - - - domain - - - )
-
- -
-

-Execute ypbind in the ypbind domain. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_list_var_yp( - - - - - domain - - - )
-
- -
-

-List the contents of the NIS data directory. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_read_ypbind_pid( - - - - - domain - - - )
-
- -
-

-Read ypbind pid files. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_read_ypserv_config( - - - - - domain - - - )
-
- -
-

-Read ypserv configuration files. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_signal_ypbind( - - - - - domain - - - )
-
- -
-

-Send generic signals to ypbind. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_tcp_connect_ypbind( - - - - - domain - - - )
-
- -
-

-Connect to ypbind over TCP. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_udp_send_ypbind( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to NIS clients. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_use_ypbind( - - - - - domain - - - )
-
- -
-

-Use the ypbind service to access NIS services. -

-
- -
- -
-Module: -nis

-Layer: -services

-

- -nis_use_ypbind_uncond( - - - - - domain - - - )
-
- -
-

-Use the ypbind service to access NIS services -unconditionally. -

-
- -
- -
-Module: -nscd

-Layer: -services

-

- -nscd_domtrans( - - - - - domain - - - )
-
- -
-

-Execute NSCD in the nscd domain. -

-
- -
- -
-Module: -nscd

-Layer: -services

-

- -nscd_read_pid( - - - - - domain - - - )
-
- -
-

-Read NSCD pid file. -

-
- -
- -
-Module: -nscd

-Layer: -services

-

- -nscd_shm_use( - - - - - domain - - - )
-
- -
-

-Use NSCD services by mapping the database from -an inherited NSCD file descriptor. -

-
- -
- -
-Module: -nscd

-Layer: -services

-

- -nscd_socket_use( - - - - - domain - - - )
-
- -
-

-Use NSCD services by connecting using -a unix stream socket. -

-
- -
- -
-Module: -nscd

-Layer: -services

-

- -nscd_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to NSCD services. -

-
- -
- -
-Module: -ntp

-Layer: -services

-

- -ntp_domtrans( - - - - - domain - - - )
-
- -
-

-Execute ntp server in the ntpd domain. -

-
- -
- -
-Module: -ntp

-Layer: -services

-

- -ntp_domtrans_ntpdate( - - - - - domain - - - )
-
- -
-

-Execute ntp server in the ntpd domain. -

-
- -
- -
-Module: -ntp

-Layer: -services

-

- -ntp_stub( - - - - - domain - - - )
-
- -
-

-NTP stub interface. No access allowed. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_domtrans_cardctl( - - - - - domain - - - )
-
- -
-

-Execute cardctl in the cardmgr domain. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_domtrans_cardmgr( - - - - - domain - - - )
-
- -
-

-Execute cardmgr in the cardmgr domain. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_manage_pid( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -cardmgr pid files. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_manage_pid_chr_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -cardmgr runtime character nodes. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_read_pid( - - - - - domain - - - )
-
- -
-

-Read cardmgr pid files. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_run_cardctl( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute cardmgr in the cardctl domain, and -allow the specified role the cardmgr domain. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_stub( - - - - - domain - - - )
-
- -
-

-PCMCIA stub interface. No access allowed. -

-
- -
- -
-Module: -pcmcia

-Layer: -system

-

- -pcmcia_use_cardmgr_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use file descriptors from cardmgr. -

-
- -
- -
-Module: -portage

-Layer: -admin

-

- -portage_domtrans( - - - - - domain - - - )
-
- -
-

-Execute emerge in the portage domain. -

-
- -
- -
-Module: -portage

-Layer: -admin

-

- -portage_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute emerge in the portage domain, and -allow the specified role the portage domain. -

-
- -
- -
-Module: -portmap

-Layer: -services

-

- -portmap_domtrans_helper( - - - - - domain - - - )
-
- -
-

-Execute portmap_helper in the helper domain. -

-
- -
- -
-Module: -portmap

-Layer: -services

-

- -portmap_run_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute portmap helper in the helper domain, and -allow the specified role the helper domain. -Communicate with portmap. -

-
- -
- -
-Module: -portmap

-Layer: -services

-

- -portmap_tcp_connect( - - - - - domain - - - )
-
- -
-

-Connect to portmap over a TCP socket -

-
- -
- -
-Module: -portmap

-Layer: -services

-

- -portmap_udp_chat( - - - - - domain - - - )
-
- -
-

-Send and receive UDP network traffic from portmap. -

-
- -
- -
-Module: -portmap

-Layer: -services

-

- -portmap_udp_send( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to portmap. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_config_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object - - - )
-
- -
-

-Create files with the specified type in -the postfix configuration directories. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_domtrans_map( - - - - - domain - - - )
-
- -
-

-Execute postfix_map in the postfix_map domain. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_domtrans_master( - - - - - domain - - - )
-
- -
-

-Execute the master postfix program in the -postfix_master domain. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_domtrans_user_mail_handler( - - - - - domain - - - )
-
- -
-

-Execute postfix user mail programs -in their respective domains. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_dontaudit_rw_local_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and -write postfix local delivery -TCP sockets. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to use -postfix master process file -file descriptors. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_exec_master( - - - - - domain - - - )
-
- -
-

-Execute the master postfix program in the -caller domain. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_list_spool( - - - - - domain - - - )
-
- -
-

-List postfix mail spool directories. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_read_config( - - - - - domain - - - )
-
- -
-

-Read postfix configuration files. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_run_map( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute postfix_map in the postfix_map domain, and -allow the specified role the postfix_map domain. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_search_spool( - - - - - domain - - - )
-
- -
-

-Search postfix mail spool directories. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_stub( - - - - - domain - - - )
-
- -
-

-Postfix stub interface. No access allowed. -

-
- -
- -
-Module: -postgresql

-Layer: -services

-

- -postgresql_domtrans( - - - - - domain - - - )
-
- -
-

-Execute postgresql in the postgresql domain. -

-
- -
- -
-Module: -postgresql

-Layer: -services

-

- -postgresql_manage_db( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to manage postgresql's database. -

-
- -
- -
-Module: -postgresql

-Layer: -services

-

- -postgresql_read_config( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read postgresql's etc. -

-
- -
- -
-Module: -postgresql

-Layer: -services

-

- -postgresql_search_db( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to search postgresql's database directory. -

-
- -
- -
-Module: -postgresql

-Layer: -services

-

- -postgresql_stream_connect( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to connect to postgresql with a unix socket. -

-
- -
- -
-Module: -postgresql

-Layer: -services

-

- -postgresql_tcp_connect( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to connect to postgresql with a tcp socket. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_domtrans( - - - - - domain - - - )
-
- -
-

-Execute domain in the ppp domain. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit -and use PPP file discriptors. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_run( - - - - - domain - - - )
-
- -
-

-Unconditionally execute ppp daemon on behalf of a user or staff type. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_run_cond( - - - - - domain - - - )
-
- -
-

-Conditionally execute ppp daemon on behalf of a user or staff type. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_sigchld( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to PPP. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_signal( - - - - - domain - - - )
-
- -
-

-Send a generic signal to PPP. -

-
- -
- -
-Module: -ppp

-Layer: -services

-

- -ppp_use_fds( - - - - - domain - - - )
-
- -
-

-Use PPP file discriptors. -

-
- -
- -
-Module: -prelink

-Layer: -admin

-

- -prelink_delete_cache( - - - - - file_type - - - )
-
- -
-

-Delete the prelink cache. -

-
- -
- -
-Module: -prelink

-Layer: -admin

-

- -prelink_domtrans( - - - - - domain - - - )
-
- -
-

-Execute the prelink program in the prelink domain. -

-
- -
- -
-Module: -prelink

-Layer: -admin

-

- -prelink_manage_log( - - - - - file_type - - - )
-
- -
-

-Create, read, write, and delete -prelink log files. -

-
- -
- -
-Module: -prelink

-Layer: -admin

-

- -prelink_object_file( - - - - - file_type - - - )
-
- -
-

-Make the specified file type prelinkable. -

-
- -
- -
-Module: -prelink

-Layer: -admin

-

- -prelink_read_cache( - - - - - file_type - - - )
-
- -
-

-Read the prelink cache. -

-
- -
- -
-Module: -procmail

-Layer: -services

-

- -procmail_domtrans( - - - - - domain - - - )
-
- -
-

-Execute procmail with a domain transition. -

-
- -
- -
-Module: -procmail

-Layer: -services

-

- -procmail_exec( - - - - - domain - - - )
-
- -
-

-Execute procmail in the caller domain. -

-
- -
- -
-Module: -quota

-Layer: -admin

-

- -quota_domtrans( - - - - - domain - - - )
-
- -
-

-Execute quota management tools in the quota domain. -

-
- -
- -
-Module: -quota

-Layer: -admin

-

- -quota_dontaudit_getattr_db( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of filesystem quota data files. -

-
- -
- -
-Module: -quota

-Layer: -admin

-

- -quota_manage_flags( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -quota

-Layer: -admin

-

- -quota_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute quota management tools in the quota domain, and -allow the specified role the quota domain. -

-
- -
- -
-Module: -radius

-Layer: -services

-

- -radius_use( - - - - - domain - - - )
-
- -
-

-Use radius over a UDP connection. -

-
- -
- -
-Module: -raid

-Layer: -system

-

- -raid_domtrans_mdadm( - - - - - domain - - - )
-
- -
-

-Execute software raid tools in the mdadm domain. -

-
- -
- -
-Module: -raid

-Layer: -system

-

- -raid_manage_mdadm_pid( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the mdadm pid files. -

-
- -
- -
-Module: -remotelogin

-Layer: -services

-

- -remotelogin_domtrans( - - - - - domain - - - )
-
- -
-

-Domain transition to the remote login domain. -

-
- -
- -
-Module: -rlogin

-Layer: -services

-

- -rlogin_domtrans( - - - - - domain - - - )
-
- -
-

-Execute rlogind in the rlogin domain. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_domtrans_nfsd( - - - - - domain - - - )
-
- -
-

-Execute domain in nfsd domain. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_dontaudit_getattr_exports( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of the NFS export file. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_manage_nfs_ro_content( - - - - - domain - - - )
-
- -
-

-Allow domain to create read and write NFS directories. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_manage_nfs_rw_content( - - - - - domain - - - )
-
- -
-

-Allow domain to create read and write NFS directories. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_read_exports( - - - - - domain - - - )
-
- -
-

-Allow read access to exports. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_search_nfs_state_data( - - - - - domain - - - )
-
- -
-

-Search NFS state data in /var/lib/nfs. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_udp_rw_nfs_sockets( - - - - - domain - - - )
-
- -
-

-Allow domain to read and write to an NFS UDP socket. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_udp_send( - - - - - domain - - - )
-
- -
-

-Send UDP network traffic to rpc and recieve UDP traffic from rpc. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_udp_send_nfs( - - - - - domain - - - )
-
- -
-

-Send UDP traffic to NFSd. -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_write_exports( - - - - - domain - - - )
-
- -
-

-Allow write access to exports. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_domtrans( - - - - - domain - - - )
-
- -
-

-Execute rpm programs in the rpm domain. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_domtrans_script( - - - - - domain - - - )
-
- -
-

-Execute rpm_script programs in the rpm_script domain. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_dontaudit_manage_db( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to create, read, -write, and delete the RPM package database. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_manage_db( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the RPM package database. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_manage_log( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete the RPM log. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_read_db( - - - - - domain - - - )
-
- -
-

-Read the RPM package database. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_read_pipes( - - - - - domain - - - )
-
- -
-

-Read from an unnamed RPM pipe. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute RPM programs in the RPM domain. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_rw_pipes( - - - - - domain - - - )
-
- -
-

-Read and write an unnamed RPM pipe. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use file descriptors from RPM. -

-
- -
- -
-Module: -rpm

-Layer: -admin

-

- -rpm_use_script_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use file descriptors from RPM scripts. -

-
- -
- -
-Module: -rshd

-Layer: -services

-

- -rshd_domtrans( - - - - - domain - - - )
-
- -
-

-Domain transition to rshd. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_domtrans_net( - - - - - domain - - - )
-
- -
-

-Execute samba net in the samba_net domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_domtrans_smbmount( - - - - - domain - - - )
-
- -
-

-Execute smbmount in the smbmount domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_domtrans_winbind_helper( - - - - - domain - - - )
-
- -
-

-Execute winbind_helper in the winbind_helper domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_exec_log( - - - - - domain - - - )
-
- -
-

-Execute samba log in the caller domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_read_config( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read -samba configuration files. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_read_log( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read samba's log files. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_read_secrets( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read samba's secrets. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_read_winbind_pid( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read the winbind pid files. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_run_net( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute samba net in the samba_net domain, and -allow the specified role the samba_net domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_run_winbind_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute winbind_helper in the winbind_helper domain, and -allow the specified role the winbind_helper domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_rw_config( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read -and write samba configuration files. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_rw_smbmount_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to read and write to smbmount tcp sockets. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_rw_var_files( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to -read and write samba /var files. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_search_var( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to search -samba /var directories. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_stream_connect_winbind( - - - - - domain - - - )
-
- -
-

-Connect to winbind. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_write_smbmount_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Allow the specified domain to write to smbmount tcp sockets. -

-
- -
- -
-Module: -sasl

-Layer: -services

-

- -sasl_connect( - - - - - domain - - - )
-
- -
-

-Connect to SASL. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_compute_access_vector( - - - - - domain - - - )
-
- -
-

-Allows caller to compute an access vector. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_compute_create_context( - - - - - domain - - - )
-
- -
-

-Calculate the default type for object creation. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_compute_member( - - - - - domain - - - )
-
- -
-

-Allows caller to compute polyinstatntiated -directory members. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_compute_relabel_context( - - - - - domain - - - )
-
- -
-

-Calculate the context for relabeling objects. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_compute_user_contexts( - - - - - domain - - - )
-
- -
-

-Allows caller to compute possible contexts for a user. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_dontaudit_getattr_dir( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of the selinuxfs directory. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_dontaudit_read_fs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read -generic selinuxfs entries -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_dontaudit_search_fs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search selinuxfs. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_get_enforce_mode( - - - - - domain - - - )
-
- -
-

-Allows the caller to get the mode of policy enforcement -(enforcing or permissive mode). -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_get_fs_mount( - - - - - domain - - - )
-
- -
-

-Gets the caller the mountpoint of the selinuxfs filesystem. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_load_policy( - - - - - domain - - - )
-
- -
-

-Allow caller to load the policy into the kernel. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_search_fs( - - - - - domain - - - )
-
- -
-

-Search selinuxfs. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_set_boolean( - - - - - domain - - - )
-
- -
-

-Allow caller to set the state of Booleans to -enable or disable conditional portions of the policy. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_set_enforce_mode( - - - - - domain - - - )
-
- -
-

-Allow caller to set the mode of policy enforcement -(enforcing or permissive mode). -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_set_parameters( - - - - - domain - - - )
-
- -
-

-Allow caller to set SELinux access vector cache parameters. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to the SELinux kernel security server. -

-
- -
- -
-Module: -selinux

-Layer: -kernel

-

- -selinux_validate_context( - - - - - domain - - - )
-
- -
-

-Allows caller to validate security contexts. -

-
- -
- -
-Module: -sendmail

-Layer: -services

-

- -sendmail_create_log( - - - - - domain - - - )
-
- -
-

-Create sendmail logs with the correct type. -

-
- -
- -
-Module: -sendmail

-Layer: -services

-

- -sendmail_domtrans( - - - - - domain - - - )
-
- -
-

-Domain transition to sendmail. -

-
- -
- -
-Module: -sendmail

-Layer: -services

-

- -sendmail_manage_log( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete sendmail logs. -

-
- -
- -
-Module: -sendmail

-Layer: -services

-

- -sendmail_rw_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Read and write sendmail TCP sockets. -

-
- -
- -
-Module: -sendmail

-Layer: -services

-

- -sendmail_rw_unix_stream_sockets( - - - - - domain - - - )
-
- -
-

-Read and write sendmail unix_stream_sockets. -

-
- -
- -
-Module: -sendmail

-Layer: -services

-

- -sendmail_stub( - - - - - domain - - - )
-
- -
-

-Sendmail stub interface. No access allowed. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_create_bin_policy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_checkpolicy( - - - - - domain - - - )
-
- -
-

-Execute checkpolicy in the checkpolicy domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_loadpolicy( - - - - - domain - - - )
-
- -
-

-Execute load_policy in the load_policy domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_newrole( - - - - - domain - - - )
-
- -
-

-Execute newrole in the load_policy domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_restorecon( - - - - - domain - - - )
-
- -
-

-Execute restorecon in the restorecon domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_runinit( - - - - - domain - - - )
-
- -
-

-Execute run_init in the run_init domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_semanage( - - - - - domain - - - )
-
- -
-

-Execute a domain transition to run semanage. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_domtrans_setfiles( - - - - - domain - - - )
-
- -
-

-Execute setfiles in the setfiles domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_dontaudit_read_config( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the SELinux -userland configuration (/etc/selinux). -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_dontaudit_search_config( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the SELinux -configuration directory (/etc/selinux). -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_dontaudit_signal_newrole( - - - - - domain - - - )
-
- -
-

-Do not audit the caller attempts to send -a signal to newrole. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_exec_checkpolicy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_exec_loadpolicy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_exec_newrole( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_exec_restorecon( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_exec_setfiles( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_get_semanage_read_lock( - - - - - domain - - - )
-
- -
-

-Get read lock on module store -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_get_semanage_trans_lock( - - - - - domain - - - )
-
- -
-

-Get trans lock on module store -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_init_script_domtrans_runinit( - - - - - domain - - - )
-
- -
-

-Execute init scripts in the run_init domain. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_init_script_run_runinit( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute init scripts in the run_init domain, and -allow the specified role the run_init domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_manage_bin_policy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_manage_module_store( - - - - - domain - - - )
-
- -
-

-Full management of the semanage -module store. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_manage_src_policy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_read_bin_policy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_read_config( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_read_default_contexts( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_read_file_contexts( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_read_loadpolicy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_read_src_policy( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_relabelto_bin_policy( - - - - - domain - - - )
-
- -
-

-Allow the caller to relabel a file to the binary policy type. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_checkpolicy( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute checkpolicy in the checkpolicy domain, and -allow the specified role the checkpolicy domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_loadpolicy( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute load_policy in the load_policy domain, and -allow the specified role the load_policy domain, -and use the caller's terminal. -Has a SIGCHLD signal backchannel. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_newrole( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute newrole in the newrole domain, and -allow the specified role the newrole domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_restorecon( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute restorecon in the restorecon domain, and -allow the specified role the restorecon domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_runinit( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute run_init in the run_init domain, and -allow the specified role the run_init domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_semanage( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute semanage in the semanage domain, and -allow the specified role the semanage domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_run_setfiles( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute setfiles in the setfiles domain, and -allow the specified role the setfiles domain, -and use the caller's terminal. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_rw_file_contexts( - - - - - domain - - - )
-
- -
-

-Read and write the file_contexts files. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_search_default_contexts( - - - - - domain - - - )
-
- -
-

-Search the policy directory with default_context files. -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_sigchld_newrole( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_use_newrole_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -selinuxutil

-Layer: -system

-

- -seutil_use_runinit_fds( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -slocate

-Layer: -apps

-

- -slocate_create_append_log( - - - - - domain - - - )
-
- -
-

-Create the locate log with append mode. -

-
- -
- -
-Module: -slrnpull

-Layer: -services

-

- -slrnpull_manage_spool( - - - - - pty_type - - - )
-
- -
-

-Allow the domain to create, read, -write, and delete slrnpull spools. -

-
- -
- -
-Module: -slrnpull

-Layer: -services

-

- -slrnpull_search_spool( - - - - - pty_type - - - )
-
- -
-

-Allow the domain to search slrnpull spools. -

-
- -
- -
-Module: -smartmon

-Layer: -services

-

- -smartmon_read_tmp_files( - - - - - domain - - - )
-
- -
-

-Allow caller to read smartmon temporary files. -

-
- -
- -
-Module: -snmp

-Layer: -services

-

- -snmp_read_snmp_var_lib_files( - - - - - domain - - - )
-
- -
-

-Read snmpd libraries. -

-
- -
- -
-Module: -snmp

-Layer: -services

-

- -snmp_tcp_connect( - - - - - domain - - - )
-
- -
-

-Use snmp over a TCP connection. -

-
- -
- -
-Module: -snmp

-Layer: -services

-

- -snmp_udp_chat( - - - - - domain - - - )
-
- -
-

-Send and receive UDP traffic to SNMP -

-
- -
- -
-Module: -spamassassin

-Layer: -services

-

- -spamassassin_exec( - - - - - domain - - - )
-
- -
-

-Execute the standalone spamassassin -program in the caller directory. -

-
- -
- -
-Module: -spamassassin

-Layer: -services

-

- -spamassassin_exec_client( - - - - - domain - - - )
-
- -
-

-Execute the spamassassin client -program in the caller directory. -

-
- -
- -
-Module: -squid

-Layer: -services

-

- -squid_append_log( - - - - - domain - - - )
-
- -
-

-Append squid logs. -

-
- -
- -
-Module: -squid

-Layer: -services

-

- -squid_domtrans( - - - - - domain - - - )
-
- -
-

-Execute squid in the squid domain. -

-
- -
- -
-Module: -squid

-Layer: -services

-

- -squid_manage_logs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -squid logs. -

-
- -
- -
-Module: -squid

-Layer: -services

-

- -squid_read_config( - - - - - domain - - - )
-
- -
-

-Read squid configuration file. -

-
- -
- -
-Module: -squid

-Layer: -services

-

- -squid_read_log( - - - - - domain - - - )
-
- -
-

-Append squid logs. -

-
- -
- -
-Module: -squid

-Layer: -services

-

- -squid_use( - - - - - domain - - - )
-
- -
-

-Use squid services by connecting over TCP. -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_dontaudit_read_server_keys( - - - - - domain - - - )
-
- -
-

-Read ssh server keys -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_dontaudit_rw_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write -ssh server TCP sockets. -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_read_pipes( - - - - - domain - - - )
-
- -
-

-Read a ssh server unnamed pipe. -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_sigchld( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to the ssh server. -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_tcp_connect( - - - - - domain - - - )
-
- -
-

-Connect to SSH daemons over TCP sockets. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dev_filetrans_fixed_disk( - - - - - domain - - - )
-
- -
-

-Create block devices in /dev with the fixed disk type -via an automatic type transition. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_getattr_fixed_disk_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to get -the attributes of fixed disk device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_getattr_removable_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to get -the attributes of removable devices device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_raw_read_removable_device( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to directly read removable devices. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_raw_write_removable_device( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to directly write removable devices. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_read_fixed_disk( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to read -fixed disk device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_read_removable_device( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to read -removable devices device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_rw_scsi_generic( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -SCSI generic device interfaces. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_setattr_fixed_disk_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to set -the attributes of fixed disk device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_setattr_removable_dev( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to set -the attributes of removable devices device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_dontaudit_write_fixed_disk( - - - - - domain - - - )
-
- -
-

-Do not audit attempts made by the caller to write -fixed disk device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_getattr_fixed_disk_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to get the attributes of fixed disk -device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_getattr_removable_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to get the attributes of removable -devices device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_getattr_scsi_generic_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to get the attributes of -the generic SCSI interface device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_getattr_tape_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to get the attributes -of device nodes of tape devices. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_manage_fixed_disk( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete fixed disk device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_raw_read_fixed_disk( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly read from a fixed disk. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_raw_read_removable_device( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly read from -a removable device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_raw_write_fixed_disk( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly write to a fixed disk. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_raw_write_removable_device( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly write to -a removable device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_read_scsi_generic( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly read, in a -generic fashion, from any SCSI device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_read_tape( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly read -a tape device. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_relabel_fixed_disk( - - - - - domain - - - )
-
- -
-

-Relabel fixed disk device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_setattr_fixed_disk_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to set the attributes of fixed disk -device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_setattr_removable_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to set the attributes of removable -devices device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_setattr_scsi_generic_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to set the attributes of -the generic SCSI interface device nodes. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_setattr_scsi_generic_dev_dev( - - - - - domain - - - )
-
- -
-

-Set attributes of the device nodes -for the SCSI generic inerface. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_setattr_tape_dev( - - - - - domain - - - )
-
- -
-

-Allow the caller to set the attributes -of device nodes of tape devices. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_swapon_fixed_disk( - - - - - domain - - - )
-
- -
-

-Enable a fixed disk device as swap space -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_tmpfs_filetrans_fixed_disk( - - - - - domain - - - )
-
- -
-

-Create block devices in on a tmpfs filesystem with the -fixed disk type via an automatic type transition. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to storage devices. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_write_scsi_generic( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly write, in a -generic fashion, from any SCSI device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

-
- -
- -
-Module: -storage

-Layer: -kernel

-

- -storage_write_tape( - - - - - domain - - - )
-
- -
-

-Allow the caller to directly read -a tape device. -

-
- -
- -
-Module: -su

-Layer: -admin

-

- -su_exec( - - - - - domain - - - )
-
- -
-

-Execute su in the caller domain. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_dbus_chat_dhcpc( - - - - - domain - - - )
-
- -
-

-Send and receive messages from -dhcpc over dbus. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_delete_dhcpc_pid( - - - - - domain - - - )
-
- -
-

-Delete the dhcp client pid file. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_dhcp_state_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
- -
-

-Create DHCP state data. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_dns_name_resolve( - - - - - domain - - - )
-
- -
-

-Perform a DNS name resolution. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_domtrans_dhcpc( - - - - - domain - - - )
-
- -
-

-Execute dhcp client in dhcpc domain. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_domtrans_ifconfig( - - - - - domain - - - )
-
- -
-

-Execute ifconfig in the ifconfig domain. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_dontaudit_read_config( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read network config files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_etc_filetrans_config( - - - - - domain - - - )
-
- -
-

-Create files in /etc with the type used for -the network config files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_exec_ifconfig( - - - - - domain - - - )
-
- -
-

-Execute ifconfig in the caller domain. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_kill_dhcpc( - - - - - domain - - - )
-
- -
-

-Send a kill signal to the dhcp client. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_manage_config( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete network config files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_read_config( - - - - - domain - - - )
-
- -
-

-Allow network init to read network config files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_read_dhcp_config( - - - - - domain - - - )
-
- -
-

-Read the DHCP configuration files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_read_dhcpc_pid( - - - - - domain - - - )
-
- -
-

-Read the dhcp client pid file. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_read_dhcpc_state( - - - - - domain - - - )
-
- -
-

-Read dhcp client state files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_run_dhcpc( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute DHCP clients in the dhcpc domain, and -allow the specified role the dhcpc domain. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_run_ifconfig( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute ifconfig in the ifconfig domain, and -allow the specified role the ifconfig domain, -and use the caller's terminal. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_rw_dhcp_config( - - - - - domain - - - )
-
- -
-

-Read and write dhcp configuration files. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_search_dhcp_state( - - - - - domain - - - )
-
- -
-

-Search the DHCP state data directory. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_sigchld_dhcpc( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to the dhcp client. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_signal_dhcpc( - - - - - domain - - - )
-
- -
-

-Send a generic signal to the dhcp client. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_signull_dhcpc( - - - - - domain - - - )
-
- -
-

-Send a null signal to the dhcp client. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_sigstop_dhcpc( - - - - - domain - - - )
-
- -
-

-Send a SIGSTOP signal to the dhcp client. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_use_ldap( - - - - - domain - - - )
-
- -
-

-Connect and use a LDAP server. -

-
- -
- -
-Module: -sysnetwork

-Layer: -system

-

- -sysnet_use_portmap( - - - - - domain - - - )
-
- -
-

-Connect and use remote port mappers. -

-
- -
- -
-Module: -sysstat

-Layer: -services

-

- -sysstat_manage_log( - - - - - domain - - - )
-
- -
-

-Manage sysstat logs. -

-
- -
- -
-Module: -tcpd

-Layer: -services

-

- -tcpd_domtrans( - - - - - domain - - - )
-
- -
-

-Execute tcpd in the tcpd domain. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_create_pty( - - - - - domain - - - - , - - - - pty_type - - - )
-
- -
-

-Create a pty in the /dev/pts directory. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_getattr_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of any user pty -device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_getattr_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of any user tty -device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_getattr_pty_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of the /dev/pts directory. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_getattr_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the attributes -of all unallocated tty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_ioctl_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to ioctl -unallocated tty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_list_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read the -/dev/pts directory. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_manage_pty_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to create, read, -write, or delete the /dev/pts directory. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_search_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the -contents of the /dev/pts directory. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_use_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read any -user ptys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_use_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -any user ttys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_use_console( - - - - - domain - - - )
-
- -
-

-Do not audit attemtps to read from -or write to the console. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_use_generic_ptys( - - - - - domain - - - )
-
- -
-

-Dot not audit attempts to read and -write the generic pty type. This is -generally only used in the targeted policy. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_use_ptmx( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and -write the pty multiplexor (/dev/ptmx). -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_dontaudit_use_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or -write unallocated ttys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_getattr_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Get the attributes of all user -pty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_getattr_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Get the attributes of all user tty -device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_getattr_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Get the attributes of all unallocated -tty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_ioctl_generic_ptys( - - - - - domain - - - )
-
- -
-

-ioctl of generic pty types. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_list_ptys( - - - - - domain - - - )
-
- -
-

-Read the /dev/pts directory to -list all ptys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_login_pty( - - - - - pty_type - - - )
-
- -
-

-Transform specified type into a pty type -used by login programs, such as sshd. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_pty( - - - - - pty_type - - - )
-
- -
-

-Transform specified type into a pty type. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_read_console( - - - - - domain - - - )
-
- -
-

-Read from the console. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_relabel_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Relabel from and to all user -user pty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_relabel_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Relabel from and to all user -user tty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_relabel_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Relabel from and to the unallocated -tty type. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_relabelto_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Relabel to all user ptys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_reset_tty_labels( - - - - - domain - - - )
-
- -
-

-Relabel from all user tty types to -the unallocated tty type. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_search_ptys( - - - - - domain - - - )
-
- -
-

-Search the contents of the /dev/pts directory. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_setattr_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Set the attributes of all user -pty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_setattr_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Set the attributes of all user tty -device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_setattr_console( - - - - - domain - - - )
-
- -
-

-Set the attributes of the console -device node. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_setattr_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Set the attributes of all unallocated -tty device nodes. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_tty( - - - - - tty_type - - - )
-
- -
-

-Transform specified type into a tty type. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_all_terms( - - - - - domain - - - )
-
- -
-

-Read and write the console, all -ttys and all ptys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_all_user_ptys( - - - - - domain - - - )
-
- -
-

-Read and write all user ptys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Read and write all user to all user ttys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_console( - - - - - domain - - - )
-
- -
-

-Read from and write to the console. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_controlling_term( - - - - - domain - - - )
-
- -
-

-Read and write the controlling -terminal (/dev/tty). -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_generic_ptys( - - - - - domain - - - )
-
- -
-

-Read and write the generic pty -type. This is generally only used in -the targeted policy. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_ptmx( - - - - - domain - - - )
-
- -
-

-Read and write the pty multiplexor (/dev/ptmx). -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_use_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Read and write unallocated ttys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_user_pty( - - - - - userdomain - - - - , - - - - object_type - - - )
-
- -
-

-Transform specified type into an user -pty type. This allows it to be relabeled via -type change by login programs such as ssh. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_write_all_user_ttys( - - - - - domain - - - )
-
- -
-

-Write to all user ttys. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_write_console( - - - - - domain - - - )
-
- -
-

-Write to the console. -

-
- -
- -
-Module: -terminal

-Layer: -kernel

-

- -term_write_unallocated_ttys( - - - - - domain - - - )
-
- -
-

-Write to unallocated ttys. -

-
- -
- -
-Module: -tmpreaper

-Layer: -admin

-

- -tmpreaper_exec( - - - - - domain - - - )
-
- -
-

-Execute tmpreaper in the caller domain. -

-
- -
- -
-Module: -ucspitcp

-Layer: -services

-

- -ucspitcp_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
- -
-

-Define a specified domain as a ucspitcp service. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_domtrans( - - - - - domain - - - )
-
- -
-

-Execute udev in the udev domain. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_dontaudit_rw_dgram_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -to a udev unix datagram socket. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_dontaudit_use_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit a -udev file descriptor. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_helper_domtrans( - - - - - domain - - - )
-
- -
-

-Execute a udev helper in the udev domain. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_read_db( - - - - - domain - - - )
-
- -
-

-Allow process to read list of devices. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_read_state( - - - - - domain - - - )
-
- -
-

-Allow process to read udev process state. -

-
- -
- -
-Module: -udev

-Layer: -system

-

- -udev_rw_db( - - - - - domain - - - )
-
- -
-

-Allow process to modify list of devices. -

-
- -
- -
-Module: -uml

-Layer: -apps

-

- -uml_manage_util_files( - - - - - domain - - - )
-
- -
-

-Manage uml utility files. -

-
- -
- -
-Module: -uml

-Layer: -apps

-

- -uml_setattr_util_sockets( - - - - - domain - - - )
-
- -
-

-Set attributes on uml utility socket files. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_alias_domain( - - - - - domain - - - )
-
- -
-

-Add an alias type to the unconfined domain. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_dbus_send( - - - - - domain - - - )
-
- -
-

-Send messages to the unconfined domain over dbus. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_domain( - - - - - domain - - - )
-
- -
-

-Make the specified domain unconfined and -audit executable memory and executable heap -usage. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_domain_noaudit( - - - - - domain - - - )
-
- -
-

-Make the specified domain unconfined. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_domtrans( - - - - - domain - - - )
-
- -
-

-Transition to the unconfined domain. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_dontaudit_read_pipes( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read unconfined domain unnamed pipes. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_dontaudit_rw_tcp_sockets( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to read or write -unconfined domain tcp sockets. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_read_pipes( - - - - - domain - - - )
-
- -
-

-Read unconfined domain unnamed pipes. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute specified programs in the unconfined domain. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_rw_pipes( - - - - - domain - - - )
-
- -
-

-Read and write unconfined domain unnamed pipes. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_shell_domtrans( - - - - - domain - - - )
-
- -
-

-Transition to the unconfined domain by executing a shell. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_sigchld( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to the unconfined domain. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_signal( - - - - - domain - - - )
-
- -
-

-Send generic signals to the unconfined domain. -

-
- -
- -
-Module: -unconfined

-Layer: -system

-

- -unconfined_use_fds( - - - - - domain - - - )
-
- -
-

-Inherit file descriptors from the unconfined domain. -

-
- -
- -
-Module: -updfstab

-Layer: -admin

-

- -updfstab_domtrans( - - - - - domain - - - )
-
- -
-

-Execute updfstab in the updfstab domain. -

-
- -
- -
-Module: -usbmodules

-Layer: -admin

-

- -usbmodules_domtrans( - - - - - domain - - - )
-
- -
-

-Execute usbmodules in the usbmodules domain. -

-
- -
- -
-Module: -usbmodules

-Layer: -admin

-

- -usbmodules_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute usbmodules in the usbmodules domain, and -allow the specified role the usbmodules domain, -and use the caller's terminal. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_bin_spec_domtrans_sysadm( - - - - - domain - - - )
-
- -
-

-Execute a generic bin program in the sysadm domain. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_bin_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
- -
-

-Execute bin_t in the unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dbus_send_all_users( - - - - - domain - - - )
-
- -
-

-Send a dbus message to all user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_append_staff_home_content_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to append to the staff -users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_getattr_sysadm_home_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to get the -attributes of the sysadm users -home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_getattr_sysadm_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attepts to get the attributes -of sysadm ttys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_list_sysadm_home_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to list the sysadm -users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_read_sysadm_home_content_files( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the sysadm -users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_relabelfrom_unpriv_users_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to relabel files from -unprivileged user pty types. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_search_all_users_home_content( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_search_generic_user_home_dirs( - - - - - domain - - - )
-
- -
-

-Don't audit search on the user home subdirectory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_search_staff_home_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the staff -users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_search_sysadm_home_dirs( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search the sysadm -users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_all_users_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit the file -descriptors from any user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_sysadm_ptys( - - - - - domain - - - )
-
- -
-

-Dont audit attempts to read and write sysadm ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_sysadm_terms( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to use sysadm ttys and ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_sysadm_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to use sysadm ttys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_unpriv_user_fds( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to inherit the -file descriptors from all user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_unpriv_users_ptys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to use unprivileged -user ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_unpriv_users_ttys( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to use unprivileged -user ttys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_entry_spec_domtrans_sysadm( - - - - - domain - - - )
-
- -
-

-Execute all entrypoint files in the sysadm domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_entry_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
- -
-

-Execute all entrypoint files in unprivileged user -domains. This is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_generic_user_home_dir_filetrans_generic_user_home_content( - - - - - domain - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in generic user home directories -with automatic file type transition. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_getattr_all_users( - - - - - domain - - - )
-
- -
-

-Get the attributes of all user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_getattr_sysadm_home_dirs( - - - - - domain - - - )
-
- -
-

-Get the attributes of the sysadm users -home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_home_filetrans_generic_user_home_dir( - - - - - domain - - - )
-
- -
-

-Create generic user home directories -with automatic file type transition. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_all_users_home_dirs( - - - - - domain - - - )
-
- -
-

-List all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_sysadm_home_dirs( - - - - - domain - - - )
-
- -
-

-List the sysadm users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_unpriv_users_tmp( - - - - - domain - - - )
-
- -
-

-Read all unprivileged users temporary directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_all_users_home_content_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete all directories -in all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_all_users_home_content_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete all files -in all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_all_users_home_content_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete all symlinks -in all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_generic_user_home_content_dirs( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete -subdirectories of generic user -home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_generic_user_home_content_files( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files -in generic user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_generic_user_home_content_pipes( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named -pipes in generic user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_generic_user_home_content_sockets( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named -sockets in generic user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_generic_user_home_content_symlinks( - - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic -links in generic user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_unpriv_user_semaphores( - - - - - domain - - - )
-
- -
-

-Manage unpriviledged user SysV sempaphores. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_unpriv_user_shared_mem( - - - - - domain - - - )
-
- -
-

-Manage unpriviledged user SysV shared -memory segments. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_priveleged_home_dir_manager( - - - - - domain - - - )
-
- -
-

-Make the specified domain a privileged -home directory manager. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_all_tmp_untrusted_content( - - - - - domain - - - )
-
- -
-

-Read all user temporary untrusted content files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_all_untrusted_content( - - - - - domain - - - )
-
- -
-

-Read all user untrusted content files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_all_users_home_content_files( - - - - - domain - - - )
-
- -
-

-Read all files in all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_all_users_state( - - - - - domain - - - )
-
- -
-

-Read the process state of all user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_staff_home_content_files( - - - - - domain - - - )
-
- -
-

-Read files in the staff users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_sysadm_home_content_files( - - - - - domain - - - )
-
- -
-

-Read files in the sysadm users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_unpriv_users_home_content_files( - - - - - domain - - - )
-
- -
-

-Read all unprivileged users home directory -files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_unpriv_users_tmp_files( - - - - - domain - - - )
-
- -
-

-Read all unprivileged users temporary files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_unpriv_users_tmp_symlinks( - - - - - domain - - - )
-
- -
-

-Read all unprivileged users temporary symbolic links. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_relabelto_unpriv_users_ptys( - - - - - domain - - - )
-
- -
-

-Relabel files to unprivileged user pty types. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_rw_sysadm_pipes( - - - - - domain - - - )
-
- -
-

-Read and write sysadm user unnamed pipes. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_sbin_spec_domtrans_sysadm( - - - - - domain - - - )
-
- -
-

-Execute a generic sbin program in the sysadm domain. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_sbin_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
- -
-

-Execute generic sbin programs in all unprivileged user -domains. This is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_all_users_home_content( - - - - - domain - - - )
-
- -
-

-Search all users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_generic_user_home_dirs( - - - - - domain - - - )
-
- -
-

-Search generic user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_staff_home_dirs( - - - - - domain - - - )
-
- -
-

-Search the staff users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_sysadm_home_content_dirs( - - - - - domain - - - )
-
- -
-

-Search the sysadm users home sub directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_sysadm_home_dirs( - - - - - domain - - - )
-
- -
-

-Search the sysadm users home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_unpriv_users_home_dirs( - - - - - domain - - - )
-
- -
-

-Search all unprivileged users home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_setattr_unpriv_users_ptys( - - - - - domain - - - )
-
- -
-

-Set the attributes of user ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_shell_domtrans_sysadm( - - - - - domain - - - )
-
- -
-

-Execute a shell in the sysadm domain. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_sigchld_all_users( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to all user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_sigchld_sysadm( - - - - - domain - - - )
-
- -
-

-Send a SIGCHLD signal to sysadm users. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_signal_all_users( - - - - - domain - - - )
-
- -
-

-Send general signals to all user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_signal_unpriv_users( - - - - - domain - - - )
-
- -
-

-Send general signals to unprivileged user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_spec_domtrans_all_users( - - - - - domain - - - )
-
- -
-

-Execute a shell in all user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
- -
-

-Execute a shell in all unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_sysadm_home_dir_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in sysadm home directories -with automatic file type transition. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_unconfined( - - - - - domain - - - )
-
- -
-

-Unconfined access to user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_all_users_fds( - - - - - domain - - - )
-
- -
-

-Inherit the file descriptors from all user domains -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_sysadm_fds( - - - - - domain - - - )
-
- -
-

-Inherit and use sysadm file descriptors -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_sysadm_ptys( - - - - - domain - - - )
-
- -
-

-Read and write sysadm ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_sysadm_terms( - - - - - domain - - - )
-
- -
-

-Read and write sysadm ttys and ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_sysadm_ttys( - - - - - domain - - - )
-
- -
-

-Read and write sysadm ttys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_unpriv_users_fds( - - - - - domain - - - )
-
- -
-

-Inherit the file descriptors from unprivileged user domains. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_unpriv_users_ptys( - - - - - domain - - - )
-
- -
-

-Read and write unprivileged user ptys. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_write_unpriv_users_tmp_files( - - - - - domain - - - )
-
- -
-

-Write all unprivileged users files in /tmp -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_xsession_spec_domtrans_all_users( - - - - - domain - - - )
-
- -
-

-Execute an Xserver session in all unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_xsession_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
- -
-

-Execute an Xserver session in all unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -userhelper

-Layer: -apps

-

- -userhelper_dontaudit_search_config( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to search -the userhelper configuration directory. -

-
- -
- -
-Module: -userhelper

-Layer: -apps

-

- -userhelper_search_config( - - - - - domain - - - )
-
- -
-

-Search the userhelper configuration directory. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_domtrans_admin_passwd( - - - - - domain - - - )
-
- -
-

-Execute password admin functions in -the admin passwd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_domtrans_chfn( - - - - - domain - - - )
-
- -
-

-Execute chfn in the chfn domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_domtrans_groupadd( - - - - - domain - - - )
-
- -
-

-Execute groupadd in the groupadd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_domtrans_passwd( - - - - - domain - - - )
-
- -
-

-Execute passwd in the passwd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_domtrans_useradd( - - - - - domain - - - )
-
- -
-

-Execute useradd in the useradd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_read_crack_db( - - - - - domain - - - )
-
- -
-

-Read the crack database. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_run_admin_passwd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute passwd admin functions in the admin -passwd domain, and allow the specified role -the admin passwd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_run_chfn( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute chfn in the chfn domain, and -allow the specified role the chfn domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_run_groupadd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute groupadd in the groupadd domain, and -allow the specified role the groupadd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_run_passwd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute passwd in the passwd domain, and -allow the specified role the passwd domain. -

-
- -
- -
-Module: -usermanage

-Layer: -admin

-

- -usermanage_run_useradd( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute useradd in the useradd domain, and -allow the specified role the useradd domain. -

-
- -
- -
-Module: -usernetctl

-Layer: -apps

-

- -usernetctl_domtrans( - - - - - domain - - - )
-
- -
-

-Execute usernetctl in the usernetctl domain. -

-
- -
- -
-Module: -usernetctl

-Layer: -apps

-

- -usernetctl_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute usernetctl in the usernetctl domain, and -allow the specified role the usernetctl domain. -

-
- -
- -
-Module: -vbetool

-Layer: -admin

-

- -vbetool_domtrans( - - - - - domain - - - )
-
- -
-

-Execute vbetool application in the vbetool domain. -

-
- -
- -
-Module: -vpn

-Layer: -admin

-

- -vpn_domtrans( - - - - - domain - - - )
-
- -
-

-Execute VPN clients in the vpnc domain. -

-
- -
- -
-Module: -vpn

-Layer: -admin

-

- -vpn_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute VPN clients in the vpnc domain, and -allow the specified role the vpnc domain. -

-
- -
- -
-Module: -vpn

-Layer: -admin

-

- -vpn_signal( - - - - - domain - - - )
-
- -
-

-Send generic signals to VPN clients. -

-
- -
- -
-Module: -webalizer

-Layer: -apps

-

- -webalizer_domtrans( - - - - - domain - - - )
-
- -
-

-Execute webalizer in the webalizer domain. -

-
- -
- -
-Module: -webalizer

-Layer: -apps

-

- -webalizer_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute webalizer in the webalizer domain, and -allow the specified role the webalizer domain. -

-
- -
- -
-Module: -wine

-Layer: -apps

-

- -wine_domtrans( - - - - - domain - - - )
-
- -
-

-Execute the wine program in the wine domain. -

-
- -
- -
-Module: -xfs

-Layer: -services

-

- -xfs_read_sockets( - - - - - domain - - - )
-
- -
-

-Read a X font server named socket. -

-
- -
- -
-Module: -xfs

-Layer: -services

-

- -xfs_stream_connect( - - - - - domain - - - )
-
- -
-

-Connect to a X font server over -a unix domain stream socket. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_create_xdm_tmp_sockets( - - - - - domain - - - )
-
- -
-

-Create a named socket in a XDM -temporary directory. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_delete_log( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write the X server -log files. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_domtrans_xdm_xserver( - - - - - domain - - - )
-
- -
-

-Execute the X server in the XDM X server domain. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_dontaudit_write_log( - - - - - domain - - - )
-
- -
-

-Do not audit attempts to write the X server -log files. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_read_xdm_pid( - - - - - domain - - - )
-
- -
-

-Read XDM pid files. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_read_xdm_rw_config( - - - - - domain - - - )
-
- -
-

-Read xdm-writable configuration files. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_setattr_xdm_tmp_dirs( - - - - - domain - - - )
-
- -
-

-Set the attributes of XDM temporary directories. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_stream_connect_xdm( - - - - - domain - - - )
-
- -
-

-Connect to XDM over a unix domain -stream socket. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_xsession_entry_type( - - - - - domain - - - )
-
- -
-

-Make an X session script an entrypoint for the specified domain. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_xsession_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
- -
-

-Execute an X session in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-
- -
- -
-Module: -zebra

-Layer: -services

-

- -zebra_read_config( - - - - - domain - - - )
-
- -
-

-Read the configuration files for zebra. -

-
- -
- - -
- - diff --git a/www/api-docs/kernel.html b/www/api-docs/kernel.html deleted file mode 100644 index 7b9a351..0000000 --- a/www/api-docs/kernel.html +++ /dev/null @@ -1,195 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

- -

-Policy for kernel threads, proc filesystem, -and unlabeled processes and objects. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - corecommands

-Core policy for shells, and generic programs -in /bin, /sbin, /usr/bin, and /usr/sbin. -

- - corenetwork

Policy controlling access to network objects

- - devices

-Device nodes and interfaces for many basic system devices. -

- - domain

Core policy for domains.

- - files

-Basic filesystem types and interfaces. -

- - filesystem

Policy for filesystems.

- - kernel

-Policy for kernel threads, proc filesystem, -and unlabeled processes and objects. -

- - mcs

Multicategory security policy

- - mls

Multilevel security policy

- - selinux

-Policy for kernel security interface, in particular, selinuxfs. -

- - storage

Policy controlling access to storage devices

- - terminal

Policy for terminals.

-



- -

- - diff --git a/www/api-docs/kernel_corecommands.html b/www/api-docs/kernel_corecommands.html deleted file mode 100644 index 2d8ecfd..0000000 --- a/www/api-docs/kernel_corecommands.html +++ /dev/null @@ -1,1866 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: corecommands

- -

Description:

- -

-Core policy for shells, and generic programs -in /bin, /sbin, /usr/bin, and /usr/sbin. -

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -corecmd_bin_alias( - - - - - domain - - - )
-
-
- -
Summary
-

-Create a aliased type to generic bin files. -

- - -
Description
-

-

-Create a aliased type to generic bin files. -

-

-This is added to support targeted policy. Its -use should be limited. It has no effect -on the strict policy. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Alias type for bin_t. -

-		 -No -
-
-
- - -
- - -
- -corecmd_bin_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a file in a bin directory -in the specified domain. -

- - -
Description
-

-

-Execute a file in a bin directory -in the specified domain. This allows -the specified domain to execute any file -on these filesystems in the specified -domain. This is not suggested. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This interface was added to handle -the ssh-agent policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the new process. -

-		 -No -
-
-
- - -
- - -
- -corecmd_bin_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a file in a bin directory -in the specified domain but do not -do it automatically. This is an explicit -transition, requiring the caller to use setexeccon(). -

- - -
Description
-

-

-Execute a file in a bin directory -in the specified domain. This allows -the specified domain to execute any file -on these filesystems in the specified -domain. This is not suggested. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This interface was added to handle -the userhelper policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the new process. -

-		 -No -
-
-
- - -
- - -
- -corecmd_check_exec_shell( - - - - - domain - - - )
-
-
- -
Summary
-

-Check if a shell is executable (DAC-wise). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_dontaudit_getattr_sbin_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_dontaudit_search_sbin( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search -sbin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -corecmd_exec_bin( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_exec_chroot( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_exec_ls( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_exec_sbin( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_exec_shell( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_getattr_bin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of files in bin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_getattr_sbin_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_list_bin( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_list_sbin( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_manage_bin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete bin files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_manage_sbin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete sbin files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_mmap_bin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Mmap a bin file as executable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_mmap_sbin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Mmap a sbin file as executable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_bin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in bin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_bin_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read pipes in bin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_bin_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read named sockets in bin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_bin_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links in bin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_sbin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in sbin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_sbin_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read named pipes in sbin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_sbin_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read named sockets in sbin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_read_sbin_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links in sbin directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_relabel_bin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to and from the bin type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_relabel_sbin_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to and from the sbin type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corecmd_sbin_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a file in a sbin directory -in the specified domain. -

- - -
Description
-

-

-Execute a file in a sbin directory -in the specified domain. This allows -the specified domain to execute any file -on these filesystems in the specified -domain. This is not suggested. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This interface was added to handle -the ssh-agent policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the new process. -

-		 -No -
-
-
- - -
- - -
- -corecmd_sbin_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a file in a sbin directory -in the specified domain but do not -do it automatically. This is an explicit -transition, requiring the caller to use setexeccon(). -

- - -
Description
-

-

-Execute a file in a sbin directory -in the specified domain. This allows -the specified domain to execute any file -on these filesystems in the specified -domain. This is not suggested. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This interface was added to handle -the userhelper policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the new process. -

-		 -No -
-
-
- - -
- - -
- -corecmd_search_bin( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_search_sbin( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -corecmd_shell_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a shell in the specified domain. -

- - -
Description
-

-

-Execute a shell in the specified domain. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the shell process. -

-		 -No -
-
-
- - -
- - -
- -corecmd_shell_entry_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the shell an entrypoint for the specified domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain for which the shell is an entrypoint. -

-		 -No -
-
-
- - -
- - -
- -corecmd_shell_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a shell in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Description
-

-

-Execute a shell in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the shell process. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_corenetwork.html b/www/api-docs/kernel_corenetwork.html deleted file mode 100644 index 6684ccf..0000000 --- a/www/api-docs/kernel_corenetwork.html +++ /dev/null @@ -1,31911 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: corenetwork

- -

Description:

- -

Policy controlling access to network objects

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -corenet_dontaudit_tcp_bind_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attepts to bind TCP sockets to any ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -corenet_dontaudit_tcp_bind_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to bind TCP sockets to all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -corenet_dontaudit_tcp_connect_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to connect TCP sockets -all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -corenet_dontaudit_udp_bind_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to bind UDP sockets to all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -corenet_non_ipsec_sendrecv( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages on a -non-encrypted (no IPSEC) network -session. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_bind_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind raw sockets to all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_receive_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive raw IP packets on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_send_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send raw IP packets on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_raw_sendrecv_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive raw IP packets on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_rw_ppp_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the point-to-point device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corenet_rw_tun_tap_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the TUN/TAP virtual network device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node compat_ipv4. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node inaddr_any. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node link_local. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node lo. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node mapped_ipv4. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node multicast. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node site_local. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to node unspec. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_bind_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind TCP sockets to the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect TCP sockets to all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect TCP sockets to reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect TCP sockets to generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect TCP sockets to generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_connect_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a TCP connection to the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on the generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP network traffic on generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_tcp_sendrecv_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive TCP traffic on the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_bind_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Bind UDP sockets to the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP network traffic on generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_receive_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive UDP traffic on the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic on generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_send_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic on the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_afs_bos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the afs_bos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_afs_fs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the afs_fs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_afs_ka_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the afs_ka port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_afs_pt_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the afs_pt port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_afs_vl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the afs_vl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_all_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on all interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_all_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on all nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_all_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on all ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_all_reserved_ports( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on all reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_amanda_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the amanda port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_amavisd_recv_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the amavisd_recv port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_amavisd_send_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the amavisd_send port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_asterisk_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the asterisk port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_auth_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the auth port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_bgp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the bgp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_clamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the clamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_clockspeed_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the clockspeed port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_compat_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the compat_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_comsat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the comsat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_cvs_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the cvs port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_dbskkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the dbskkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_dcc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the dcc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_dhcpc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the dhcpc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_dhcpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the dhcpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_dict_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the dict port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_distccd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the distccd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_dns_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the dns port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_fingerd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the fingerd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ftp_data_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ftp_data port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_gatekeeper_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the gatekeeper port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_generic_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and Receive UDP network traffic on generic interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_generic_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on generic nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_generic_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on generic ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_giftd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the giftd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_gopher_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the gopher port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_howl_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the howl port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_hplip_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the hplip port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_http_cache_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the http_cache port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_i18n_input_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the i18n_input port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_imaze_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the imaze port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_inaddr_any_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the inaddr_any node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_inetd_child_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the inetd_child port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_innd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the innd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ipp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ipp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ircd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ircd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_isakmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the isakmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_jabber_client_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the jabber_client port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_jabber_interserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the jabber_interserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_kerberos_admin_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the kerberos_admin port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_kerberos_master_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the kerberos_master port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_kerberos_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the kerberos port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ktalkd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ktalkd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ldap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ldap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_link_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the link_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_lo_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on the lo interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_lo_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the lo node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_mail_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the mail port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_mapped_ipv4_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the mapped_ipv4 node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_monopd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the monopd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_multicast_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the multicast node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_mysqld_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the mysqld port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_nessus_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the nessus port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_nmbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the nmbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ntp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ntp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_openvpn_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the openvpn port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_pegasus_http_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the pegasus_http port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_pegasus_https_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the pegasus_https port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_pop_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the pop port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_portmap_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the portmap port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_postgresql_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the postgresql port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_postgrey_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the postgrey port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_printer_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the printer port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ptal_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ptal port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_pxe_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the pxe port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_pyzor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the pyzor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_radacct_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the radacct port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_radius_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the radius port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_razor_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the razor port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_reserved_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic on generic reserved ports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_rlogind_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the rlogind port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_rndc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the rndc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_router_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the router port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_rsh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the rsh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_rsync_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the rsync port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_site_local_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the site_local node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_smbd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the smbd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_smtp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the smtp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_snmp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the snmp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_soundd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the soundd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_spamd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the spamd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_ssh_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the ssh port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_swat_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the swat port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_syslogd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the syslogd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_telnetd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the telnetd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_tftp_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the tftp port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_transproxy_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the transproxy port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_unspec_node( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the unspec node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_uucpd_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the uucpd port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_vnc_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the vnc port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_xserver_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the xserver port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_zebra_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the zebra port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_udp_sendrecv_zope_port( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic on the zope port. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -corenet_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to network objects. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_devices.html b/www/api-docs/kernel_devices.html deleted file mode 100644 index e1820d8..0000000 --- a/www/api-docs/kernel_devices.html +++ /dev/null @@ -1,6077 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: devices

- -

Description:

- -

-

-This module creates the device node concept and provides -the policy for many of the device files. Notable exceptions are -the mass storage and terminal devices that are covered by other -modules. -

-

-This module creates the concept of a device node. That is a -char or block device file, usually in /dev. All types that -are used to label device nodes should use the dev_node macro. -

-

-Additionally, this module controls access to three things: -

    -

  • the device directories containing device nodes

    • -

  • device nodes as a group

    • -

  • individual access to specific device nodes covered by -this module.

    • -

-

-

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -dev_append_printer( - - - - - domain - - - )
-
-
- -
Summary
-

-Append the printer device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_associate_usbfs( - - - - - file_type - - - )
-
-
- -
Summary
-

-Associate a file to a usbfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-The type of the file to be associated to usbfs. -

-		 -No -
-
-
- - -
- - -
- -dev_create_cardmgr_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -the PCMCIA card manager device -with the correct type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_create_generic_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read, write, and create for generic character device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_create_generic_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create a directory in the device directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed to create the directory. -

-		 -No -
-
-
- - -
- - -
- -dev_delete_generic_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete generic files in /dev. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_delete_generic_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete symbolic links in device directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_delete_lvm_control_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete the lvm control device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_all_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit getattr on all block file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_all_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit getattr on all character file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_apm_bios_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes of -the apm bios device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_generic_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit getattr on generic block devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_generic_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit getattr for generic character device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_generic_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit getattr on generic pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_memory_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-dontaudit getattr raw memory devices (e.g. /dev/mem). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_misc_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_scanner_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes of -the scanner device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_usbfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of a directory in the usb filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_getattr_video_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of video4linux device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_list_all_dev_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit attempts to list all device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit listing of device nodes. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_read_all_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit read on all block file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_read_all_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit read on all character file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_read_framebuffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the framebuffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_read_rand( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read from random -number generator devices (e.g., /dev/random) -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_rw_cardmgr( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and -write the PCMCIA card manager device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_rw_dri( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit read and write on the dri devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_rw_generic_dev_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit getattr for generic device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_rw_misc( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_search_sysfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search sysfs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_apm_bios_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the attributes of -the apm bios device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_framebuffer_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Dot not audit attempts to set the attributes -of the framebuffer device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_generic_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit setattr on generic block devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_generic_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit setattr for generic character device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to dontaudit access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_generic_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the attributes -of symbolic links in device directories (/dev). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_misc_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the attributes -of miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_scanner_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the attributes of -the scanner device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_dontaudit_setattr_video_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the attributes -of video4linux device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -dev_filetrans( - - - - - domain - - - - , - - - - file - - - - , - - - - objectclass(es) - - - )
-
-
- -
Summary
-

-Create, read, and write device nodes. The node -will be transitioned to the type provided. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-file - -

-Type to which the created node will be transitioned. -

-		 -No -
-objectclass(es) - -

-Object class(es) (single or set including {}) for which this -the transition will occur. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_agp_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Getattr the agp devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_all_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Getattr on all block file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_all_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Getattr on all character file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_apm_bios_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the apm bios device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_cpu_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the CPU -microcode and id interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_dri_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-getattr the dri devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_framebuffer_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the framebuffer device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_generic_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow getattr on generic block devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_generic_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow getattr for generic character device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_misc_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_mouse_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the mouse devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_mtrr_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the mtrr device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_power_mgmt_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the the power management device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_scanner_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the scanner device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_sound_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the sound devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_sysfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of sysfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_usbfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a directory in the usb filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_video_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of video4linux devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_getattr_xserver_misc_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of X server miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_list_all_dev_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-List all of the device nodes in a device directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed to list device nodes. -

-		 -No -
-
-
- - -
- - -
- -dev_list_sysfs( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the sysfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_list_usbfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to get a list of usb hardware. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type getting the list. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_all_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read, write, create, and delete all block device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_all_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read, write, create, and delete all character device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_all_dev_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, delete, read, and write device nodes in device directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_cardmgr_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -the PCMCIA card manager device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_dri_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the dri devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_generic_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, delete, read, and write block device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_generic_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, delete, read, and write character device files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_generic_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create a file in the device directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed to create the files. -

-		 -No -
-
-
- - -
- - -
- -dev_manage_generic_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, delete, read, and write symbolic links in device directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_mount_usbfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a usbfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_node( - - - - - object_type - - - )
-
-
- -
Summary
-

-Make the passed in type a type appropriate for -use on device nodes (usually files in /dev). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-object_type - -

-The object type that will be used on device nodes. -

-		 -No -
-
-
- - -
- - -
- -dev_read_cpuid( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the CPU identity. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_framebuffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the framebuffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_input( - - - - - domain - - - )
-
-
- -
Summary
-

-Read input event devices (/dev/input). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_lvm_control( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the lvm comtrol device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_misc( - - - - - domain - - - )
-
-
- -
Summary
-

-Read miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_mouse( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the mouse devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_mtrr( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the mtrr device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_rand( - - - - - domain - - - )
-
-
- -
Summary
-

-Read from random number generator -devices (e.g., /dev/random) -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_raw_memory( - - - - - domain - - - )
-
-
- -
Summary
-

-Read raw memory devices (e.g. /dev/mem). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_realtime_clock( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the realtime clock (/dev/rtc). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_sound( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the sound devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_sound_mixer( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the sound mixer devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_sysfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read hardware state information. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading hardware state information. -

-		 -No -
-
-
- - -
- - -
- -dev_read_urand( - - - - - domain - - - )
-
-
- -
Summary
-

-Read from pseudo random devices (e.g., /dev/urandom) -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_read_usbfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read USB hardware information using -the usbfs filesystem interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_relabel_all_dev_nodes( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow full relabeling (to and from) of all device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed to relabel. -

-		 -No -
-
-
- - -
- - -
- -dev_relabel_generic_dev_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow full relabeling (to and from) of directories in /dev. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed to relabel. -

-		 -No -
-
-
- - -
- - -
- -dev_relabel_generic_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel symbolic links in device directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_agp( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the agp devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_apm_bios( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the apm bios. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_cardmgr( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the PCMCIA card manager device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_cpu_microcode( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the the CPU microcode device. This -is required to load CPU microcode. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_crypto( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the the hardware SSL accelerator. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_dri( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the dri devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_framebuffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the framebuffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_generic_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write generic files in /dev. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_generic_usb_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write generic the USB devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_input_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Read input event devices (/dev/input). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_lvm_control( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the lvm control device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_mouse( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to mouse devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_mtrr( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the mtrr device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_null( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to the null device (/dev/null). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_power_management( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the the power management device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_printer( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the printer device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_realtime_clock( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and set the realtime clock (/dev/rtc). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_scanner( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the scanner device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_sysfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to modify hardware state information. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type modifying hardware state information. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_usbfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to modify usb hardware configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type modifying the options. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_xserver_misc( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write X server miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rw_zero( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to the zero device (/dev/zero). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rwx_zero( - - - - - domain - - - )
-
-
- -
Summary
-

-Read, write, and execute the zero device (/dev/zero). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_rx_raw_memory( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and execute raw memory devices (e.g. /dev/mem). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_search_sysfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the sysfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_search_usbfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the directory containing USB hardware information. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_all_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Setattr on all block file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_all_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Setattr on all character file device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_apm_bios_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the apm bios device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_dri_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Setattr the dri devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_framebuffer_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the framebuffer device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_generic_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of /dev directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_misc_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_mouse_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the mouse devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_power_mgmt_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the the power management device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_printer_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the printer device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_scanner_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the scanner device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_sound_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the sound devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_video_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of video4linux device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_setattr_xserver_misc_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of X server miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_framebuffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Write the framebuffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_misc( - - - - - domain - - - )
-
-
- -
Summary
-

-Write miscellaneous devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_mtrr( - - - - - domain - - - )
-
-
- -
Summary
-

-Write the mtrr device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_rand( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to the random device (e.g., /dev/random). This adds -entropy used to generate the random data read from the -random device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_raw_memory( - - - - - domain - - - )
-
-
- -
Summary
-

-Write raw memory devices (e.g. /dev/mem). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_realtime_clock( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the realtime clock (/dev/rtc). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_sound( - - - - - domain - - - )
-
-
- -
Summary
-

-Write the sound devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_sound_mixer( - - - - - domain - - - )
-
-
- -
Summary
-

-Write the sound mixer devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_write_urand( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to the pseudo random device (e.g., /dev/urandom). This -sets the random number generator seed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dev_wx_raw_memory( - - - - - domain - - - )
-
-
- -
Summary
-

-Write and execute raw memory devices (e.g. /dev/mem). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_domain.html b/www/api-docs/kernel_domain.html deleted file mode 100644 index be075a3..0000000 --- a/www/api-docs/kernel_domain.html +++ /dev/null @@ -1,2679 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: domain

- -Interfaces -Templates - -

Description:

- -

Core policy for domains.

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -domain_base_type( - - - - - type - - - )
-
-
- -
Summary
-

-Make the specified type usable as a basic domain. -

- - -
Description
-

-

-Make the specified type usable as a basic domain. -

-

-This is primarily used for kernel threads; -generally the domain_type() interface is -more appropriate for userland processes. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-type - -

-Type to be used as a basic domain type. -

-		 -No -
-
-
- - -
- - -
- -domain_cron_exemption_source( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the specified domain the source of -the cron domain exception of the -SELinux role and identity change -constraints. -

- - -
Description
-

-

-Make the specified domain the source of -the cron domain exception of the -SELinux role and identity change -constraints. -

-

-This interface is needed to decouple -the cron domains from the base module. -It should not be used other than on -cron domains. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain target for user exemption. -

-		 -No -
-
-
- - -
- - -
- -domain_cron_exemption_target( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the specified domain the target of -the cron domain exception of the -SELinux role and identity change -constraints. -

- - -
Description
-

-

-Make the specified domain the target of -the cron domain exception of the -SELinux role and identity change -constraints. -

-

-This interface is needed to decouple -the cron domains from the base module. -It should not be used other than on -user cron jobs. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain target for user exemption. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_dgram_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all domains unix datagram sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all domains of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_key_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get attribues of -all domains IPSEC key management sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_packet_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get attribues of -all domains packet sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all domains unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_raw_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get attribues of -all domains raw sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all domains sockets, for all socket types. -

- - -
Description
-

-

-Do not audit attempts to get the attributes -of all domains sockets, for all socket types. -

-

-This interface was added for PCMCIA cardmgr -and is probably excessive. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_stream_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all domains unix datagram sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all domains TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getattr_all_udp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all domains UDP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_getsession_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -session ID of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_list_all_domains_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the process state -directories of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_ptrace_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to ptrace all domains. -

- - -
Description
-

-

-Do not audit attempts to ptrace all domains. -

-

-Generally this needs to be suppressed because procps tries to access -/proc/pid/environ and this now triggers a ptrace check in recent kernels -(2.4 and 2.6). -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_ptrace_confined_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to ptrace confined domains. -

- - -
Description
-

-

-Do not audit attempts to ptrace confined domains. -

-

-Generally this needs to be suppressed because procps tries to access -/proc/pid/environ and this now triggers a ptrace check in recent kernels -(2.4 and 2.6). -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_read_all_domains_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the process -state (/proc/pid) of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_rw_all_key_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -all domains key sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_rw_all_udp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -all domains UDP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_search_all_domains_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the process -state directory (/proc/pid) of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -domain_dontaudit_use_interactive_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_dyntrans_type( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_entry_file( - - - - - domain - - - - , - - - - type - - - )
-
-
- -
Summary
-

-Make the specified type usable as -an entry point for the domain. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to be entered. -

-		 -No -
-type - -

-Type of program used for entering -the domain. -

-		 -No -
-
-
- - -
- - -
- -domain_entry_file_spec_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute an entry_type in the specified domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_exec_all_entry_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_getattr_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all domains of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_getattr_all_entry_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of entry point -files for all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_getattr_all_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all domains -sockets, for all socket types. -

- - -
Description
-

-

-Get the attributes of all domains -sockets, for all socket types. -

-

-This is commonly used for domains -that can use lsof on all domains. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_getattr_confined_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all confined domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_getsession_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the session ID of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_interactive_fd( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_kill_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a kill signal to all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_manage_all_entry_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete all -entrypoint files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_mmap_all_entry_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Mmap all entry point files as executable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_obj_id_change_exemption( - - - - - domain - - - )
-
-
- -
Summary
-

-Makes caller an exception to the constraint preventing -changing the user identity in object contexts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to make an exception to the constraint. -

-		 -No -
-
-
- - -
- - -
- -domain_ptrace_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Ptrace all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_read_all_domains_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the process state (/proc/pid) of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_read_all_entry_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_read_confined_domains_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the process state (/proc/pid) of all confined domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_relabel_all_entry_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to and from all entry point -file types. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_role_change_exemption( - - - - - domain - - - )
-
-
- -
Summary
-

-Makes caller an exception to the constraint preventing -changing of role. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to make an exception to the constraint. -

-		 -No -
-
-
- - -
- - -
- -domain_search_all_domains_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the process state directory (/proc/pid) of all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_setpriority_all_domains( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_sigchld_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a child terminated signal to all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_sigchld_interactive_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to domains whose file -discriptors are widely inheritable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_signal_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Send general signals to all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_signull_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a null signal to all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_sigstop_all_domains( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a stop signal to all domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_subj_id_change_exemption( - - - - - domain - - - )
-
-
- -
Summary
-

-Makes caller an exception to the constraint preventing -changing of user identity. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to make an exception to the constraint. -

-		 -No -
-
-
- - -
- - -
- -domain_system_change_exemption( - - - - - domain - - - )
-
-
- -
Summary
-

-Makes caller and execption to the constraint -preventing changing to the system user -identity and system role. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -domain_type( - - - - - type - - - )
-
-
- -
Summary
-

-Make the specified type usable as a domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-type - -

-Type to be used as a domain type. -

-		 -No -
-
-
- - -
- - -
- -domain_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -domain_use_interactive_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_user_exemption_target( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the specified domain the target of -the user domain exception of the -SELinux role and identity change -constraints. -

- - -
Description
-

-

-Make the specified domain the target of -the user domain exception of the -SELinux role and identity change -constraints. -

-

-This interface is needed to decouple -the user domains from the base module. -It should not be used other than on -user domains. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain target for user exemption. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -domain_auto_trans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -domain_trans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/kernel_files.html b/www/api-docs/kernel_files.html deleted file mode 100644 index f10180e..0000000 --- a/www/api-docs/kernel_files.html +++ /dev/null @@ -1,9228 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: files

- -

Description:

- -

-

-This module contains basic filesystem types and interfaces. This -includes: -

    -

  • The concept of different file types including basic -files, mount points, tmp files, etc.

    • -

  • Access to groups of files and all files.

    • -

  • Types and interfaces for the basic filesystem layout -(/, /etc, /tmp, /usr, etc.).

    • -

-

-

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -files_associate_tmp( - - - - - file_type - - - )
-
-
- -
Summary
-

-Allow the specified type to associate -to a filesystem with the type of the -temporary directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to associate. -

-		 -No -
-
-
- - -
- - -
- -files_boot_filetrans( - - - - - domain - - - - , - - - - private_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create a private type object in boot -with an automatic type transition -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-private_type - -

-The type of the object to be created. -

-		 -No -
-object_class - -

-The object class of the object being created. -

-		 -No -
-
-
- - -
- - -
- -files_config_file( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a -configuration file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type to be used as a configuration file. -

-		 -No -
-
-
- - -
- - -
- -files_create_boot_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create directories in /boot -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_create_boot_flag( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_create_kernel_img( - - - - - domain - - - )
-
-
- -
Summary
-

-Install a kernel into the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_create_kernel_symbol_table( - - - - - domain - - - )
-
-
- -
Summary
-

-Install a system.map into the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_delete_all_locks( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_delete_all_pid_dirs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_delete_all_pids( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_delete_etc_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete system configuration files in /etc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_delete_kernel( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete a kernel from /boot. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_delete_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete kernel module files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_delete_kernel_symbol_table( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete a system.map in the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_delete_root_dir_entry( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_all_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_all_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_all_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all named pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_all_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all named sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_all_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_boot_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get attributes -of the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_default_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes of -directories with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_default_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes of -files with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_home_dir( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of the home directories root -(/home). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_non_security_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of non security block devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_non_security_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of non security character devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_non_security_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of non security files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_non_security_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of non security named pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_non_security_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of non security named sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_non_security_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of non security symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_pid_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of the /var/run directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_getattr_tmp_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_ioctl_all_pids( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to ioctl daemon runtime data files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_list_default( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list contents of -directories with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_list_home( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list -home directories root (/home). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_list_non_security( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list all -non-security directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_list_tmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit listing of the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain not to audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_read_default_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read files -with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_read_etc_runtime_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read files -in /etc that are dynamically -created on boot, such as mtab. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_read_root_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_rw_root_chr_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_rw_root_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_all_dirs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_boot( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_home( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search -home directories root (/home). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_isid_type_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search directories on new filesystems -that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_locks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the -locks directory (/var/lock). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_pids( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search -the /var/run directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search generic -spool directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_src( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_search_var( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search -the contents of /var. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_write_all_pids( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write to daemon runtime data files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_dontaudit_write_var_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write to /var. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -files_etc_filetrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_exec_etc_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_exec_usr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute generic programs in /usr in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_exec_usr_src_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute programs in /usr/src in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_all_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_all_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_all_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all named pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_all_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all named sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_all_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_boot_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get attributes of the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_default_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Getattr of directories with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_generic_locks( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_getattr_home_dir( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the home directories root -(/home). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_isid_type_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Getattr of directories on new filesystems -that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of kernel module files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_tmp_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_usr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of files in /usr. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_getattr_var_lib_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the /var/lib directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_home_filetrans( - - - - - domain - - - - , - - - - home_type - - - - , - - - - object - - - )
-
-
- -
Summary
-

-Create objects in /home. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-home_type - -

-The private type. -

-		 -No -
-object - -

-The class of the object being created. -

-		 -No -
-
-
- - -
- - -
- -files_kernel_modules_filetrans( - - - - - domain - - - - , - - - - private_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in the kernel module directories -with a private type via an automatic type transition. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-private_type - -

-The type of the object to be created. -

-		 -No -
-object_class - -

-The object class of the object being created. -

-		 -No -
-
-
- - -
- - -
- -files_list_all( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_list_default( - - - - - domain - - - )
-
-
- -
Summary
-

-List contents of directories with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_etc( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_list_home( - - - - - domain - - - )
-
-
- -
Summary
-

-Get listing of home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_isid_type_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of directories on new filesystems -that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the kernel module directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_mnt( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_list_non_security( - - - - - domain - - - )
-
-
- -
Summary
-

-List all non-security directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_pids( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_list_root( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_list_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_list_tmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_usr( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of generic -directories in /usr. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_var( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of /var. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_var_lib( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the /var/lib directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_list_world_readable( - - - - - domain - - - )
-
-
- -
Summary
-

-List world-readable directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_lock_file( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_lock_filetrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_manage_all_files( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Manage all files on the filesystem, except -the listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -files_manage_boot_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files -in the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_boot_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic links -in the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_etc_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_manage_etc_runtime_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files in -/etc that are dynamically created on boot, -such as mtab. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_generic_locks( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_manage_generic_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_manage_generic_spool_dirs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_manage_isid_type_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete block device nodes -on new filesystems that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_isid_type_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete character device nodes -on new filesystems that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_isid_type_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete directories -on new filesystems that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_isid_type_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files -on new filesystems that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_isid_type_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic links -on new filesystems that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -kernel module files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_lost_found( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete objects in -lost+found directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_mnt_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete directories in /mnt. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_mnt_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files in /mnt. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_mnt_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic links in /mnt. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_mounttab( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow domain to manage mount tables -necessary for rpcd, nfsd, etc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_urandom_seed( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_manage_var_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete directories -in the /var directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_var_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files in the /var directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_manage_var_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic -links in the /var directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_mount_all_file_type_fs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_mounton_all_mountpoints( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_mounton_all_poly_members( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount filesystems on all polyinstantiation -member directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_mounton_default( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a filesystem on a directory with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_mounton_isid_type_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a filesystem on a directory on new filesystems -that has not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_mounton_mnt( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a filesystem on /mnt. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_mountpoint( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_pid_file( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_pid_filetrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_poly( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a -polyinstantiated directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to be used as a -polyinstantiated directory. -

-		 -No -
-
-
- - -
- - -
- -files_poly_member( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a -polyinstantiation member directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to be used as a -member directory. -

-		 -No -
-
-
- - -
- - -
- -files_poly_member_tmp( - - - - - domain - - - - , - - - - file_type - - - )
-
-
- -
Summary
-

-Make the domain use the specified -type of polyinstantiated directory. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain using the polyinstantiated -directory. -

-		 -No -
-file_type - -

-Type of the file to be used as a -member directory. -

-		 -No -
-
-
- - -
- - -
- -files_poly_parent( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a parent -of a polyinstantiated directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to be used as a -parent directory. -

-		 -No -
-
-
- - -
- - -
- -files_polyinstantiate_all( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow access to manage all polyinstantiated -directories on the system. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_purge_tmp( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_read_all_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all block nodes with file types. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_all_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all character nodes with file types. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_all_dirs_except( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Read all directories on the filesystem, except -the listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -files_read_all_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_all_files_except( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Read all files on the filesystem, except -the listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -files_read_all_locks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all lock files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_all_pids( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_read_all_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_all_symlinks_except( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Read all symbolic links on the filesystem, except -the listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -files_read_default_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_default_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read named pipes with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_default_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read sockets with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_default_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_etc_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_read_etc_runtime_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in /etc that are dynamically -created on boot, such as mtab. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_generic_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_read_generic_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_generic_tmp_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links in the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_isid_type_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files on new filesystems -that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Read kernel module files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_kernel_symbol_table( - - - - - domain - - - )
-
-
- -
Summary
-

-Read system.map in the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_non_security_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all non-security files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_usr_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_read_usr_src_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_read_usr_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links in /usr. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_var_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in the /var directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_var_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read generic files in /var/lib. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_var_lib_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read generic symbolic links in /var/lib -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_var_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links in the /var directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_world_readable_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read world-readable files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_world_readable_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read world-readable named pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_world_readable_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read world-readable sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_read_world_readable_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read world-readable symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_relabel_all_files( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Relabel all files on the filesystem, except -the listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -files_relabel_etc_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from and to generic files in /etc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_relabel_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from and to kernel module files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_relabelfrom_boot_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from files in the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_relabelto_all_file_type_fs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_relabelto_usr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel a file to the type used in /usr. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_root_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object - - - )
-
-
- -
Summary
-

-Create an object in the root directory, with a private -type. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-private type - -

-The type of the object to be created. -

-		 -No -
-object - -

-The object class of the object being created. -

-		 -No -
-
-
- - -
- - -
- -files_rw_boot_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write symbolic links -in the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_rw_etc_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_rw_etc_runtime_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write files in /etc that are dynamically -created on boot, such as mtab. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_rw_generic_pids( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_rw_generic_tmp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write generic named sockets in the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_rw_isid_type_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write block device nodes on new filesystems -that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_rw_isid_type_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write directories on new filesystems -that have not yet been labeled. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_rw_lock_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Add and remove entries in the /var/lock -directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_all( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_search_boot( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the /boot directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_default( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the contents of directories with the default file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_etc( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_search_home( - - - - - domain - - - )
-
-
- -
Summary
-

-Search home directories root (/home). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the contents of the kernel module directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_locks( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the locks directory (/var/lock). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_mnt( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_search_pids( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_search_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_search_tmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the tmp directory (/tmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_usr( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_search_var( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the contents of /var. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_search_var_lib( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the /var/lib directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_security_file( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a file that -should not be dontaudited from -browsing from user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to be used as a -member directory. -

-		 -No -
-
-
- - -
- - -
- -files_setattr_all_tmp_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of all tmp directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_setattr_etc_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the /etc directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_tmp_file( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a file -used for temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to be used as a -temporary file. -

-		 -No -
-
-
- - -
- - -
- -files_tmp_filetrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_tmpfs_file( - - - - - type - - - )
-
-
- -
Summary
-

-Transform the type into a file, for use on a -virtual memory filesystem (tmpfs). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-type - -

-The type to be transformed. -

-		 -No -
-
-
- - -
- - -
- -files_type( - - - - - type - - - )
-
-
- -
Summary
-

-Make the specified type usable for files -in a filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-type - -

-Type to be used for files. -

-		 -No -
-
-
- - -
- - -
- -files_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_unmount_all_file_type_fs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_unmount_rootfs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -files_usr_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in the /usr directory -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-file_type - -

-The type of the object to be created -

-		 -No -
-object_class - -

-The object class. -

-		 -No -
-
-
- - -
- - -
- -files_var_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in the /var directory -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-file_type - -

-The type of the object to be created -

-		 -No -
-object_class - -

-The object class. -

-		 -No -
-
-
- - -
- - -
- -files_var_lib_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in the /var/lib directory -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-file_type - -

-The type of the object to be created -

-		 -No -
-object_class - -

-The object class. -

-		 -No -
-
-
- - -
- - -
- -files_write_kernel_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Write kernel module files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -files_write_non_security_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow attempts to modify any directory -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to allow -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_filesystem.html b/www/api-docs/kernel_filesystem.html deleted file mode 100644 index 140134d..0000000 --- a/www/api-docs/kernel_filesystem.html +++ /dev/null @@ -1,6995 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: filesystem

- -

Description:

- -

Policy for filesystems.

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -fs_associate( - - - - - file_type - - - )
-
-
- -
Summary
-

-Associate the specified file type to persistent -filesystems with extended attributes. This -allows a file of this type to be created on -a filesystem such as ext3, JFS, and XFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-The type of the to be associated. -

-		 -No -
-
-
- - -
- - -
- -fs_associate_noxattr( - - - - - file_type - - - )
-
-
- -
Summary
-

-Associate the specified file type to -filesystems which lack extended attributes -support. This allows a file of this type -to be created on a filesystem such as -FAT32, and NFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-The type of the to be associated. -

-		 -No -
-
-
- - -
- - -
- -fs_associate_tmpfs( - - - - - type - - - )
-
-
- -
Summary
-

-Allow the type to associate to tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-type - -

-The type of the object to be associated. -

-		 -No -
-
-
- - -
- - -
- -fs_cifs_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a file on a CIFS or SMB filesystem -in the specified domain. -

- - -
Description
-

-

-Execute a file on a CIFS or SMB filesystem -in the specified domain. This allows -the specified domain to execute any file -on these filesystems in the specified -domain. This is not suggested. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This interface was added to handle -home directories on CIFS/SMB filesystems, -in particular used by the ssh-agent policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-target_domain - -

-The type of the new process. -

-		 -No -
-
-
- - -
- - -
- -fs_donaudit_read_removable_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read removable storage files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain not to audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_getattr_all_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all files with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_getattr_all_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -all filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_getattr_all_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all named pipes with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_getattr_all_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all named sockets with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_getattr_all_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all symbolic links with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_getattr_xattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to -get the attributes of a persistent -filesystem which has extended -attributes, such as ext3, JFS, or XFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_list_auto_mountpoints( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list directories of automatically -mounted filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_list_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list the contents -of directories on a CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_list_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list the contents -of directories on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_list_removable( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list removable storage directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain not to audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_list_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list the -contents of generic tmpfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_manage_cifs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to create, read, -write, and delete directories -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the directories. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_manage_cifs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to create, read, -write, and delete files -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_manage_nfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to create, read, -write, and delete directories -on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_manage_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to create, -read, write, and delete files -on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_read_cifs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read -files on a CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_read_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read -files on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_read_ramfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit read on a ramfs files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_read_ramfs_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit read on a ramfs fifo_files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_rw_cifs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or -write files on a CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_rw_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or -write files on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_rw_tmpfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -generic tmpfs files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_search_ramfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Dontaudit Search directories on a ramfs -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_dontaudit_use_tmpfs_chr_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-dontaudit Read and write character nodes on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_exec_cifs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute files on a CIFS or SMB -network filesystem, in the caller -domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain executing the files. -

-		 -No -
-
-
- - -
- - -
- -fs_exec_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute files on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain executing the files. -

-		 -No -
-
-
- - -
- - -
- -fs_exec_noxattr( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute files on a filesystem that does -not support extended attributes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_get_all_fs_quotas( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the quotas of all filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain getting quotas. -

-		 -No -
-
-
- - -
- - -
- -fs_get_xattr_fs_quotas( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the filesystem quotas of a filesystem -with extended attributes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_all_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all directories -with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_all_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all files with -a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_all_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all persistent -filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_all_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all named pipes with -a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_all_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all named sockets with -a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_all_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all symbolic links with -a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_autofs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of an automount -pseudo filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a CIFS or -SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_dos_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a DOS -filesystem, such as FAT32 or NTFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_iso9660_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of an iso9660 -filesystem, which is usually used on CDs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_nfsd_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a NFS server -pseudo filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_ramfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a RAM filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_romfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a ROM -filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_rpc_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read directories of RPC file system pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_rpc_pipefs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a RPC pipe -filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a tmpfs -filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_tmpfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of tmpfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_getattr_xattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a persistent -filesystem which has extended -attributes, such as ext3, JFS, or XFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_list_all( - - - - - domain - - - )
-
-
- -
Summary
-

-List all directories with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_list_auto_mountpoints( - - - - - domain - - - )
-
-
- -
Summary
-

-Read directories of automatically -mounted filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_list_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of directories on a -CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_list_inotifyfs( - - - - - domain - - - )
-
-
- -
Summary
-

-List inotifyfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_list_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-List NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_list_noxattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all noxattrfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_list_rpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Read directories of RPC file system pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_list_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of generic tmpfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_auto_mountpoints( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -auto moutpoints. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_cifs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete directories -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the directories. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_cifs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the files. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_cifs_named_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named pipes -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the pipes. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_cifs_named_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named sockets -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the sockets. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_cifs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic links -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_nfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete directories -on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the directories. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files -on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the files. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_nfs_named_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named pipes -on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the pipes. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_nfs_named_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named sockets -on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the sockets. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_nfs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic links -on a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain managing the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_tmpfs_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write, create and delete block nodes -on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_tmpfs_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write, create and delete character -nodes on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_tmpfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -tmpfs directories -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_tmpfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write, create and delete generic -files on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_tmpfs_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write, create and delete socket -files on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_manage_tmpfs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write, create and delete symbolic -links on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_all_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount all filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_autofs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount an automount pseudo filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_dos_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a DOS filesystem, such as -FAT32 or NTFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_iso9660_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount an iso9660 filesystem, which -is usually used on CDs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_nfsd_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a NFS server pseudo filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_ramfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a RAM filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_romfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a ROM filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_rpc_pipefs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a RPC pipe filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a tmpfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_mount_xattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_nfs_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a file on a NFS filesystem -in the specified domain. -

- - -
Description
-

-

-Execute a file on a NFS filesystem -in the specified domain. This allows -the specified domain to execute any file -on a NFS filesystem in the specified -domain. This is not suggested. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This interface was added to handle -home directories on NFS filesystems, -in particular used by the ssh-agent policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-target_domain - -

-The type of the new process. -

-		 -No -
-
-
- - -
- - -
- -fs_noxattr_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Transform specified type into a filesystem -type which does not have extended attribute -support. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_read_cifs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files on a CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_cifs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links on a CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_read_eventpollfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read eventpollfs files -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_nfs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_read_noxattr_fs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all noxattrfs files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_noxattr_fs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all noxattrfs symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_removable_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read removable storage files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_removable_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read removable storage symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_read_rpc_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files of RPC file system pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_read_rpc_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read sockets of RPC file system pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_read_rpc_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links of RPC file system pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_read_tmpfs_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read tmpfs link files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_register_binary_executable_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Register an interpreter for new binary -file types, using the kernel binfmt_misc -support. A common use for this is to -register a JVM as an interpreter for -Java byte code. Registered binaries -can be directly executed on a command line -without specifying the interpreter. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain registering -the interpreter. -

-		 -No -
-
-
- - -
- - -
- -fs_relabel_tmpfs_blk_file( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel block nodes on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_relabel_tmpfs_chr_file( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel character nodes on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_relabelfrom_all_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabelfrom all filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -getattr on the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_relabelfrom_dos_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow changing of the label of a -DOS filesystem using the context= mount option. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_relabelfrom_xattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow changing of the label of a -filesystem with extended attributes -using the context= mount option. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_all_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount all filesystems. This -allows some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_autofs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount an automount pseudo filesystem -This allows some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a CIFS or SMB network filesystem. -This allows some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_dos_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a DOS filesystem, such as -FAT32 or NTFS. This allows -some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_iso9660_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount an iso9660 filesystem, which -is usually used on CDs. This allows -some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a NFS filesystem. This allows -some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_nfsd_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a NFS server pseudo filesystem. -This allows some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_ramfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a RAM filesystem. This allows -some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_romfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a ROM filesystem. This allows -some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_rpc_pipefs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a RPC pipe filesystem. This -allows some mount option to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a tmpfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_remount_xattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. This allows -some mount options to be changed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_rw_nfsd_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write NFS server files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -read or write on nfsd files. -

-		 -No -
-
-
- - -
- - -
- -fs_rw_ramfs_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write a named pipe on a ramfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_rw_tmpfs_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write block nodes on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_rw_tmpfs_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write character nodes on tmpfs filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_rw_tmpfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write generic tmpfs files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_search_all( - - - - - domain - - - )
-
-
- -
Summary
-

-Search all directories with a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_search_auto_mountpoints( - - - - - domain - - - )
-
-
- -
Summary
-

-Search automount filesystem to use automatically -mounted filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_search_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search directories on a CIFS or SMB filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_search_inotifyfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search inotifyfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_search_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search directories on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_search_nfsd_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search NFS server directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain doing the -search on nfsd directories. -

-		 -No -
-
-
- - -
- - -
- -fs_search_ramfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search directories on a ramfs -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_search_removable( - - - - - domain - - - )
-
-
- -
Summary
-

-Search removable storage directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_search_rpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Search directories of RPC file system pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain reading the symbolic links. -

-		 -No -
-
-
- - -
- - -
- -fs_search_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search tmpfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_set_all_quotas( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the quotas of all filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain setting quotas. -

-		 -No -
-
-
- - -
- - -
- -fs_set_xattr_fs_quotas( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the filesystem quotas of a filesystem -with extended attributes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_setattr_tmpfs_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of tmpfs directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_tmpfs_filetrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -fs_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Transform specified type into a filesystem type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fs_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to filesystems -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_all_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount all filesystems. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_autofs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount an automount pseudo filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_cifs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a CIFS or SMB network filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_dos_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a DOS filesystem, such as -FAT32 or NTFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_iso9660_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount an iso9660 filesystem, which -is usually used on CDs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_nfsd_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a NFS server pseudo filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_ramfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a RAM filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_romfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a ROM filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_rpc_pipefs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a RPC pipe filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_tmpfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a tmpfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_unmount_xattr_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -fs_write_nfs_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files on a NFS filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_write_ramfs_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to named pipe on a ramfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -fs_write_ramfs_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to named socket on a ramfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_kernel.html b/www/api-docs/kernel_kernel.html deleted file mode 100644 index e25b4b0..0000000 --- a/www/api-docs/kernel_kernel.html +++ /dev/null @@ -1,4332 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: kernel

- -

Description:

- -

-Policy for kernel threads, proc filesystem, -and unlabeled processes and objects. -

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -kernel_change_ring_buffer_level( - - - - - domain - - - )
-
-
- -
Summary
-

-Change the level of kernel messages logged to the console. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_clear_ring_buffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows the caller to clear the ring buffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type clearing the buffer. -

-		 -No -
-
-
- - -
- - -
- -kernel_dgram_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send messages to kernel unix datagram sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_domtrans_to( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Allows to start userland processes -by transitioning to the specified domain. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The process type entered by kernel. -

-		 -No -
-entrypoint - -

-The executable type for the entrypoint. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_core_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes of -core kernel interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to not audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_message_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get the attributes of kernel -message interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_unlabeled_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get attributes for -unlabeled block devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_unlabeled_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get attributes for -unlabeled character devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_unlabeled_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get the -attributes of an unlabeled file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_unlabeled_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get the -attributes of unlabeled named pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_unlabeled_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get the -attributes of unlabeled named sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_getattr_unlabeled_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to get the -attributes of unlabeled symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_list_proc( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list the -contents of directories in /proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_list_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list unlabeled directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_read_proc_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to -read system state information in proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_read_ring_buffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the ring buffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_read_system_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to -read system state information in proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_read_unlabeled_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to -read an unlabeled file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_search_kernel_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search generic kernel sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_search_network_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the network -state directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the state. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_search_network_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to search network sysctl directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_search_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts by caller to search -the base directory of sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to use -kernel file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of process not to audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_dontaudit_write_kernel_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write generic kernel sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -kernel_get_sysvipc_info( - - - - - domain - - - )
-
-
- -
Summary
-

-Get information on all System V IPC objects. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

- -

-		 -No -
-
-
- - -
- - -
- -kernel_getattr_core_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to get attribues of core kernel interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type getting the attibutes. -

-		 -No -
-
-
- - -
- - -
- -kernel_getattr_debugfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of a kernel debugging filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_getattr_message_if( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to get the attributes of kernel message -interface (/proc/kmsg). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type getting the attributes. -

-		 -No -
-
-
- - -
- - -
- -kernel_getattr_proc( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the proc filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_getattr_proc_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of files in /proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_kill_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a kill signal to unlabeled processes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_list_proc( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of directories in /proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_list_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-List unlabeled directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_load_module( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to load kernel modules -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to allow to load kernel modules. -

-		 -No -
-
-
- - -
- - -
- -kernel_mount_debugfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Mount a kernel debugging filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain mounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_all_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read all sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_debugfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read information from the debugging filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_device_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read the device sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to allow to read the device sysctls. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_fs_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read filesystem sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_hotplug_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the hotplug sysctl. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_irq_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read IRQ sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_kernel_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read generic kernel sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_messages( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read kernel messages -using the /proc/kmsg interface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the messages. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_modprobe_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the modprobe sysctl. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_net_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read network sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_network_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read the network state information. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the state. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_network_state_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read the network state symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the state. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_proc_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read symbolic links in /proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_ring_buffer( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to read the ring buffer. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type allowed to read the ring buffer. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_rpc_sysctls( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -kernel_read_software_raid_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read the state information for software raid. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading software raid state. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow access to read sysctl directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to allow to read sysctl directories. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_system_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to read system state information in proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the system state information. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_unix_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read unix domain -socket sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_read_vm_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read virtual memory sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_relabelfrom_unlabeled_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to relabel unlabeled directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type relabeling the objects. -

-		 -No -
-
-
- - -
- - -
- -kernel_relabelfrom_unlabeled_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to relabel unlabeled files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type relabeling the objects. -

-		 -No -
-
-
- - -
- - -
- -kernel_relabelfrom_unlabeled_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to relabel unlabeled named pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type relabeling the objects. -

-		 -No -
-
-
- - -
- - -
- -kernel_relabelfrom_unlabeled_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to relabel unlabeled named sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type relabeling the objects. -

-		 -No -
-
-
- - -
- - -
- -kernel_relabelfrom_unlabeled_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to relabel unlabeled symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type relabeling the objects. -

-		 -No -
-
-
- - -
- - -
- -kernel_remount_debugfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Remount a kernel debugging filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain remounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -kernel_rootfs_mountpoint( - - - - - directory_type - - - )
-
-
- -
Summary
-

-Allows the kernel to mount filesystems on -the specified directory type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-directory_type - -

-The type of the directory to use as a mountpoint. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_all_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write all sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_device_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write device sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_fs_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write fileystem sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_hotplug_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the hotplug sysctl. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_irq_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write IRQ sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_kernel_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write generic kernel sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_modprobe_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the modprobe sysctl. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_net_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to modiry contents of sysctl network files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write kernel unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_rpc_sysctls( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_software_raid_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read and set the state information for software raid. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading software raid state. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_unix_dgram_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write kernel unix datagram sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_unix_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unix domain -socket sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_unlabeled_blk_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unlabeled block device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_unlabeled_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unlabeled directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_rw_vm_sysctls( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write virtual memory sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_search_debugfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the contents of a kernel debugging filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_search_network_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow searching of network state directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the state. -

-		 -No -
-
-
- - -
- - -
- -kernel_search_network_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Search network sysctl directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_search_proc( - - - - - domain - - - )
-
-
- -
Summary
-

-Search directories in /proc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_search_vm_sysctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to search virtual memory sysctls. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_sendrecv_unlabeled_association( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from an -unlabeled IPSEC association. -

- - -
Description
-

-

-Send and receive messages from an -unlabeled IPSEC association. Network -connections that are not protected -by IPSEC have use an unlabeled -assocation. -

-

-The corenetwork interface -corenet_non_ipsec_sendrecv() should -be used instead of this one. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_setpgid( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the process group of kernel threads. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_share_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows the kernel to share state information with -the caller. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process with which to share state information. -

-		 -No -
-
-
- - -
- - -
- -kernel_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to kernel threads. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process sending the signal. -

-		 -No -
-
-
- - -
- - -
- -kernel_sigchld_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a child terminated signal to unlabeled processes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a generic signal to kernel threads. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process sending the signal. -

-		 -No -
-
-
- - -
- - -
- -kernel_signal_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-Send general signals to unlabeled processes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_signull_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a null signal to unlabeled processes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_sigstop_unlabeled( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a stop signal to unlabeled processes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_tcp_recvfrom( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive messages from kernel TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_udp_recvfrom( - - - - - domain - - - )
-
-
- -
Summary
-

-Receive messages from kernel UDP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_udp_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to the kernel. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to kernel module resources. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kernel_unmount_debugfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Unmount a kernel debugging filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain unmounting the filesystem. -

-		 -No -
-
-
- - -
- - -
- -kernel_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Permits caller to use kernel file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process using the descriptors. -

-		 -No -
-
-
- - -
- - -
- -kernel_write_proc_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to generic proc entries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_mcs.html b/www/api-docs/kernel_mcs.html deleted file mode 100644 index 49d1be6..0000000 --- a/www/api-docs/kernel_mcs.html +++ /dev/null @@ -1,157 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: mcs

- -

Description:

- -

Multicategory security policy

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -mcs_killall( - - - - - domain - - - )
-
-
- -
Summary
-

-This domain is allowed to sigkill and sigstop -all domains regardless of their MCS level. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain target for user exemption. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_mls.html b/www/api-docs/kernel_mls.html deleted file mode 100644 index 01643c7..0000000 --- a/www/api-docs/kernel_mls.html +++ /dev/null @@ -1,566 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: mls

- -

Description:

- -

-

-This module contains interfaces for handling multilevel -security. The interfaces allow the specified subjects -and objects to be allowed certain privileges in the -MLS rules. -

-

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -mls_file_downgrade( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for lowering the level of files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_file_read_up( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for reading from files at higher levels. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_file_upgrade( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for raising the level of files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_file_write_down( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for writing to files at lower levels. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_process_read_up( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for reading from processes at higher levels. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_process_set_level( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for setting the level of processes -it executes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_process_write_down( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain MLS trusted -for writing to processes at lower levels. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_rangetrans_source( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to do a MLS -range transition that changes -the current level. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_rangetrans_target( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified domain a target domain -for MLS range transitions that change -the current level. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mls_trusted_object( - - - - - domain - - - )
-
-
- -
Summary
-

-Make specified object MLS trusted. -

- - -
Description
-

-

-Make specified object MLS trusted. This -allows all levels to read and write the -object. -

-

-This currently only applies to filesystem -objects, for example, files and directories. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the object. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_selinux.html b/www/api-docs/kernel_selinux.html deleted file mode 100644 index 96fb982..0000000 --- a/www/api-docs/kernel_selinux.html +++ /dev/null @@ -1,884 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: selinux

- -

Description:

- -

-Policy for kernel security interface, in particular, selinuxfs. -

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -selinux_compute_access_vector( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to compute an access vector. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type allowed to compute an access vector. -

-		 -No -
-
-
- - -
- - -
- -selinux_compute_create_context( - - - - - domain - - - )
-
-
- -
Summary
-

-Calculate the default type for object creation. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -selinux_compute_member( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to compute polyinstatntiated -directory members. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -selinux_compute_relabel_context( - - - - - domain - - - )
-
-
- -
Summary
-

-Calculate the context for relabeling objects. -

- - -
Description
-

-

-Calculate the context for relabeling objects. -This is determined by using the type_change -rules in the policy, and is generally used -for determining the context for relabeling -a terminal when a user logs in. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -selinux_compute_user_contexts( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to compute possible contexts for a user. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type allowed to compute user contexts. -

-		 -No -
-
-
- - -
- - -
- -selinux_dontaudit_getattr_dir( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of the selinuxfs directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -selinux_dontaudit_read_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read -generic selinuxfs entries -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -selinux_dontaudit_search_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search selinuxfs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -selinux_get_enforce_mode( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows the caller to get the mode of policy enforcement -(enforcing or permissive mode). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to allow to get the enforcing mode. -

-		 -No -
-
-
- - -
- - -
- -selinux_get_fs_mount( - - - - - domain - - - )
-
-
- -
Summary
-

-Gets the caller the mountpoint of the selinuxfs filesystem. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type requesting the selinuxfs mountpoint. -

-		 -No -
-
-
- - -
- - -
- -selinux_load_policy( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to load the policy into the kernel. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type that will load the policy. -

-		 -No -
-
-
- - -
- - -
- -selinux_search_fs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search selinuxfs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -selinux_set_boolean( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to set the state of Booleans to -enable or disable conditional portions of the policy. -

- - -
Description
-

-

-Allow caller to set the state of Booleans to -enable or disable conditional portions of the policy. -

-

-Since this is a security event, this action is -always audited. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type allowed to set the Boolean. -

-		 -No -
-
-
- - -
- - -
- -selinux_set_enforce_mode( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to set the mode of policy enforcement -(enforcing or permissive mode). -

- - -
Description
-

-

-Allow caller to set the mode of policy enforcement -(enforcing or permissive mode). -

-

-Since this is a security event, this action is -always audited. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to allow to set the enforcement mode. -

-		 -No -
-
-
- - -
- - -
- -selinux_set_parameters( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to set SELinux access vector cache parameters. -

- - -
Description
-

-

-Allow caller to set SELinux access vector cache parameters. -The allows the domain to set performance related parameters -of the AVC, such as cache threshold. -

-

-Since this is a security event, this action is -always audited. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type to allow to set security parameters. -

-		 -No -
-
-
- - -
- - -
- -selinux_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to the SELinux kernel security server. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -selinux_validate_context( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows caller to validate security contexts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type permitted to validate contexts. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_storage.html b/www/api-docs/kernel_storage.html deleted file mode 100644 index dfdda44..0000000 --- a/www/api-docs/kernel_storage.html +++ /dev/null @@ -1,1541 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: storage

- -

Description:

- -

Policy controlling access to storage devices

- - - - -

Interfaces:

- - -
- - -
- -storage_dev_filetrans_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Create block devices in /dev with the fixed disk type -via an automatic type transition. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_getattr_fixed_disk_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to get -the attributes of fixed disk device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_getattr_removable_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to get -the attributes of removable devices device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_raw_read_removable_device( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to directly read removable devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_raw_write_removable_device( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to directly write removable devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_read_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to read -fixed disk device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_read_removable_device( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to read -removable devices device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_rw_scsi_generic( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -SCSI generic device interfaces. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_setattr_fixed_disk_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to set -the attributes of fixed disk device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_setattr_removable_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to set -the attributes of removable devices device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_dontaudit_write_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts made by the caller to write -fixed disk device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -storage_getattr_fixed_disk_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to get the attributes of fixed disk -device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_getattr_removable_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to get the attributes of removable -devices device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_getattr_scsi_generic_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to get the attributes of -the generic SCSI interface device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_getattr_tape_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to get the attributes -of device nodes of tape devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_manage_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete fixed disk device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_raw_read_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly read from a fixed disk. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_raw_read_removable_device( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly read from -a removable device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_raw_write_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly write to a fixed disk. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_raw_write_removable_device( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly write to -a removable device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_read_scsi_generic( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly read, in a -generic fashion, from any SCSI device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_read_tape( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly read -a tape device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_relabel_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel fixed disk device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_setattr_fixed_disk_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to set the attributes of fixed disk -device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_setattr_removable_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to set the attributes of removable -devices device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_setattr_scsi_generic_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to set the attributes of -the generic SCSI interface device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_setattr_scsi_generic_dev_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Set attributes of the device nodes -for the SCSI generic inerface. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_setattr_tape_dev( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to set the attributes -of device nodes of tape devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_swapon_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Enable a fixed disk device as swap space -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_tmpfs_filetrans_fixed_disk( - - - - - domain - - - )
-
-
- -
Summary
-

-Create block devices in on a tmpfs filesystem with the -fixed disk type via an automatic type transition. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to storage devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -storage_write_scsi_generic( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly write, in a -generic fashion, from any SCSI device. -This is extremly dangerous as it can bypass the -SELinux protections for filesystem objects, and -should only be used by trusted domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -storage_write_tape( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to directly read -a tape device. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/kernel_terminal.html b/www/api-docs/kernel_terminal.html deleted file mode 100644 index 037110c..0000000 --- a/www/api-docs/kernel_terminal.html +++ /dev/null @@ -1,2119 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: kernel

-

Module: terminal

- -

Description:

- -

Policy for terminals.

- - -

This module is required to be included in all policies.

- - - -

Interfaces:

- - -
- - -
- -term_create_pty( - - - - - domain - - - - , - - - - pty_type - - - )
-
-
- -
Summary
-

-Create a pty in the /dev/pts directory. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process creating the pty. -

-		 -No -
-pty_type - -

-The type of the pty. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_getattr_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of any user pty -device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_getattr_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of any user tty -device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_getattr_pty_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of the /dev/pts directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_getattr_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of all unallocated tty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_ioctl_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to ioctl -unallocated tty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_list_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the -/dev/pts directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_manage_pty_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to create, read, -write, or delete the /dev/pts directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_search_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the -contents of the /dev/pts directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_use_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read any -user ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_use_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -any user ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_use_console( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attemtps to read from -or write to the console. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_use_generic_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Dot not audit attempts to read and -write the generic pty type. This is -generally only used in the targeted policy. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_use_ptmx( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and -write the pty multiplexor (/dev/ptmx). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_dontaudit_use_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or -write unallocated ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to not audit. -

-		 -No -
-
-
- - -
- - -
- -term_getattr_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all user -pty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_getattr_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all user tty -device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_getattr_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all unallocated -tty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_ioctl_generic_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-ioctl of generic pty types. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_list_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the /dev/pts directory to -list all ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_login_pty( - - - - - pty_type - - - )
-
-
- -
Summary
-

-Transform specified type into a pty type -used by login programs, such as sshd. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-pty_type - -

-An object type that will applied to a pty. -

-		 -No -
-
-
- - -
- - -
- -term_pty( - - - - - pty_type - - - )
-
-
- -
Summary
-

-Transform specified type into a pty type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-pty_type - -

-An object type that will applied to a pty. -

-		 -No -
-
-
- - -
- - -
- -term_read_console( - - - - - domain - - - )
-
-
- -
Summary
-

-Read from the console. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_relabel_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from and to all user -user pty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_relabel_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from and to all user -user tty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_relabel_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from and to the unallocated -tty type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_relabelto_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to all user ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_reset_tty_labels( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from all user tty types to -the unallocated tty type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_search_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the contents of the /dev/pts directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_setattr_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of all user -pty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_setattr_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of all user tty -device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_setattr_console( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the console -device node. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_setattr_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of all unallocated -tty device nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_tty( - - - - - tty_type - - - )
-
-
- -
Summary
-

-Transform specified type into a tty type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-tty_type - -

-An object type that will applied to a tty. -

-		 -No -
-
-
- - -
- - -
- -term_use_all_terms( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the console, all -ttys and all ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_use_all_user_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write all user ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_use_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write all user to all user ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_use_console( - - - - - domain - - - )
-
-
- -
Summary
-

-Read from and write to the console. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_use_controlling_term( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the controlling -terminal (/dev/tty). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_use_generic_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the generic pty -type. This is generally only used in -the targeted policy. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_use_ptmx( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the pty multiplexor (/dev/ptmx). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to allow access. -

-		 -No -
-
-
- - -
- - -
- -term_use_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unallocated ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_user_pty( - - - - - userdomain - - - - , - - - - object_type - - - )
-
-
- -
Summary
-

-Transform specified type into an user -pty type. This allows it to be relabeled via -type change by login programs such as ssh. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain - -

-The type of the user domain associated with -this pty. -

-		 -No -
-object_type - -

-An object type that will applied to a pty. -

-		 -No -
-
-
- - -
- - -
- -term_write_all_user_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to all user ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_write_console( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to the console. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -term_write_unallocated_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to unallocated ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services.html b/www/api-docs/services.html deleted file mode 100644 index 4b549ae..0000000 --- a/www/api-docs/services.html +++ /dev/null @@ -1,731 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

- -

- Policy modules for system services, like cron, and network services, - like sshd. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - apache

Apache web server

- - apm

Advanced power management daemon

- - arpwatch

Ethernet activity monitor.

- - automount

Filesystem automounter service.

- - avahi

mDNS/DNS-SD daemon implementing Apple ZeroConf architecture

- - bind

Berkeley internet name domain DNS server.

- - bluetooth

Bluetooth tools and system services.

- - canna

Canna - kana-kanji conversion server

- - comsat

Comsat, a biff server.

- - cpucontrol

Services for loading CPU microcode and CPU frequency scaling.

- - cron

Periodic execution of scheduled commands.

- - cups

Common UNIX printing system

- - cvs

Concurrent versions system

- - cyrus

Cyrus is an IMAP service intended to be run on sealed servers

- - dbskk

Dictionary server for the SKK Japanese input method system.

- - dbus

Desktop messaging bus

- - dhcp

Dynamic host configuration protocol (DHCP) server

- - dictd

Dictionary daemon

- - distcc

Distributed compiler daemon

- - djbdns

small and secure DNS daemon

- - dovecot

Dovecot POP and IMAP mail server

- - fetchmail

Remote-mail retrieval and forwarding utility

- - finger

Finger user information service.

- - ftp

File transfer protocol service

- - gpm

General Purpose Mouse driver

- - hal

Hardware abstraction layer

- - howl

Port of Apple Rendezvous multicast DNS

- - i18n_input

IIIMF htt server

- - inetd

Internet services daemon.

- - inn

Internet News NNTP server

- - irqbalance

IRQ balancing daemon

- - kerberos

MIT Kerberos admin and KDC

- - ktalk

KDE Talk daemon

- - ldap

OpenLDAP directory server

- - lpd

Line printer daemon

- - mailman

Mailman is for managing electronic mail discussion and e-newsletter lists

- - mta

Policy common to all email tranfer agents.

- - mysql

Policy for MySQL

- - networkmanager

Manager for dynamically switching between networks.

- - nis

Policy for NIS (YP) servers and clients

- - nscd

Name service cache daemon

- - ntp

Network time protocol daemon

- - openct

Service for handling smart card readers.

- - pegasus

The Open Group Pegasus CIM/WBEM Server.

- - portmap

RPC port mapping service.

- - postfix

Postfix email server

- - postgresql

PostgreSQL relational database

- - ppp

Point to Point Protocol daemon creates links in ppp networks

- - privoxy

Privacy enhancing web proxy.

- - procmail

Procmail mail delivery agent

- - publicfile

publicfile supplies files to the public through HTTP and FTP

- - radius

RADIUS authentication and accounting server.

- - radvd

IPv6 router advertisement daemon

- - rdisc

Network router discovery daemon

- - remotelogin

Policy for rshd, rlogind, and telnetd.

- - rlogin

Remote login daemon

- - roundup

Roundup Issue Tracking System policy

- - rpc

Remote Procedure Call Daemon for managment of network based process communication

- - rshd

Remote shell service.

- - rsync

Fast incremental file transfer for synchronization

- - samba

-SMB and CIFS client/server programs for UNIX and -name Service Switch daemon for resolving names -from Windows NT servers. -

- - sasl

SASL authentication server

- - sendmail

Policy for sendmail.

- - slrnpull

Service for downloading news feeds the slrn newsreader.

- - smartmon

Smart disk monitoring daemon policy

- - snmp

Simple network management protocol services

- - spamassassin

Filter used for removing unsolicited email.

- - squid

Squid caching http proxy server

- - ssh

Secure shell client and server policy.

- - stunnel

SSL Tunneling Proxy

- - sysstat

Policy for sysstat. Reports on various system states

- - tcpd

Policy for TCP daemon.

- - telnet

Telnet daemon

- - tftp

Trivial file transfer protocol daemon

- - timidity

MIDI to WAV converter and player configured as a service

- - ucspitcp

ucspitcp policy

- - uucp

Unix to Unix Copy

- - xfs

X Windows Font Server

- - xserver

X Windows Server

- - zebra

Zebra border gateway protocol network routing service

-



- -

- - diff --git a/www/api-docs/services_apache.html b/www/api-docs/services_apache.html deleted file mode 100644 index 85409b7..0000000 --- a/www/api-docs/services_apache.html +++ /dev/null @@ -1,1500 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: apache

- -Interfaces -Templates - -

Description:

- -

Apache web server

- - - - -

Interfaces:

- - -
- - -
- -apache_append_squirrelmail_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to append -apache squirrelmail data. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Transition to apache. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_domtrans_all_scripts( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute all user scripts in the user -script domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_domtrans_helper( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the Apache helper program with -a domain transition. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_domtrans_sys_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute all web scripts in the system -script domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_dontaudit_append_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to append to the -Apache logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -apache_dontaudit_rw_stream_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write Apache -unix domain stream sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_dontaudit_rw_sys_script_stream_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write Apache -system script unix domain stream sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_dontaudit_rw_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write Apache -TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_dontaudit_search_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search Apache -module directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -apache_exec_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to execute -apache modules. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_list_modules( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to list -the contents of the apache modules -directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_manage_sys_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to manage -apache system content files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read -apache configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_read_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read -apache log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_read_squirrelmail_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read -apache squirrelmail data. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_read_sys_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Read apache system content -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -apache_run_all_scripts( - - - - - domain - - - - , - - - - role - - - )
-
-
- -
Summary
-

-Execute all user scripts in the user -script domain. Add user script domains -to the specified role. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the script domains. -

-		 -No -
-
-
- - -
- - -
- -apache_run_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute the Apache helper program with -a domain transition, and allow the -specified role the dmidecode domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the dmidecode domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the dmidecode domain to use. -

-		 -No -
-
-
- - -
- - -
- -apache_search_sys_script_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Search system script state directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -apache_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to apache. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_signull( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a null signal to apache. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apache_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use file descriptors from Apache. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -apache_content_template( - - - - - prefix - - - )
-
-
- -
Summary
-

-Create a set of derived types for apache -web content. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix to be used for deriving type names. -

-		 -No -
-
-
- - -
- - -
- -apache_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the apache module. -

- - -
Description
-

-

-This template creates types used for web pages -and web cgi to be used from the user home directory. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_apm.html b/www/api-docs/services_apm.html deleted file mode 100644 index 91da64b..0000000 --- a/www/api-docs/services_apm.html +++ /dev/null @@ -1,568 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: apm

- -

Description:

- -

Advanced power management daemon

- - - - -

Interfaces:

- - -
- - -
- -apm_append_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Append to apm's log file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apm_domtrans_client( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute APM in the apm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apm_rw_stream_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to an apm unix stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apm_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to apmd over an unix stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -apm_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Use file descriptors for apmd. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -apm_write_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to apmd unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_arpwatch.html b/www/api-docs/services_arpwatch.html deleted file mode 100644 index ea5858d..0000000 --- a/www/api-docs/services_arpwatch.html +++ /dev/null @@ -1,527 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: arpwatch

- -

Description:

- -

Ethernet activity monitor.

- - - - -

Interfaces:

- - -
- - -
- -arpwatch_dontaudit_rw_packet_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write -arpwatch packet sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -arpwatch_manage_data_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create arpwatch data files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -arpwatch_manage_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write arpwatch temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -arpwatch_rw_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write arpwatch temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -arpwatch_search_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Search arpwatch's data file directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_automount.html b/www/api-docs/services_automount.html deleted file mode 100644 index cb768e5..0000000 --- a/www/api-docs/services_automount.html +++ /dev/null @@ -1,443 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: automount

- -

Description:

- -

Filesystem automounter service.

- - - - -

Interfaces:

- - -
- - -
- -automount_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute automount in the automount domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -automount_dontaudit_getattr_tmp_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of automount temporary directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -automount_exec_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute automount in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_avahi.html b/www/api-docs/services_avahi.html deleted file mode 100644 index 9385e9d..0000000 --- a/www/api-docs/services_avahi.html +++ /dev/null @@ -1,359 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: avahi

- -

Description:

- -

mDNS/DNS-SD daemon implementing Apple ZeroConf architecture

- - - - -

Interfaces:

- - -
- - -
- -avahi_dbus_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -avahi over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_bind.html b/www/api-docs/services_bind.html deleted file mode 100644 index 1f9ae98..0000000 --- a/www/api-docs/services_bind.html +++ /dev/null @@ -1,860 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: bind

- -

Description:

- -

Berkeley internet name domain DNS server.

- - - - -

Interfaces:

- - -
- - -
- -bind_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute bind in the named domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_domtrans_ndc( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ndc in the ndc domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_manage_cache( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -BIND cache files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_manage_config_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -BIND configuration directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read BIND named configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_read_dnssec_keys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read DNSSEC keys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_read_zone( - - - - - domain - - - )
-
-
- -
Summary
-

-Read BIND zone files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_run_ndc( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute ndc in the ndc domain, and -allow the specified role the ndc domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the bind domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the bind domain to use. -

-		 -No -
-
-
- - -
- - -
- -bind_search_cache( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the BIND cache directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_setattr_pid_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the attributes -of the BIND pid directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to BIND. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bind_write_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Write BIND named configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_bluetooth.html b/www/api-docs/services_bluetooth.html deleted file mode 100644 index 96eb95e..0000000 --- a/www/api-docs/services_bluetooth.html +++ /dev/null @@ -1,564 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: bluetooth

- -

Description:

- -

Bluetooth tools and system services.

- - - - -

Interfaces:

- - -
- - -
- -bluetooth_dbus_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -bluetooth over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bluetooth_domtrans_helper( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute bluetooth_helper in the bluetooth_helper domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -bluetooth_dontaudit_read_helper_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read bluetooth helper files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bluetooth_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read bluetooth daemon configuration. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -bluetooth_run_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute bluetooth_helper in the bluetooth_helper domain, and -allow the specified role the bluetooth_helper domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the bluetooth_helper domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the bluetooth_helper domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_canna.html b/www/api-docs/services_canna.html deleted file mode 100644 index b153def..0000000 --- a/www/api-docs/services_canna.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: canna

- -

Description:

- -

Canna - kana-kanji conversion server

- - - - -

Interfaces:

- - -
- - -
- -canna_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to Canna using a unix domain stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_comsat.html b/www/api-docs/services_comsat.html deleted file mode 100644 index 4471af6..0000000 --- a/www/api-docs/services_comsat.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: comsat

- -

Description:

- -

Comsat, a biff server.

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_cpucontrol.html b/www/api-docs/services_cpucontrol.html deleted file mode 100644 index 3f0a41a..0000000 --- a/www/api-docs/services_cpucontrol.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: cpucontrol

- -

Description:

- -

Services for loading CPU microcode and CPU frequency scaling.

- - - - -

Interfaces:

- - -
- - -
- -cpucontrol_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-CPUcontrol stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_cron.html b/www/api-docs/services_cron.html deleted file mode 100644 index 71f91af..0000000 --- a/www/api-docs/services_cron.html +++ /dev/null @@ -1,1079 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: cron

- -Interfaces -Templates - -

Description:

- -

Periodic execution of scheduled commands.

- - - - -

Interfaces:

- - -
- - -
- -cron_anacron_domtrans_system_job( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute APM in the apm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_dontaudit_append_system_job_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to append temporary -files from the system cron jobs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -cron_dontaudit_write_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write cron daemon unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_read_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read a cron daemon unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_read_system_job_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read temporary files from the system cron jobs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_rw_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write a cron daemon unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_rw_system_job_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write a system cron job unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_rw_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read, and write cron daemon TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_search_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the directory containing user cron tables. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to performing this action. -

-		 -No -
-
-
- - -
- - -
- -cron_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to the cron daemon. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_system_entry( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Make the specified program domain accessable -from the system cron jobs. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process to transition to. -

-		 -No -
-entrypoint - -

-The type of the file used as an entrypoint to this domain. -

-		 -No -
-
-
- - -
- - -
- -cron_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use a file descriptor -from the cron daemon. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_use_system_job_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use a file descriptor -from system cron jobs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cron_write_system_job_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Write a system cron job unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -cron_admin_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The administrative functions template for the cron module. -

- - -
Description
-

-

-This template creates rules for administrating the cron service, -allowing the specified user to manage other user crontabs. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -
- - -
- -cron_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the cron module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for running programs on behalf of the user, from cron. -A type for the user crontab is also created. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_cups.html b/www/api-docs/services_cups.html deleted file mode 100644 index 9e4a727..0000000 --- a/www/api-docs/services_cups.html +++ /dev/null @@ -1,781 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: cups

- -

Description:

- -

Common UNIX printing system

- - - - -

Interfaces:

- - -
- - -
- -cups_dbus_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -cups over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_dbus_chat_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -cupsd_config over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute cups in the cups domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -cups_domtrans_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute cups_config in the cups_config domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -cups_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read cups configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_read_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Read cups log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_read_rw_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read cups-writable configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_signal_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to the cups -configuration daemon. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_stream_connect_ptal( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to ptal over an unix domain stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to cups over TCP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -cups_write_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Write cups log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_cvs.html b/www/api-docs/services_cvs.html deleted file mode 100644 index 23b545b..0000000 --- a/www/api-docs/services_cvs.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: cvs

- -

Description:

- -

Concurrent versions system

- - - - -

Interfaces:

- - -
- - -
- -cvs_read_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the CVS data and metadata. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_cyrus.html b/www/api-docs/services_cyrus.html deleted file mode 100644 index c0a953b..0000000 --- a/www/api-docs/services_cyrus.html +++ /dev/null @@ -1,359 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: cyrus

- -

Description:

- -

Cyrus is an IMAP service intended to be run on sealed servers

- - - - -

Interfaces:

- - -
- - -
- -cyrus_manage_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to create, read, write, -and delete cyrus data files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_dbskk.html b/www/api-docs/services_dbskk.html deleted file mode 100644 index 7e47230..0000000 --- a/www/api-docs/services_dbskk.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: dbskk

- -

Description:

- -

Dictionary server for the SKK Japanese input method system.

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_dbus.html b/www/api-docs/services_dbus.html deleted file mode 100644 index 665ab9e..0000000 --- a/www/api-docs/services_dbus.html +++ /dev/null @@ -1,690 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: dbus

- -Interfaces -Templates - -

Description:

- -

Desktop messaging bus

- - - - -

Interfaces:

- - -
- - -
- -dbus_connect_system_bus( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to the the system DBUS -for service (acquire_svc). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dbus_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read dbus configuration. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dbus_send_system_bus( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a message on the system DBUS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -dbus_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-DBUS stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -
- - -
- -dbus_system_bus_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow unconfined access to the system DBUS. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -dbus_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the dbus module. -

- - -
Description
-

-

-This template creates a derived domain which is -used for the user dbus. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -
- - -
- -dbus_system_bus_client_template( - - - - - domain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Template for creating connections to -the system DBUS. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain_prefix - -

-The prefix of the domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-The type of the domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_dhcp.html b/www/api-docs/services_dhcp.html deleted file mode 100644 index 33f9dad..0000000 --- a/www/api-docs/services_dhcp.html +++ /dev/null @@ -1,359 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: dhcp

- -

Description:

- -

Dynamic host configuration protocol (DHCP) server

- - - - -

Interfaces:

- - -
- - -
- -dhcpd_setattr_state_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the DCHP -server state files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_dictd.html b/www/api-docs/services_dictd.html deleted file mode 100644 index 21b5f78..0000000 --- a/www/api-docs/services_dictd.html +++ /dev/null @@ -1,359 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: dictd

- -

Description:

- -

Dictionary daemon

- - - - -

Interfaces:

- - -
- - -
- -dictd_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Use dictionary services by connecting -over TCP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_distcc.html b/www/api-docs/services_distcc.html deleted file mode 100644 index 38838c1..0000000 --- a/www/api-docs/services_distcc.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: distcc

- -

Description:

- -

Distributed compiler daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_djbdns.html b/www/api-docs/services_djbdns.html deleted file mode 100644 index 6454e31..0000000 --- a/www/api-docs/services_djbdns.html +++ /dev/null @@ -1,359 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: djbdns

- -

Description:

- -

small and secure DNS daemon

- - - - - -

Templates:

- - -
- - -
- -djbdns_daemontools_domain_template( - - - - - prefix - - - )
-
-
- -
Summary
-

-Create a set of derived types for djbdns -components that are directly supervised by daemontools. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix to be used for deriving type names. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_dovecot.html b/www/api-docs/services_dovecot.html deleted file mode 100644 index d0bda22..0000000 --- a/www/api-docs/services_dovecot.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: dovecot

- -

Description:

- -

Dovecot POP and IMAP mail server

- - - - -

Interfaces:

- - -
- - -
- -dovecot_manage_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the dovecot spool files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_fetchmail.html b/www/api-docs/services_fetchmail.html deleted file mode 100644 index 663ddea..0000000 --- a/www/api-docs/services_fetchmail.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: fetchmail

- -

Description:

- -

Remote-mail retrieval and forwarding utility

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_finger.html b/www/api-docs/services_finger.html deleted file mode 100644 index 6a79f9b..0000000 --- a/www/api-docs/services_finger.html +++ /dev/null @@ -1,400 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: finger

- -

Description:

- -

Finger user information service.

- - - - -

Interfaces:

- - -
- - -
- -finger_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute fingerd in the fingerd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -finger_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to connect to fingerd with a tcp socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_ftp.html b/www/api-docs/services_ftp.html deleted file mode 100644 index 496f943..0000000 --- a/www/api-docs/services_ftp.html +++ /dev/null @@ -1,550 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ftp

- -Interfaces -Templates - -

Description:

- -

File transfer protocol service

- - - - -

Interfaces:

- - -
- - -
- -ftp_check_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute FTP daemon entry point programs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ftp_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read ftpd etc files -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ftp_read_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Read FTP transfer logs -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ftp_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Use ftp by connecting over TCP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -ftp_per_userdomain_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The per user domain template for the ftp module. -

- - -
Description
-

-

-This template allows ftpd to manage files in -a user home directory, creating files with the -correct type. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_gpm.html b/www/api-docs/services_gpm.html deleted file mode 100644 index 30587ac..0000000 --- a/www/api-docs/services_gpm.html +++ /dev/null @@ -1,489 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: gpm

- -

Description:

- -

General Purpose Mouse driver

- - - - -

Interfaces:

- - -
- - -
- -gpm_dontaudit_getattr_gpmctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of the GPM control channel -named socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -gpm_getattr_gpmctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the GPM -control channel named socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -gpm_setattr_gpmctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of the GPM -control channel named socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -gpm_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to GPM over a unix domain -stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_hal.html b/www/api-docs/services_hal.html deleted file mode 100644 index b6ba2df..0000000 --- a/www/api-docs/services_hal.html +++ /dev/null @@ -1,529 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: hal

- -

Description:

- -

Hardware abstraction layer

- - - - -

Interfaces:

- - -
- - -
- -hal_dbus_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -hal over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -hal_dbus_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a dbus message to hal. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -hal_dgram_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send to hal over a unix domain -datagram socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -hal_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute hal in the hal domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -hal_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Send to hal over a unix domain -stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_howl.html b/www/api-docs/services_howl.html deleted file mode 100644 index 55402c4..0000000 --- a/www/api-docs/services_howl.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: howl

- -

Description:

- -

Port of Apple Rendezvous multicast DNS

- - - - -

Interfaces:

- - -
- - -
- -howl_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to howl. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_i18n_input.html b/www/api-docs/services_i18n_input.html deleted file mode 100644 index 69458c3..0000000 --- a/www/api-docs/services_i18n_input.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: i18n_input

- -

Description:

- -

IIIMF htt server

- - - - -

Interfaces:

- - -
- - -
- -i18n_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use i18n_input over a TCP connection. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_inetd.html b/www/api-docs/services_inetd.html deleted file mode 100644 index e3aa1ad..0000000 --- a/www/api-docs/services_inetd.html +++ /dev/null @@ -1,777 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: inetd

- -

Description:

- -

Internet services daemon.

- - - - -

Interfaces:

- - -
- - -
- -inetd_core_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Define the specified domain as a inetd service. -

- - -
Description
-

-

-Define the specified domain as a inetd service. The -inetd_service_domain(), inetd_tcp_service_domain(), -or inetd_udp_service_domain() interfaces should be used -instead of this interface, as this interface only provides -the common rules to these three interfaces. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type associated with the inetd service process. -

-		 -No -
-entrypoint - -

-The type associated with the process program. -

-		 -No -
-
-
- - -
- - -
- -inetd_domtrans_child( - - - - - domain - - - )
-
-
- -
Summary
-

-Run inetd child process in the inet child domain -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inetd_rw_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write inetd TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -inetd_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Define the specified domain as a TCP and UDP inetd service. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type associated with the inetd service process. -

-		 -No -
-entrypoint - -

-The type associated with the process program. -

-		 -No -
-
-
- - -
- - -
- -inetd_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to the inetd service using a TCP connection. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inetd_tcp_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Define the specified domain as a TCP inetd service. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type associated with the inetd service process. -

-		 -No -
-entrypoint - -

-The type associated with the process program. -

-		 -No -
-
-
- - -
- - -
- -inetd_udp_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to inetd. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -inetd_udp_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Define the specified domain as a UDP inetd service. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type associated with the inetd service process. -

-		 -No -
-entrypoint - -

-The type associated with the process program. -

-		 -No -
-
-
- - -
- - -
- -inetd_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use file descriptors from inetd. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_inn.html b/www/api-docs/services_inn.html deleted file mode 100644 index d81ecd3..0000000 --- a/www/api-docs/services_inn.html +++ /dev/null @@ -1,654 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: inn

- -

Description:

- -

Internet News NNTP server

- - - - -

Interfaces:

- - -
- - -
- -inn_dgram_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send to a innd unix dgram socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to execute innd -in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_exec_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to execute -inn configuration files in /etc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_manage_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the innd log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_manage_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the innd pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read innd configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_read_news_lib( - - - - - domain - - - )
-
-
- -
Summary
-

-Read innd news library files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -inn_read_news_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Read innd news library files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_irqbalance.html b/www/api-docs/services_irqbalance.html deleted file mode 100644 index a55294e..0000000 --- a/www/api-docs/services_irqbalance.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: irqbalance

- -

Description:

- -

IRQ balancing daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_kerberos.html b/www/api-docs/services_kerberos.html deleted file mode 100644 index 44d40be..0000000 --- a/www/api-docs/services_kerberos.html +++ /dev/null @@ -1,547 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: kerberos

- -

Description:

- -

-

-This policy supports: -

-

-Servers: -

    -

  • kadmind

    • -

  • krb5kdc

    • -

-

-

-Clients: -

    -

  • kinit

    • -

  • kdestroy

    • -

  • klist

    • -

  • ksu (incomplete)

    • -

-

-

- - - - -

Interfaces:

- - -
- - -
- -kerberos_dontaudit_write_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write the kerberos -configuration file (/etc/krb5.conf). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -kerberos_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the kerberos configuration file (/etc/krb5.conf). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kerberos_read_keytab( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the kerberos key table. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kerberos_rw_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the kerberos configuration file (/etc/krb5.conf). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -kerberos_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use kerberos services -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_ktalk.html b/www/api-docs/services_ktalk.html deleted file mode 100644 index 7d2f9b0..0000000 --- a/www/api-docs/services_ktalk.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ktalk

- -

Description:

- -

KDE Talk daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_ldap.html b/www/api-docs/services_ldap.html deleted file mode 100644 index 291537c..0000000 --- a/www/api-docs/services_ldap.html +++ /dev/null @@ -1,443 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ldap

- -

Description:

- -

OpenLDAP directory server

- - - - -

Interfaces:

- - -
- - -
- -ldap_list_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the contents of the OpenLDAP -database directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ldap_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the OpenLDAP configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ldap_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use LDAP over TCP connection. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_lpd.html b/www/api-docs/services_lpd.html deleted file mode 100644 index 8863ba0..0000000 --- a/www/api-docs/services_lpd.html +++ /dev/null @@ -1,715 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: lpd

- -Interfaces -Templates - -

Description:

- -

Line printer daemon

- - - - -

Interfaces:

- - -
- - -
- -lpd_domtrans_checkpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute lpd in the lpd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -lpd_list_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the printer spool directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -lpd_manage_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete printer spool files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -lpd_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the printer spool directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -lpd_run_checkpc( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute amrecover in the lpd domain, and -allow the specified role the lpd domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the lpd domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the lpd domain to use. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -lpd_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the lpd module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for lpr printing client. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -
- - -
- -lpr_admin_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The administrative functions template for the lpd module. -

- - -
Description
-

-

-This template creates rules for administrating the ldp service, -allowing the specified user to manage lpr files. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_mailman.html b/www/api-docs/services_mailman.html deleted file mode 100644 index c7f16cb..0000000 --- a/www/api-docs/services_mailman.html +++ /dev/null @@ -1,755 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: mailman

- -Interfaces -Templates - -

Description:

- -

Mailman is for managing electronic mail discussion and e-newsletter lists

- - - - -

Interfaces:

- - -
- - -
- -mailman_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute mailman in the mailman domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_domtrans_cgi( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute mailman CGI scripts in the -mailman CGI domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute mailman in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowd access. -

-		 -No -
-
-
- - -
- - -
- -mailman_list_data( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of mailman data directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_manage_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -mailman logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_read_archive( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow domain to read mailman archive files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_read_data_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read acces to mailman data symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_search_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow domain to search data directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mailman_signal_cgi( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to the mailman cgi domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -mailman_domain_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The template to define a mailmain domain. -

- - -
Description
-

-

-This template creates a domain to be used for -a new mailman daemon. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The type of daemon to be used eg, cgi would give mailman_cgi_ -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_mta.html b/www/api-docs/services_mta.html deleted file mode 100644 index d4101aa..0000000 --- a/www/api-docs/services_mta.html +++ /dev/null @@ -1,1709 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: mta

- -Interfaces -Templates - -

Description:

- -

Policy common to all email tranfer agents.

- - - - -

Interfaces:

- - -
- - -
- -mta_append_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, and write the mail spool. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_delete_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete from the mail spool. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_dontaudit_getattr_spool_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_dontaudit_read_spool_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read a symlink -in the mail spool. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_dontaudit_rw_delivery_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write TCP -sockets of mail delivery domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Mail server domain. -

-		 -No -
-
-
- - -
- - -
- -mta_dontaudit_rw_queue( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and -write the mail queue. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -mta_etc_filetrans_aliases( - - - - - domain - - - )
-
-
- -
Summary
-

-Type transition files created in /etc -to the mail address aliases type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_exec( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_getattr_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_mailserver( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_mailserver_delivery( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a type a mailserver type used -for delivering mail to local users. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Mail server domain type used for delivering mail. -

-		 -No -
-
-
- - -
- - -
- -mta_mailserver_sender( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a type a mailserver type used -for sending mail. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Mail server domain type used for sending mail. -

-		 -No -
-
-
- - -
- - -
- -mta_mailserver_user_agent( - - - - - domain - - - )
-
-
- -
Summary
-

-Make a type a mailserver type used -for sending mail on behalf of local -users to the local mail spool. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Mail server domain type used for sending local mail. -

-		 -No -
-
-
- - -
- - -
- -mta_manage_queue( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_manage_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_read_aliases( - - - - - domain - - - )
-
-
- -
Summary
-

-Read mail address aliases. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read mail server configuration. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_read_sendmail_bin( - - - - - domain - - - )
-
-
- -
Summary
-

-Read sendmail binary. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_rw_aliases( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_rw_spool( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_rw_user_mail_stream_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unix domain stream sockets -of user mail domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mta_send_mail( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -mta_sendmail_mailserver( - - - - - domain - - - - , - - - - entry_point - - - )
-
-
- -
Summary
-

-Modified mailserver interface for -sendmail daemon use. -

- - -
Description
-

-

-A modified MTA mail server interface for -the sendmail program. It's design does -not fit well with policy, and using the -regular interface causes a type_transition -conflict if direct running of init scripts -is enabled. -

-

-This interface should most likely only be used -by the sendmail policy. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type to be used for the mail server. -

-		 -No -
-entry_point - -

-The type to be used for the domain entry point program. -

-		 -No -
-
-
- - -
- - -
- -mta_spool_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object - - - )
-
-
- -
Summary
-

-Create private objects in the -mail spool directory. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-private type - -

-The type of the object to be created. -

-		 -No -
-object - -

-The object class of the object being created. -

-		 -No -
-
-
- - -
- - -
- -mta_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-MTA stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -
- - -
- -mta_tcp_connect_all_mailservers( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to all mail servers over TCP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Mail server domain. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -mta_admin_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - )
-
-
- -
Summary
-

-Provide extra permissions for admin users -mail domain. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-
-
- - -
- - -
- -mta_base_mail_template( - - - - - domain_prefix - - - )
-
-
- -
Summary
-

-Basic mail transfer agent domain template. -

- - -
Description
-

-

-This template creates a derived domain which is -a email transfer agent, which sends mail on -behalf of the user. -

-

-This is the basic types and rules, common -to the system agent and user agents. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain_prefix - -

-The prefix of the domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -
- - -
- -mta_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the mta module. -

- - -
Description
-

-

-This template creates a derived domain which is -a email transfer agent, which sends mail on -behalf of the user. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_mysql.html b/www/api-docs/services_mysql.html deleted file mode 100644 index f561414..0000000 --- a/www/api-docs/services_mysql.html +++ /dev/null @@ -1,654 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: mysql

- -

Description:

- -

Policy for MySQL

- - - - -

Interfaces:

- - -
- - -
- -mysql_manage_db_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete MySQL database directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read MySQL configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_rw_db_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to the MySQL database directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_rw_db_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to the MySQL database -named socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_search_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the directories that contain MySQL -database storage. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a generic signal to MySQL. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to MySQL using a unix domain stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -mysql_write_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to the MySQL log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_networkmanager.html b/www/api-docs/services_networkmanager.html deleted file mode 100644 index 190d4aa..0000000 --- a/www/api-docs/services_networkmanager.html +++ /dev/null @@ -1,486 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: networkmanager

- -

Description:

- -

Manager for dynamically switching between networks.

- - - - -

Interfaces:

- - -
- - -
- -networkmanager_dbus_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -NetworkManager over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -networkmanager_rw_packet_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write NetworkManager packet sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -networkmanager_rw_routing_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write NetworkManager netlink -routing sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -networkmanager_rw_udp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write NetworkManager UDP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_nis.html b/www/api-docs/services_nis.html deleted file mode 100644 index f2bb4e4..0000000 --- a/www/api-docs/services_nis.html +++ /dev/null @@ -1,751 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: nis

- -

Description:

- -

Policy for NIS (YP) servers and clients

- - - - -

Interfaces:

- - -
- - -
- -nis_delete_ypbind_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete ypbind pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nis_domtrans_ypbind( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ypbind in the ypbind domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nis_list_var_yp( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the NIS data directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -nis_read_ypbind_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Read ypbind pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nis_read_ypserv_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read ypserv configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nis_signal_ypbind( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to ypbind. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -nis_tcp_connect_ypbind( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to ypbind over TCP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nis_udp_send_ypbind( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to NIS clients. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -nis_use_ypbind( - - - - - domain - - - )
-
-
- -
Summary
-

-Use the ypbind service to access NIS services. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -nis_use_ypbind_uncond( - - - - - domain - - - )
-
-
- -
Summary
-

-Use the ypbind service to access NIS services -unconditionally. -

- - -
Description
-

-

-Use the ypbind service to access NIS services -unconditionally. -

-

-This interface was added because of apache and -spamassassin, to fix a nested conditionals problem. -When that support is added, this should be removed, -and the regular interface should be used. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_nscd.html b/www/api-docs/services_nscd.html deleted file mode 100644 index 845964f..0000000 --- a/www/api-docs/services_nscd.html +++ /dev/null @@ -1,528 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: nscd

- -

Description:

- -

Name service cache daemon

- - - - -

Interfaces:

- - -
- - -
- -nscd_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute NSCD in the nscd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -nscd_read_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Read NSCD pid file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nscd_shm_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use NSCD services by mapping the database from -an inherited NSCD file descriptor. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nscd_socket_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use NSCD services by connecting using -a unix stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -nscd_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to NSCD services. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_ntp.html b/www/api-docs/services_ntp.html deleted file mode 100644 index 21c4d29..0000000 --- a/www/api-docs/services_ntp.html +++ /dev/null @@ -1,442 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ntp

- -

Description:

- -

Network time protocol daemon

- - - - -

Interfaces:

- - -
- - -
- -ntp_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ntp server in the ntpd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ntp_domtrans_ntpdate( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ntp server in the ntpd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ntp_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-NTP stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_openct.html b/www/api-docs/services_openct.html deleted file mode 100644 index fccf66e..0000000 --- a/www/api-docs/services_openct.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: openct

- -

Description:

- -

Service for handling smart card readers.

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_pegasus.html b/www/api-docs/services_pegasus.html deleted file mode 100644 index 2d7e842..0000000 --- a/www/api-docs/services_pegasus.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: pegasus

- -

Description:

- -

The Open Group Pegasus CIM/WBEM Server.

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_portmap.html b/www/api-docs/services_portmap.html deleted file mode 100644 index 2e85d71..0000000 --- a/www/api-docs/services_portmap.html +++ /dev/null @@ -1,564 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: portmap

- -

Description:

- -

RPC port mapping service.

- - - - -

Interfaces:

- - -
- - -
- -portmap_domtrans_helper( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute portmap_helper in the helper domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -portmap_run_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute portmap helper in the helper domain, and -allow the specified role the helper domain. -Communicate with portmap. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the portmap domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the portmap domain to use. -

-		 -No -
-
-
- - -
- - -
- -portmap_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to portmap over a TCP socket -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -portmap_udp_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP network traffic from portmap. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -portmap_udp_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to portmap. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_postfix.html b/www/api-docs/services_postfix.html deleted file mode 100644 index 3561d79..0000000 --- a/www/api-docs/services_postfix.html +++ /dev/null @@ -1,1120 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: postfix

- -Interfaces -Templates - -

Description:

- -

Postfix email server

- - - - -

Interfaces:

- - -
- - -
- -postfix_config_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object - - - )
-
-
- -
Summary
-

-Create files with the specified type in -the postfix configuration directories. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-private type - -

-The type of the object to be created. -

-		 -No -
-object - -

-The object class of the object being created. -

-		 -No -
-
-
- - -
- - -
- -postfix_domtrans_map( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute postfix_map in the postfix_map domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_domtrans_master( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the master postfix program in the -postfix_master domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_domtrans_user_mail_handler( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute postfix user mail programs -in their respective domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_dontaudit_rw_local_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and -write postfix local delivery -TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -postfix_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to use -postfix master process file -file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -postfix_exec_master( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the master postfix program in the -caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_list_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-List postfix mail spool directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read postfix configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_run_map( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute postfix_map in the postfix_map domain, and -allow the specified role the postfix_map domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the postfix_map domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the postfix_map domain to use. -

-		 -No -
-
-
- - -
- - -
- -postfix_search_spool( - - - - - domain - - - )
-
-
- -
Summary
-

-Search postfix mail spool directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postfix_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-Postfix stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -postfix_domain_template( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -postfix_per_userdomain_template( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -postfix_public_domain_template( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -postfix_server_domain_template( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -postfix_user_domain_template( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_postgresql.html b/www/api-docs/services_postgresql.html deleted file mode 100644 index 38ae591..0000000 --- a/www/api-docs/services_postgresql.html +++ /dev/null @@ -1,568 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: postgresql

- -

Description:

- -

PostgreSQL relational database

- - - - -

Interfaces:

- - -
- - -
- -postgresql_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute postgresql in the postgresql domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -postgresql_manage_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to manage postgresql's database. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postgresql_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read postgresql's etc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postgresql_search_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to search postgresql's database directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postgresql_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to connect to postgresql with a unix socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -postgresql_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to connect to postgresql with a tcp socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_ppp.html b/www/api-docs/services_ppp.html deleted file mode 100644 index a71a4cc..0000000 --- a/www/api-docs/services_ppp.html +++ /dev/null @@ -1,611 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ppp

- -

Description:

- -

Point to Point Protocol daemon creates links in ppp networks

- - - - -

Interfaces:

- - -
- - -
- -ppp_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute domain in the ppp domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ppp_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit -and use PPP file discriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -ppp_run( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconditionally execute ppp daemon on behalf of a user or staff type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ppp_run_cond( - - - - - domain - - - )
-
-
- -
Summary
-

-Conditionally execute ppp daemon on behalf of a user or staff type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ppp_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to PPP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ppp_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a generic signal to PPP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ppp_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Use PPP file discriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_privoxy.html b/www/api-docs/services_privoxy.html deleted file mode 100644 index 0db57dc..0000000 --- a/www/api-docs/services_privoxy.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: privoxy

- -

Description:

- -

Privacy enhancing web proxy.

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_procmail.html b/www/api-docs/services_procmail.html deleted file mode 100644 index bb00dd4..0000000 --- a/www/api-docs/services_procmail.html +++ /dev/null @@ -1,400 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: procmail

- -

Description:

- -

Procmail mail delivery agent

- - - - -

Interfaces:

- - -
- - -
- -procmail_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute procmail with a domain transition. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -procmail_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute procmail in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_publicfile.html b/www/api-docs/services_publicfile.html deleted file mode 100644 index 430ab15..0000000 --- a/www/api-docs/services_publicfile.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: publicfile

- -

Description:

- -

publicfile supplies files to the public through HTTP and FTP

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_radius.html b/www/api-docs/services_radius.html deleted file mode 100644 index b7ae22a..0000000 --- a/www/api-docs/services_radius.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: radius

- -

Description:

- -

RADIUS authentication and accounting server.

- - - - -

Interfaces:

- - -
- - -
- -radius_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use radius over a UDP connection. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_radvd.html b/www/api-docs/services_radvd.html deleted file mode 100644 index 11b446c..0000000 --- a/www/api-docs/services_radvd.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: radvd

- -

Description:

- -

IPv6 router advertisement daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_rdisc.html b/www/api-docs/services_rdisc.html deleted file mode 100644 index 7596239..0000000 --- a/www/api-docs/services_rdisc.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: rdisc

- -

Description:

- -

Network router discovery daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_remotelogin.html b/www/api-docs/services_remotelogin.html deleted file mode 100644 index 1764018..0000000 --- a/www/api-docs/services_remotelogin.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: remotelogin

- -

Description:

- -

Policy for rshd, rlogind, and telnetd.

- - - - -

Interfaces:

- - -
- - -
- -remotelogin_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Domain transition to the remote login domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_rlogin.html b/www/api-docs/services_rlogin.html deleted file mode 100644 index 49fbf2f..0000000 --- a/www/api-docs/services_rlogin.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: rlogin

- -

Description:

- -

Remote login daemon

- - - - -

Interfaces:

- - -
- - -
- -rlogin_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute rlogind in the rlogin domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_roundup.html b/www/api-docs/services_roundup.html deleted file mode 100644 index 2b28ead..0000000 --- a/www/api-docs/services_roundup.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: roundup

- -

Description:

- -

Roundup Issue Tracking System policy

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_rpc.html b/www/api-docs/services_rpc.html deleted file mode 100644 index b1d53ac..0000000 --- a/www/api-docs/services_rpc.html +++ /dev/null @@ -1,796 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: rpc

- -Interfaces -Templates - -

Description:

- -

Remote Procedure Call Daemon for managment of network based process communication

- - - - -

Interfaces:

- - -
- - -
- -rpc_domtrans_nfsd( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute domain in nfsd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpc_dontaudit_getattr_exports( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of the NFS export file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpc_manage_nfs_ro_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow domain to create read and write NFS directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -rpc_manage_nfs_rw_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow domain to create read and write NFS directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -rpc_read_exports( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow read access to exports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpc_search_nfs_state_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Search NFS state data in /var/lib/nfs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -rpc_udp_rw_nfs_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow domain to read and write to an NFS UDP socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -rpc_udp_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to rpc and recieve UDP traffic from rpc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -rpc_udp_send_nfs( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP traffic to NFSd. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -rpc_write_exports( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow write access to exports. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -rpc_domain_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The template to define a rpc domain. -

- - -
Description
-

-

-This template creates a domain to be used for -a new rpc daemon. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The type of daemon to be used. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_rshd.html b/www/api-docs/services_rshd.html deleted file mode 100644 index 6012c4c..0000000 --- a/www/api-docs/services_rshd.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: rshd

- -

Description:

- -

Remote shell service.

- - - - -

Interfaces:

- - -
- - -
- -rshd_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Domain transition to rshd. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_rsync.html b/www/api-docs/services_rsync.html deleted file mode 100644 index 902689d..0000000 --- a/www/api-docs/services_rsync.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: rsync

- -

Description:

- -

Fast incremental file transfer for synchronization

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_samba.html b/www/api-docs/services_samba.html deleted file mode 100644 index 3c2609a..0000000 --- a/www/api-docs/services_samba.html +++ /dev/null @@ -1,1136 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: samba

- -Interfaces -Templates - -

Description:

- -

-SMB and CIFS client/server programs for UNIX and -name Service Switch daemon for resolving names -from Windows NT servers. -

- - - - -

Interfaces:

- - -
- - -
- -samba_domtrans_net( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute samba net in the samba_net domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -samba_domtrans_smbmount( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute smbmount in the smbmount domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -samba_domtrans_winbind_helper( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute winbind_helper in the winbind_helper domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -samba_exec_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute samba log in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -samba_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read -samba configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_read_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read samba's log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_read_secrets( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read samba's secrets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_read_winbind_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read the winbind pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_run_net( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute samba net in the samba_net domain, and -allow the specified role the samba_net domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the samba_net domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the samba_net domain to use. -

-		 -No -
-
-
- - -
- - -
- -samba_run_winbind_helper( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute winbind_helper in the winbind_helper domain, and -allow the specified role the winbind_helper domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the winbind_helper domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the winbind_helper domain to use. -

-		 -No -
-
-
- - -
- - -
- -samba_rw_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read -and write samba configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_rw_smbmount_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to read and write to smbmount tcp sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_rw_var_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to -read and write samba /var files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_search_var( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to search -samba /var directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_stream_connect_winbind( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to winbind. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -samba_write_smbmount_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to write to smbmount tcp sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -samba_per_userdomain_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The per user domain template for the samba module. -

- - -
Description
-

-

-This template allows smbd to manage files in -a user home directory, creating files with the -correct type. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_sasl.html b/www/api-docs/services_sasl.html deleted file mode 100644 index 0f58dfe..0000000 --- a/www/api-docs/services_sasl.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: sasl

- -

Description:

- -

SASL authentication server

- - - - -

Interfaces:

- - -
- - -
- -sasl_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to SASL. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_sendmail.html b/www/api-docs/services_sendmail.html deleted file mode 100644 index 69379ba..0000000 --- a/www/api-docs/services_sendmail.html +++ /dev/null @@ -1,568 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: sendmail

- -

Description:

- -

Policy for sendmail.

- - - - -

Interfaces:

- - -
- - -
- -sendmail_create_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Create sendmail logs with the correct type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sendmail_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Domain transition to sendmail. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sendmail_manage_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete sendmail logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sendmail_rw_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write sendmail TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sendmail_rw_unix_stream_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write sendmail unix_stream_sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sendmail_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-Sendmail stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_slrnpull.html b/www/api-docs/services_slrnpull.html deleted file mode 100644 index 59c4353..0000000 --- a/www/api-docs/services_slrnpull.html +++ /dev/null @@ -1,401 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: slrnpull

- -

Description:

- -

Service for downloading news feeds the slrn newsreader.

- - - - -

Interfaces:

- - -
- - -
- -slrnpull_manage_spool( - - - - - pty_type - - - )
-
-
- -
Summary
-

-Allow the domain to create, read, -write, and delete slrnpull spools. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-pty_type - -

-domain allowed access -

-		 -No -
-
-
- - -
- - -
- -slrnpull_search_spool( - - - - - pty_type - - - )
-
-
- -
Summary
-

-Allow the domain to search slrnpull spools. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-pty_type - -

-domain allowed access -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_smartmon.html b/www/api-docs/services_smartmon.html deleted file mode 100644 index b5d8ea9..0000000 --- a/www/api-docs/services_smartmon.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: smartmon

- -

Description:

- -

Smart disk monitoring daemon policy

- - - - -

Interfaces:

- - -
- - -
- -smartmon_read_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow caller to read smartmon temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The process type reading the temporary files. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_snmp.html b/www/api-docs/services_snmp.html deleted file mode 100644 index 602a07f..0000000 --- a/www/api-docs/services_snmp.html +++ /dev/null @@ -1,442 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: snmp

- -

Description:

- -

Simple network management protocol services

- - - - -

Interfaces:

- - -
- - -
- -snmp_read_snmp_var_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read snmpd libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -snmp_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Use snmp over a TCP connection. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -snmp_udp_chat( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive UDP traffic to SNMP -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_spamassassin.html b/www/api-docs/services_spamassassin.html deleted file mode 100644 index 4d54f0f..0000000 --- a/www/api-docs/services_spamassassin.html +++ /dev/null @@ -1,502 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: spamassassin

- -Interfaces -Templates - -

Description:

- -

Filter used for removing unsolicited email.

- - - - -

Interfaces:

- - -
- - -
- -spamassassin_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the standalone spamassassin -program in the caller directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -spamassassin_exec_client( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the spamassassin client -program in the caller directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -spamassassin_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the spamassassin module. -

- - -
Description
-

-

-The per user domain template for the spamassassin module. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_squid.html b/www/api-docs/services_squid.html deleted file mode 100644 index 2293bc6..0000000 --- a/www/api-docs/services_squid.html +++ /dev/null @@ -1,569 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: squid

- -

Description:

- -

Squid caching http proxy server

- - - - -

Interfaces:

- - -
- - -
- -squid_append_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Append squid logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -squid_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute squid in the squid domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -squid_manage_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -squid logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -squid_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read squid configuration file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -squid_read_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Append squid logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -squid_use( - - - - - domain - - - )
-
-
- -
Summary
-

-Use squid services by connecting over TCP. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_ssh.html b/www/api-docs/services_ssh.html deleted file mode 100644 index e4a974f..0000000 --- a/www/api-docs/services_ssh.html +++ /dev/null @@ -1,683 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ssh

- -Interfaces -Templates - -

Description:

- -

Secure shell client and server policy.

- - - - -

Interfaces:

- - -
- - -
- -ssh_dontaudit_read_server_keys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read ssh server keys -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ssh_dontaudit_rw_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write -ssh server TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -ssh_read_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read a ssh server unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ssh_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to the ssh server. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -ssh_tcp_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to SSH daemons over TCP sockets. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -ssh_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the ssh module. -

- - -
Description
-

-

-This template creates a derived domains which are used -for ssh client sessions and user ssh agents. A derived -type is also created to protect the user ssh keys. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -
- - -
- -ssh_server_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The template to define a ssh server. -

- - -
Description
-

-

-This template creates a domains to be used for -creating a ssh server. This is typically done -to have multiple ssh servers of different sensitivities, -such as for an internal network-facing ssh server, and -a external network-facing ssh server. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the server domain (e.g., sshd -is the prefix for sshd_t). -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_stunnel.html b/www/api-docs/services_stunnel.html deleted file mode 100644 index 00b77cc..0000000 --- a/www/api-docs/services_stunnel.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: stunnel

- -

Description:

- -

SSL Tunneling Proxy

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_sysstat.html b/www/api-docs/services_sysstat.html deleted file mode 100644 index 591919f..0000000 --- a/www/api-docs/services_sysstat.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: sysstat

- -

Description:

- -

Policy for sysstat. Reports on various system states

- - - - -

Interfaces:

- - -
- - -
- -sysstat_manage_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Manage sysstat logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_tcpd.html b/www/api-docs/services_tcpd.html deleted file mode 100644 index 757a6fa..0000000 --- a/www/api-docs/services_tcpd.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: tcpd

- -

Description:

- -

Policy for TCP daemon.

- - - - -

Interfaces:

- - -
- - -
- -tcpd_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute tcpd in the tcpd domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_telnet.html b/www/api-docs/services_telnet.html deleted file mode 100644 index e71ed0e..0000000 --- a/www/api-docs/services_telnet.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: telnet

- -

Description:

- -

Telnet daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_tftp.html b/www/api-docs/services_tftp.html deleted file mode 100644 index f89542c..0000000 --- a/www/api-docs/services_tftp.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: tftp

- -

Description:

- -

Trivial file transfer protocol daemon

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_timidity.html b/www/api-docs/services_timidity.html deleted file mode 100644 index 01f47ff..0000000 --- a/www/api-docs/services_timidity.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: timidity

- -

Description:

- -

MIDI to WAV converter and player configured as a service

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_ucspitcp.html b/www/api-docs/services_ucspitcp.html deleted file mode 100644 index 0f86b1f..0000000 --- a/www/api-docs/services_ucspitcp.html +++ /dev/null @@ -1,380 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: ucspitcp

- -

Description:

- -

-

-Policy for DJB's ucspi-tcpd -

-

- - - - -

Interfaces:

- - -
- - -
- -ucspitcp_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Define a specified domain as a ucspitcp service. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-entrypoint - -

-The type associated with the process program. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_uucp.html b/www/api-docs/services_uucp.html deleted file mode 100644 index f49c09f..0000000 --- a/www/api-docs/services_uucp.html +++ /dev/null @@ -1,312 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: uucp

- -

Description:

- -

Unix to Unix Copy

- - - - - -

No interfaces or templates.

- - -
- - diff --git a/www/api-docs/services_xfs.html b/www/api-docs/services_xfs.html deleted file mode 100644 index 99e8b33..0000000 --- a/www/api-docs/services_xfs.html +++ /dev/null @@ -1,401 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: xfs

- -

Description:

- -

X Windows Font Server

- - - - -

Interfaces:

- - -
- - -
- -xfs_read_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Read a X font server named socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xfs_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to a X font server over -a unix domain stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/services_xserver.html b/www/api-docs/services_xserver.html deleted file mode 100644 index 4160777..0000000 --- a/www/api-docs/services_xserver.html +++ /dev/null @@ -1,1236 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: xserver

- -Interfaces -Templates - -

Description:

- -

X Windows Server

- - - - -

Interfaces:

- - -
- - -
- -xserver_create_xdm_tmp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Create a named socket in a XDM -temporary directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_delete_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write the X server -log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit -

-		 -No -
-
-
- - -
- - -
- -xserver_domtrans_xdm_xserver( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the X server in the XDM X server domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_dontaudit_write_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write the X server -log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit -

-		 -No -
-
-
- - -
- - -
- -xserver_read_xdm_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Read XDM pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_read_xdm_rw_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read xdm-writable configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_setattr_xdm_tmp_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of XDM temporary directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_stream_connect_xdm( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to XDM over a unix domain -stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_xsession_entry_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Make an X session script an entrypoint for the specified domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain for which the shell is an entrypoint. -

-		 -No -
-
-
- - -
- - -
- -xserver_xsession_spec_domtrans( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute an X session in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Description
-

-

-Execute an Xsession in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-The type of the shell process. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -xserver_common_domain_template( - - - - - prefix - - - )
-
-
- -
Summary
-

-Template to create types and rules common to -all X server domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix of the domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -
- - -
- -xserver_domtrans_user_xauth( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Transition to a user Xauthority domain. -

- - -
Description
-

-

-Transition to a user Xauthority domain. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -xserver_per_userdomain_template( - - - - - prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the xserver module. -

- - -
Description
-

-

-Define a derived domain for the X server when executed -by a user domain (e.g. via startx). See the xdm module -if using an X Display Manager. -

-

-This is invoked automatically for each user and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -
- - -
- -xserver_ro_session_template( - - - - - prefix - - - - , - - - - domain - - - - , - - - - tmpfs_type - - - )
-
-
- -
Summary
-

-Template for creating sessions on a -prefix X server, with read-only -access to the X server shared -memory segments. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix of the domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-tmpfs_type - -

-The type of the domain SYSV tmpfs files. -

-		 -No -
-
-
- - -
- - -
- -xserver_rw_session_template( - - - - - prefix - - - - , - - - - domain - - - - , - - - - tmpfs_type - - - )
-
-
- -
Summary
-

-Template for creating sessions on a -prefix X server, with read and write -access to the X server shared -memory segments. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix of the domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-tmpfs_type - -

-The type of the domain SYSV tmpfs files. -

-		 -No -
-
-
- - -
- - -
- -xserver_user_client_template( - - - - - prefix - - - - , - - - - domain - - - - , - - - - tmpfs_type - - - )
-
-
- -
Summary
-

-Template for creating full client sessions -on a user X server. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-prefix - -

-The prefix of the domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-tmpfs_type - -

-The type of the domain SYSV tmpfs files. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/services_zebra.html b/www/api-docs/services_zebra.html deleted file mode 100644 index 9dba3a5..0000000 --- a/www/api-docs/services_zebra.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: services

-

Module: zebra

- -

Description:

- -

Zebra border gateway protocol network routing service

- - - - -

Interfaces:

- - -
- - -
- -zebra_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the configuration files for zebra. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/style.css b/www/api-docs/style.css deleted file mode 100644 index 9bac0d9..0000000 --- a/www/api-docs/style.css +++ /dev/null @@ -1,216 +0,0 @@ -body { - margin:0px; - padding:0px; - font-family:verdana, arial, helvetica, sans-serif; - color:#333; - background-color:white; - } -h1 { - margin:0px 0px 5px 0px; - padding:0px; - font-size:150% - line-height:28px; - font-weight:900; - color:#ccc; - } -h2 { - font-size:125%; - margin:0px; - padding:5px 0px 10px 0px; - } -h3 { - font-size:110%; - margin:0px; - padding:5px 0px 10px 5px; - } -h4 { - font-size:100%; - margin:0px; - padding:5px 0px 10px 5px; - } -h5 { - font-size:100%; - margin:0px; - font-weight:600; - padding:0px 0px 5px 0px; - margin:0px 0px 0px 5px; -} -li { - font:11px/20px verdana, arial, helvetica, sans-serif; - margin:0px 0px 0px 10px; - padding:0px; - } -p { - /* normal */ - font:11px/20px verdana, arial, helvetica, sans-serif; - margin:0px 0px 0px 10px; - padding:0px; - } - -tt { - /* inline code */ - font-family: monospace; - } - -table { - background-color:#efefef; - /*background-color: white;*/ - border-style:solid; - border-color:black; - border-width:0px 1px 1px 0px; - color: black; - text-align: left; - font:11px/20px verdana, arial, helvetica, sans-serif; - margin-left: 5%; - margin-right: 5%; -} - -th { - font-weight:500; - background-color: #eaeaef; - text-align: center; -} - -td.header { - font-weight: bold; -} - -#Content>p {margin:0px;} -#Content>p+p {text-indent:30px;} -a { - color:#09c; - font-size:11px; - text-decoration:none; - font-weight:600; - font-family:verdana, arial, helvetica, sans-serif; - } -a:link {color:#09c;} -a:visited {color:#07a;} -a:hover {background-color:#eee;} - -#Codeblock { - margin:5px 50px 5px 10px; - padding:5px 0px 5px 15px; - border-style:solid; - border-color:lightgrey; - border-width:1px 1px 1px 1px; - background-color:#f5f5ff; - font-size:100%; - font-weight:600; - text-decoration:none; - font-family:monospace; -} -#Interface { - margin:5px 0px 25px 5px; - padding:5px 0px 5px 5px; - border-style:solid; - border-color:black; - border-width:1px 1px 1px 1px; - background-color:#fafafa; - font-size:14px; - font-weight:400; - text-decoration:none; - font-family:verdana, arial, helvetica, sans-serif; -} -#Interfacesmall { - margin:0px 0px 5px 0px; - padding:5px 0px 0px 5px; - border-style:solid; - border-color:black; - border-width:1px 1px 1px 1px; - background-color:#fafafa; - font-size:14px; - font-weight:400; - text-decoration:none; - font-family:verdana, arial, helvetica, sans-serif; -} -#Template { - margin:5px 0px 25px 5px; - padding:5px 0px 5px 5px; - border-style:solid; - border-color:black; - border-width:1px 1px 1px 1px; - background-color:#fafafa; - font-size:14px; - font-weight:400; - text-decoration:none; - font-family:verdana, arial, helvetica, sans-serif; -} -#Templatesmall { - margin:0px 0px 5px 0px; - padding:5px 0px 0px 5px; - border-style:solid; - border-color:black; - border-width:1px 1px 1px 1px; - background-color:#fafafa; - font-size:14px; - font-weight:400; - text-decoration:none; - font-family:verdana, arial, helvetica, sans-serif; -} -#Description { - margin:0px 0px 0px 5px; - padding:0px 0px 0px 5px; - text-decoration:none; - font-family:verdana, arial, helvetica, sans-serif; - font-size:12px; - font-weight:400; -} -pre { - margin:0px; - padding:0px; - font-size:14px; - text-decoration:none; - font-family:verdana, arial, helvetica, sans-serif; -} -dl { - /* definition text block */ - font:11px/20px verdana, arial, helvetica, sans-serif; - margin:0px 0px 16px 0px; - padding:0px; - } -dt { - /* definition term */ - font-weight: bold; - } - -#Header { - margin:50px 0px 10px 0px; - padding:17px 0px 0px 20px; - /* For IE5/Win's benefit height = [correct height] + [top padding] + [top and bottom border widths] */ - height:33px; /* 14px + 17px + 2px = 33px */ - border-style:solid; - border-color:black; - border-width:1px 0px; /* top and bottom borders: 1px; left and right borders: 0px */ - line-height:11px; - font-size:110%; - background-color:#eee; - voice-family: "\"}\""; - voice-family:inherit; - height:14px; /* the correct height */ - } -body>#Header {height:14px;} -#Content { - margin:0px 50px 0px 200px; - padding:10px; - } - -#Menu { - position:absolute; - top:100px; - left:20px; - width:162px; - padding:10px; - background-color:#eee; - border:1px solid #aaa; - line-height:17px; - text-align:left; - voice-family: "\"}\""; - voice-family:inherit; - width:160px; - } -#Menu subitem { - font-size: 5px; -} - -body>#Menu {width:160px;} diff --git a/www/api-docs/system.html b/www/api-docs/system.html deleted file mode 100644 index 360a79c..0000000 --- a/www/api-docs/system.html +++ /dev/null @@ -1,281 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

- -

- Policy modules for system functions from init to multi-user login. -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Module:Description:
- - authlogin

Common policy for authentication and user login.

- - clock

Policy for reading and setting the hardware clock.

- - daemontools

Collection of tools for managing UNIX services

- - fstools

Tools for filesystem management, such as mkfs and fsck.

- - getty

Policy for getty.

- - hostname

Policy for changing the system host name.

- - hotplug

-Policy for hotplug system, for supporting the -connection and disconnection of devices at runtime. -

- - init

System initialization programs (init and init scripts).

- - ipsec

TCP/IP encryption

- - iptables

Policy for iptables.

- - libraries

Policy for system libraries.

- - locallogin

Policy for local logins.

- - logging

Policy for the kernel message logger and system logging daemon.

- - lvm

Policy for logical volume management programs.

- - miscfiles

Miscelaneous files.

- - modutils

Policy for kernel module utilities

- - mount

Policy for mount.

- - pcmcia

PCMCIA card management services

- - raid

RAID array management tools

- - selinuxutil

Policy for SELinux policy and userland applications.

- - sysnetwork

Policy for network configuration: ifconfig and dhcp client.

- - udev

Policy for udev.

- - unconfined

The unconfined domain.

- - userdomain

Policy for user domains

-



- -

- - diff --git a/www/api-docs/system_authlogin.html b/www/api-docs/system_authlogin.html deleted file mode 100644 index 35bc4ac..0000000 --- a/www/api-docs/system_authlogin.html +++ /dev/null @@ -1,2684 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: authlogin

- -Interfaces -Templates - -

Description:

- -

Common policy for authentication and user login.

- - - - -

Interfaces:

- - -
- - -
- -auth_append_faillog( - - - - - domain - - - )
-
-
- -
Summary
-

-Append to the login failure log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_append_lastlog( - - - - - domain - - - )
-
-
- -
Summary
-

-Append only to the last logins log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_append_login_records( - - - - - domain - - - )
-
-
- -
Summary
-

-Append to login records (wtmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_can_read_shadow_passwords( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_delete_pam_console_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete pam_console data. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_delete_pam_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete pam PID files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_domtrans_chk_passwd( - - - - - domain - - - )
-
-
- -
Summary
-

-Run unix_chkpwd to check a password. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_domtrans_login_program( - - - - - domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a login_program in the target domain. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-target_domain - -

-The type of the login_program process. -

-		 -No -
-
-
- - -
- - -
- -auth_domtrans_pam( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute pam programs in the pam domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_domtrans_pam_console( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_domtrans_utempter( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute utempter programs in the utempter domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_dontaudit_exec_utempter( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attemps to execute utempter executable. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -auth_dontaudit_getattr_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the attributes -of the shadow passwords file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -auth_dontaudit_read_pam_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attemps to read PAM pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -auth_dontaudit_read_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the shadow -password file (/etc/shadow). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -auth_dontaudit_write_login_records( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_exec_pam( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the pam program. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_getattr_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the shadow passwords file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_list_pam_console_data( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_log_filetrans_login_records( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_login_entry_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Use the login program as an entry point program. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of process using the login program as entry point. -

-		 -No -
-
-
- - -
- - -
- -auth_manage_all_files_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Manage all files on the filesystem, except -the shadow passwords and listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -auth_manage_login_records( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_manage_pam_console_data( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_manage_pam_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Manage pam PID files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_manage_shadow( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_manage_var_auth( - - - - - domain - - - )
-
-
- -
Summary
-

-Manage var auth files. Used by various other applications -and pam applets etc. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_read_all_dirs_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Read all directories on the filesystem, except -the shadow passwords and listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -auth_read_all_files_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Read all files on the filesystem, except -the shadow passwords and listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -auth_read_all_symlinks_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Read all symbolic links on the filesystem, except -the shadow passwords and listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -auth_read_lastlog( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the last logins log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_read_login_records( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_read_pam_console_data( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_read_pam_pid( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_read_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the shadow passwords file (/etc/shadow) -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_relabel_all_files_except_shadow( - - - - - domain - - - - , - - - - exception_types - - - )
-
-
- -
Summary
-

-Relabel all files on the filesystem, except -the shadow passwords and listed exceptions. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the domain perfoming this action. -

-		 -No -
-exception_types - -

-The types to be excluded. Each type or attribute -must be negated by the caller. -

-		 -Yes -
-
-
- - -
- - -
- -auth_relabel_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel from and to the shadow -password file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_relabelto_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to the shadow -password file type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_run_pam( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute pam programs in the PAM domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the PAM domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the PAM domain to use. -

-		 -No -
-
-
- - -
- - -
- -auth_run_utempter( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute utempter programs in the utempter domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the utempter domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the utempter domain to use. -

-		 -No -
-
-
- - -
- - -
- -auth_rw_faillog( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_rw_lastlog( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write to the last logins log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_rw_login_records( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_rw_shadow( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the shadow password file (/etc/shadow). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_search_pam_console_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the contents of the -pam_console data directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -auth_setattr_login_records( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_tunable_read_shadow( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -auth_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to the authlogin module. -

- - -
Description
-

-

-Unconfined access to the authlogin module. -

-

-Currently, this only allows assertions for -the shadow passwords file (/etc/shadow) to -be passed. No access is granted yet. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_use_nsswitch( - - - - - domain - - - )
-
-
- -
Summary
-

-Use nsswitch to look up uid-username mappings. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -auth_write_login_records( - - - - - domain - - - )
-
-
- -
Summary
-

-Write to login records (wtmp). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -auth_domtrans_user_chk_passwd( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Run unix_chkpwd to check a password -for a user domain. -

- - -
Description
-

-

-Run unix_chkpwd to check a password -for a user domain. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -authlogin_common_auth_domain_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-Common template to create a domain for authentication. -

- - -
Description
-

-

-This template creates a derived domain which is allowed -to authenticate users by using PAM unix_chkpwd support. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -
- - -
- -authlogin_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
-
- -
Summary
-

-The per user domain template for the authlogin module. -

- - -
Description
-

-

-This template creates a derived domain which is allowed -to authenticate users by using PAM unix_chkpwd support. -This domain will be used by any programs running in the -user domain which use PAM to authenticate. -

-

-This template is invoked automatically for each user, and -generally does not need to be invoked directly -by policy writers. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-user_domain - -

-The type of the user domain. -

-		 -No -
-user_role - -

-The role associated with the user domain. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/system_clock.html b/www/api-docs/system_clock.html deleted file mode 100644 index ea7f38f..0000000 --- a/www/api-docs/system_clock.html +++ /dev/null @@ -1,353 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: clock

- -

Description:

- -

Policy for reading and setting the hardware clock.

- - - - -

Interfaces:

- - -
- - -
- -clock_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute hwclock in the clock domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -clock_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute hwclock in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -clock_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute hwclock in the clock domain, and -allow the specified role the hwclock domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the clock domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the clock domain to use. -

-		 -No -
-
-
- - -
- - -
- -clock_rw_adjtime( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow executing domain to modify clock drift -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_daemontools.html b/www/api-docs/system_daemontools.html deleted file mode 100644 index 557632a..0000000 --- a/www/api-docs/system_daemontools.html +++ /dev/null @@ -1,464 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: daemontools

- -

Description:

- -

-

-Policy for DJB's daemontools -

-

- - - - -

Interfaces:

- - -
- - -
- -daemontools_domtrans_multilog( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute in the svc_multilog_t domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -daemontools_domtrans_run( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute in the svc_run_t domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -daemontools_domtrans_start( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute in the svc_start_t domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -daemontools_ipc_domain( - - - - - domain - - - )
-
-
- -
Summary
-

-An ipc channel between the supervised domain and svc_start_t -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access to svc_start_t. -

-		 -No -
-
-
- - -
- - -
- -daemontools_manage_svc( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow a domain to create svc_svc_t files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -daemontools_read_svc( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow a domain to read svc_svc_t files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -daemontools_service_domain( - - - - - domain - - - - , - - - - entrypoint - - - )
-
-
- -
Summary
-

-Define a specified domain as a supervised service. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-entrypoint - -

-The type associated with the process program. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_fstools.html b/www/api-docs/system_fstools.html deleted file mode 100644 index c05e520..0000000 --- a/www/api-docs/system_fstools.html +++ /dev/null @@ -1,397 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: fstools

- -

Description:

- -

Tools for filesystem management, such as mkfs and fsck.

- - - - -

Interfaces:

- - -
- - -
- -fstools_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute fs tools in the fstools domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fstools_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute fsadm in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fstools_manage_entry_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete a file used by the -filesystem tools programs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fstools_relabelto_entry_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel a file to the type used by the -filesystem tools programs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -fstools_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute fs tools in the fstools domain, and -allow the specified role the fs tools domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the fs tools domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the fs tools domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_getty.html b/www/api-docs/system_getty.html deleted file mode 100644 index 18da826..0000000 --- a/www/api-docs/system_getty.html +++ /dev/null @@ -1,358 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: getty

- -

Description:

- -

Policy for getty.

- - - - -

Interfaces:

- - -
- - -
- -getty_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute gettys in the getty domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -getty_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to read getty config file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -getty_read_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to read getty log file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -getty_rw_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to edit getty config file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -getty_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use getty file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_hostname.html b/www/api-docs/system_hostname.html deleted file mode 100644 index e185fc7..0000000 --- a/www/api-docs/system_hostname.html +++ /dev/null @@ -1,311 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: hostname

- -

Description:

- -

Policy for changing the system host name.

- - - - -

Interfaces:

- - -
- - -
- -hostname_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute hostname in the hostname domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -hostname_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute hostname in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -hostname_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute hostname in the hostname domain, and -allow the specified role the hostname domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the hostname domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the hostname domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_hotplug.html b/www/api-docs/system_hotplug.html deleted file mode 100644 index 4c7efb4..0000000 --- a/www/api-docs/system_hotplug.html +++ /dev/null @@ -1,487 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: hotplug

- -

Description:

- -

-Policy for hotplug system, for supporting the -connection and disconnection of devices at runtime. -

- - - - -

Interfaces:

- - -
- - -
- -hotplug_domtrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -hotplug_dontaudit_search_config( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -hotplug_dontaudit_use_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -hotplug_exec( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -hotplug_getattr_config_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the hotplug configuration directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -hotplug_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the configuration files for hotplug. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -hotplug_search_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the hotplug configuration directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -hotplug_use_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_init.html b/www/api-docs/system_init.html deleted file mode 100644 index 375b549..0000000 --- a/www/api-docs/system_init.html +++ /dev/null @@ -1,2307 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: init

- -

Description:

- -

System initialization programs (init and init scripts).

- - - - -

Interfaces:

- - -
- - -
- -init_daemon_domain( - - - - - domain - - - - , - - - - entry_point - - - )
-
-
- -
Summary
-

-Create a domain for long running processes -(daemons) which can be started by init scripts. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Type to be used as a domain. -

-		 -No -
-entry_point - -

-Type of the program to be used as an entry point to this domain. -

-		 -No -
-
-
- - -
- - -
- -init_dbus_chat_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -init scripts over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_domain( - - - - - domain - - - - , - - - - entry_point - - - )
-
-
- -
Summary
-

-Create a domain which can be started by init. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Type to be used as a domain. -

-		 -No -
-entry_point - -

-Type of the program to be used as an entry point to this domain. -

-		 -No -
-
-
- - -
- - -
- -init_domtrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_domtrans_script( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_getattr_initctl( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_lock_utmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to lock -init script pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_rw_initctl( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_rw_utmp( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_stream_connect_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Dont audit the specified domain connecting to -init scripts with a unix domain stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_use_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_use_script_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_use_script_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and -write the init script pty. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -init_dontaudit_write_utmp( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the init program in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_exec_script_files( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_getattr_initctl( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_getattr_script_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attribute of init script entrypoint files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_getattr_utmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of init script process id files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_getpgid( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_getpgid_script( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_manage_utmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete utmp. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain access allowed. -

-		 -No -
-
-
- - -
- - -
- -init_read_script_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read init scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_read_script_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the process state (/proc/pid) of the init scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_read_utmp( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_run_daemon( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Start and stop daemon programs directly. -

- - -
Description
-

-

-Start and stop daemon programs directly -in the traditional "/etc/init.d/daemon start" -style, and do not require run_init. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be performing this action. -

-		 -No -
-terminal - -

-The type of the terminal of the user. -

-		 -No -
-
-
- - -
- - -
- -init_rw_initctl( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_rw_script_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write init script unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_rw_script_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write init script temporary data. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_rw_utmp( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_script_file_domtrans( - - - - - source_domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Execute a init script in a specified domain. -

- - -
Description
-

-

-Execute a init script in a specified domain. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-source_domain - -

-Domain to transition from. -

-		 -No -
-target_domain - -

-Domain to transition to. -

-		 -No -
-
-
- - -
- - -
- -init_script_file_entry_type( - - - - - domain - - - )
-
-
- -
Summary
-

-Make init scripts an entry point for -the specified domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain for which init scripts are an entrypoint. -

-		 -No -
-
-
- - -
- - -
- -init_script_tmp_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create files in a init script -temporary data directory. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-file_type - -

-The type of the object to be created -

-		 -No -
-object_class - -

-The object class. -

-		 -No -
-
-
- - -
- - -
- -init_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send init a SIGCHLD signal. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_sigchld_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Send SIGCHLD signals to init scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_signal_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to init scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_signull( - - - - - domain - - - )
-
-
- -
Summary
-

-Send init a null signal. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_signull_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Send null signals to init scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_stream_connect_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the specified domain to connect to -init scripts with a unix socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_system_domain( - - - - - domain - - - - , - - - - entry_point - - - )
-
-
- -
Summary
-

-Create a domain for short running processes -which can be started by init scripts. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Type to be used as a domain. -

-		 -No -
-entry_point - -

-Type of the program to be used as an entry point to this domain. -

-		 -No -
-
-
- - -
- - -
- -init_udp_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to init. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_udp_send_script( - - - - - domain - - - )
-
-
- -
Summary
-

-Send UDP network traffic to init scripts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_use_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_use_script_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_use_script_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the init script pty. -

- - -
Description
-

-

-Read and write the init script pty. This -pty is generally opened by the open_init_pty -portion of the run_init program so that the -daemon does not require direct access to -the administrator terminal. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -init_write_initctl( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -init_write_script_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Write an init script unnamed pipe. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_ipsec.html b/www/api-docs/system_ipsec.html deleted file mode 100644 index a5e8dd8..0000000 --- a/www/api-docs/system_ipsec.html +++ /dev/null @@ -1,400 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: ipsec

- -

Description:

- -

TCP/IP encryption

- - - - -

Interfaces:

- - -
- - -
- -ipsec_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ipsec in the ipsec domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ipsec_exec_mgmt( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the IPSEC management program in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ipsec_getattr_key_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of an IPSEC key socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ipsec_manage_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the IPSEC pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ipsec_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the IPSEC configuration -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -ipsec_stream_connect( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect to IPSEC using a unix domain stream socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_iptables.html b/www/api-docs/system_iptables.html deleted file mode 100644 index e19e775..0000000 --- a/www/api-docs/system_iptables.html +++ /dev/null @@ -1,311 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: iptables

- -

Description:

- -

Policy for iptables.

- - - - -

Interfaces:

- - -
- - -
- -iptables_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute iptables in the iptables domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -iptables_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute iptables in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -iptables_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute iptables in the iptables domain, and -allow the specified role the iptables domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-role - -

-The role to be allowed the iptables domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the iptables domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_libraries.html b/www/api-docs/system_libraries.html deleted file mode 100644 index 8b60e8d..0000000 --- a/www/api-docs/system_libraries.html +++ /dev/null @@ -1,1035 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: libraries

- -

Description:

- -

Policy for system libraries.

- - - - -

Interfaces:

- - -
- - -
- -libs_delete_lib_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete generic symlinks in library directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_domtrans_ldconfig( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ldconfig in the ldconfig domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_exec_ld_so( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute the dynamic link/loader in the caller's domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_exec_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute library scripts in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_legacy_use_ld_so( - - - - - domain - - - )
-
-
- -
Summary
-

-Use the dynamic link/loader for automatic loading -of shared libraries with legacy support. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_legacy_use_shared_libs( - - - - - domain - - - )
-
-
- -
Summary
-

-Load and execute functions from shared libraries, -with legacy support. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_manage_ld_so( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the -dynamic link/loader. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_manage_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete generic -files in library directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_manage_shared_libs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete shared libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_read_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in the library directories, such -as static libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_relabel_ld_so( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to and from the type used for -the dynamic link/loader. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_relabel_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to and from the type used -for generic lib files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_relabel_shared_libs( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel to and from the type used for -shared libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -libs_relabelto_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel files to the type used in library directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_run_ldconfig( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute ldconfig in the ldconfig domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the ldconfig domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the ldconfig domain to use. -

-		 -No -
-
-
- - -
- - -
- -libs_rw_ld_so_cache( - - - - - domain - - - )
-
-
- -
Summary
-

-Modify the dynamic link/loader's cached listing -of shared libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_search_lib( - - - - - domain - - - )
-
-
- -
Summary
-

-Search lib directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_use_ld_so( - - - - - domain - - - )
-
-
- -
Summary
-

-Use the dynamic link/loader for automatic loading -of shared libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_use_lib_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Load and execute functions from generic -lib files as shared libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -libs_use_shared_libs( - - - - - domain - - - )
-
-
- -
Summary
-

-Load and execute functions from shared libraries. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_locallogin.html b/www/api-docs/system_locallogin.html deleted file mode 100644 index 33c630c..0000000 --- a/www/api-docs/system_locallogin.html +++ /dev/null @@ -1,316 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: locallogin

- -

Description:

- -

Policy for local logins.

- - - - -

Interfaces:

- - -
- - -
- -locallogin_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute local logins in the local login domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -locallogin_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit local login file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -locallogin_signull( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a null signal to local login processes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -locallogin_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow processes to inherit local login file descriptors. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_logging.html b/www/api-docs/system_logging.html deleted file mode 100644 index 20e6ab6..0000000 --- a/www/api-docs/system_logging.html +++ /dev/null @@ -1,950 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: logging

- -

Description:

- -

Policy for the kernel message logger and system logging daemon.

- - - - -

Interfaces:

- - -
- - -
- -logging_append_all_logs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_domtrans_auditctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute auditctl in the auditctl domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -logging_domtrans_syslog( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute syslogd in the syslog domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -logging_dontaudit_getattr_all_logs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_exec_all_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute all log files in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -logging_list_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-List the contents of the generic log directory (/var/log). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -logging_log_file( - - - - - file_type - - - )
-
-
- -
Summary
-

-Make the specified type a file -used for logs. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-file_type - -

-Type of the file to be used as a log. -

-		 -No -
-
-
- - -
- - -
- -logging_log_filetrans( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_manage_all_logs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_manage_generic_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -generic log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -logging_read_all_logs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_read_audit_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the auditd configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -logging_read_audit_log( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the audit log. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -logging_read_generic_logs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_rw_generic_log_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the generic log directory (/var/log). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -logging_rw_generic_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write generic log files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -logging_search_logs( - - - - - domain - - - )
-
-
- -
Summary
-

-Allows the domain to open a file in the -log directory, but does not allow the listing -of the contents of the log directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -logging_send_syslog_msg( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -logging_write_generic_logs( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_lvm.html b/www/api-docs/system_lvm.html deleted file mode 100644 index c245996..0000000 --- a/www/api-docs/system_lvm.html +++ /dev/null @@ -1,310 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: lvm

- -

Description:

- -

Policy for logical volume management programs.

- - - - -

Interfaces:

- - -
- - -
- -lvm_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute lvm programs in the lvm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -lvm_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read LVM configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -lvm_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute lvm programs in the lvm domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the LVM domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the LVM domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_miscfiles.html b/www/api-docs/system_miscfiles.html deleted file mode 100644 index 9be30f8..0000000 --- a/www/api-docs/system_miscfiles.html +++ /dev/null @@ -1,738 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: miscfiles

- -

Description:

- -

Miscelaneous files.

- - - - -

Interfaces:

- - -
- - -
- -miscfiles_delete_man_pages( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete man pages -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_dontaudit_search_man_pages( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search man pages. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_exec_tetex_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute TeX data programs in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_legacy_read_localization( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to read legacy time localization info -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_manage_fonts( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete fonts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_manage_man_pages( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete man pages -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_manage_public_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete public files -and directories used for file transfer services. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_certs( - - - - - domain - - - )
-
-
- -
Summary
-

-Read system SSL certificates. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_fonts( - - - - - domain - - - )
-
-
- -
Summary
-

-Read fonts. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_hwdata( - - - - - domain - - - )
-
-
- -
Summary
-

-Read hardware identification data. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_localization( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to read localization info -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_man_pages( - - - - - domain - - - )
-
-
- -
Summary
-

-Read man pages -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_public_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read public files used for file -transfer services. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -miscfiles_read_tetex_data( - - - - - domain - - - )
-
-
- -
Summary
-

-Read TeX data -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_modutils.html b/www/api-docs/system_modutils.html deleted file mode 100644 index b23cca1..0000000 --- a/www/api-docs/system_modutils.html +++ /dev/null @@ -1,807 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: modutils

- -

Description:

- -

Policy for kernel module utilities

- - - - -

Interfaces:

- - -
- - -
- -modutils_domtrans_depmod( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute depmod in the depmod domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_domtrans_insmod( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute insmod in the insmod domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_domtrans_insmod_uncond( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconditionally execute insmod in the insmod domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_domtrans_update_mods( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute depmod in the depmod domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_exec_depmod( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -modutils_exec_insmod( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -modutils_exec_update_mods( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -modutils_read_module_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the configuration options used when -loading modules. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_read_module_deps( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the dependencies of kernel modules. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_rename_module_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Rename a file with the configuration options used when -loading modules. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -modutils_run_depmod( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute depmod in the depmod domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the depmod domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the depmod domain to use. -

-		 -No -
-
-
- - -
- - -
- -modutils_run_insmod( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute insmod in the insmod domain, and -allow the specified role the insmod domain, -and use the caller's terminal. Has a sigchld -backchannel. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the insmod domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the insmod domain to use. -

-		 -No -
-
-
- - -
- - -
- -modutils_run_update_mods( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute update_modules in the update_modules domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the update_modules domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the update_modules domain to use. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_mount.html b/www/api-docs/system_mount.html deleted file mode 100644 index 2f5233e..0000000 --- a/www/api-docs/system_mount.html +++ /dev/null @@ -1,397 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: mount

- -

Description:

- -

Policy for mount.

- - - - -

Interfaces:

- - -
- - -
- -mount_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute mount in the mount domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mount_exec( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute mount in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mount_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute mount in the mount domain, and -allow the specified role the mount domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the mount domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the mount domain to use. -

-		 -No -
-
-
- - -
- - -
- -mount_send_nfs_client_request( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the mount domain to send nfs requests for mounting -network drives -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -mount_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Use file descriptors for mount. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_pcmcia.html b/www/api-docs/system_pcmcia.html deleted file mode 100644 index 25b4cf6..0000000 --- a/www/api-docs/system_pcmcia.html +++ /dev/null @@ -1,523 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: pcmcia

- -

Description:

- -

PCMCIA card management services

- - - - -

Interfaces:

- - -
- - -
- -pcmcia_domtrans_cardctl( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute cardctl in the cardmgr domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -pcmcia_domtrans_cardmgr( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute cardmgr in the cardmgr domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -pcmcia_manage_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -cardmgr pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -pcmcia_manage_pid_chr_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -cardmgr runtime character nodes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -pcmcia_read_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Read cardmgr pid files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -pcmcia_run_cardctl( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute cardmgr in the cardctl domain, and -allow the specified role the cardmgr domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the cardmgr domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the cardmgr domain to use. -

-		 -No -
-
-
- - -
- - -
- -pcmcia_stub( - - - - - domain - - - )
-
-
- -
Summary
-

-PCMCIA stub interface. No access allowed. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-N/A -

-		 -Yes -
-
-
- - -
- - -
- -pcmcia_use_cardmgr_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use file descriptors from cardmgr. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_raid.html b/www/api-docs/system_raid.html deleted file mode 100644 index 13e1949..0000000 --- a/www/api-docs/system_raid.html +++ /dev/null @@ -1,242 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: raid

- -

Description:

- -

RAID array management tools

- - - - -

Interfaces:

- - -
- - -
- -raid_domtrans_mdadm( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute software raid tools in the mdadm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -raid_manage_mdadm_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete the mdadm pid files. -

- - -
Description
-

-

-Create, read, write, and delete the mdadm pid files. -

-

-Added for use in the init module. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_selinuxutil.html b/www/api-docs/system_selinuxutil.html deleted file mode 100644 index 2a0e9ad..0000000 --- a/www/api-docs/system_selinuxutil.html +++ /dev/null @@ -1,2241 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: selinuxutil

- -

Description:

- -

Policy for SELinux policy and userland applications.

- - - - -

Interfaces:

- - -
- - -
- -seutil_create_bin_policy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_checkpolicy( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute checkpolicy in the checkpolicy domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_loadpolicy( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute load_policy in the load_policy domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_newrole( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute newrole in the load_policy domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_restorecon( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute restorecon in the restorecon domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_runinit( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute run_init in the run_init domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_semanage( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a domain transition to run semanage. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed to transition. -

-		 -No -
-
-
- - -
- - -
- -seutil_domtrans_setfiles( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute setfiles in the setfiles domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_dontaudit_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read the SELinux -userland configuration (/etc/selinux). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -seutil_dontaudit_search_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the SELinux -configuration directory (/etc/selinux). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -seutil_dontaudit_signal_newrole( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit the caller attempts to send -a signal to newrole. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_exec_checkpolicy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_exec_loadpolicy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_exec_newrole( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_exec_restorecon( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_exec_setfiles( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_get_semanage_read_lock( - - - - - domain - - - )
-
-
- -
Summary
-

-Get read lock on module store -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_get_semanage_trans_lock( - - - - - domain - - - )
-
-
- -
Summary
-

-Get trans lock on module store -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_init_script_domtrans_runinit( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute init scripts in the run_init domain. -

- - -
Description
-

-

-Execute init scripts in the run_init domain. -This is used for the Gentoo integrated run_init. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -seutil_init_script_run_runinit( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute init scripts in the run_init domain, and -allow the specified role the run_init domain, -and use the caller's terminal. -

- - -
Description
-

-

-Execute init scripts in the run_init domain, and -allow the specified role the run_init domain, -and use the caller's terminal. -

-

-This is used for the Gentoo integrated run_init. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the run_init domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the run_init domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_manage_bin_policy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_manage_module_store( - - - - - domain - - - )
-
-
- -
Summary
-

-Full management of the semanage -module store. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -seutil_manage_src_policy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_read_bin_policy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_read_config( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_read_default_contexts( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_read_file_contexts( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_read_loadpolicy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_read_src_policy( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_relabelto_bin_policy( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow the caller to relabel a file to the binary policy type. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_checkpolicy( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute checkpolicy in the checkpolicy domain, and -allow the specified role the checkpolicy domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the checkpolicy domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the checkpolicy domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_loadpolicy( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute load_policy in the load_policy domain, and -allow the specified role the load_policy domain, -and use the caller's terminal. -Has a SIGCHLD signal backchannel. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the load_policy domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the load_policy domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_newrole( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute newrole in the newrole domain, and -allow the specified role the newrole domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the newrole domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the newrole domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_restorecon( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute restorecon in the restorecon domain, and -allow the specified role the restorecon domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the restorecon domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the restorecon domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_runinit( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute run_init in the run_init domain, and -allow the specified role the run_init domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the run_init domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the run_init domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_semanage( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute semanage in the semanage domain, and -allow the specified role the semanage domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the checkpolicy domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the semanage domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_run_setfiles( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute setfiles in the setfiles domain, and -allow the specified role the setfiles domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the setfiles domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the setfiles domain to use. -

-		 -No -
-
-
- - -
- - -
- -seutil_rw_file_contexts( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write the file_contexts files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -seutil_search_default_contexts( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the policy directory with default_context files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -seutil_sigchld_newrole( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_use_newrole_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -
- - -
- -seutil_use_runinit_fds( - - - - - ? - - - )
-
-
- -
Summary
-

-Summary is missing! -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-? - -

-Parameter descriptions are missing! -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_sysnetwork.html b/www/api-docs/system_sysnetwork.html deleted file mode 100644 index 2bdfdd9..0000000 --- a/www/api-docs/system_sysnetwork.html +++ /dev/null @@ -1,1323 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: sysnetwork

- -

Description:

- -

Policy for network configuration: ifconfig and dhcp client.

- - - - -

Interfaces:

- - -
- - -
- -sysnet_dbus_chat_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Send and receive messages from -dhcpc over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_delete_dhcpc_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Delete the dhcp client pid file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_dhcp_state_filetrans( - - - - - domain - - - - , - - - - file_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create DHCP state data. -

- - -
Description
-

-

-Create DHCP state data. -

-

-This is added for DHCP server, as -the server and client put their state -files in the same directory. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-file_type - -

-The type of the object to be created -

-		 -No -
-object_class - -

-The object class. -

-		 -No -
-
-
- - -
- - -
- -sysnet_dns_name_resolve( - - - - - domain - - - )
-
-
- -
Summary
-

-Perform a DNS name resolution. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_domtrans_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute dhcp client in dhcpc domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_domtrans_ifconfig( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ifconfig in the ifconfig domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_dontaudit_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read network config files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -sysnet_etc_filetrans_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Create files in /etc with the type used for -the network config files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_exec_ifconfig( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute ifconfig in the caller domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_kill_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a kill signal to the dhcp client. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain sending the SIGKILL. -

-		 -No -
-
-
- - -
- - -
- -sysnet_manage_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete network config files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_read_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow network init to read network config files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_read_dhcp_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the DHCP configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_read_dhcpc_pid( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the dhcp client pid file. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -sysnet_read_dhcpc_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Read dhcp client state files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_run_dhcpc( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute DHCP clients in the dhcpc domain, and -allow the specified role the dhcpc domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the clock domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the clock domain to use. -

-		 -No -
-
-
- - -
- - -
- -sysnet_run_ifconfig( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute ifconfig in the ifconfig domain, and -allow the specified role the ifconfig domain, -and use the caller's terminal. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to be allowed the ifconfig domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the ifconfig domain to use. -

-		 -No -
-
-
- - -
- - -
- -sysnet_rw_dhcp_config( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write dhcp configuration files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_search_dhcp_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the DHCP state data directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_sigchld_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to the dhcp client. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain sending the SIGCHLD. -

-		 -No -
-
-
- - -
- - -
- -sysnet_signal_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a generic signal to the dhcp client. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain sending the signal. -

-		 -No -
-
-
- - -
- - -
- -sysnet_signull_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a null signal to the dhcp client. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain sending the null signal. -

-		 -No -
-
-
- - -
- - -
- -sysnet_sigstop_dhcpc( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGSTOP signal to the dhcp client. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The domain sending the SIGSTOP. -

-		 -No -
-
-
- - -
- - -
- -sysnet_use_ldap( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect and use a LDAP server. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -sysnet_use_portmap( - - - - - domain - - - )
-
-
- -
Summary
-

-Connect and use remote port mappers. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_udev.html b/www/api-docs/system_udev.html deleted file mode 100644 index 4e3547d..0000000 --- a/www/api-docs/system_udev.html +++ /dev/null @@ -1,444 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: udev

- -

Description:

- -

Policy for udev.

- - - - -

Interfaces:

- - -
- - -
- -udev_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute udev in the udev domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -udev_dontaudit_rw_dgram_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -to a udev unix datagram socket. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -udev_dontaudit_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit a -udev file descriptor. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -udev_helper_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a udev helper in the udev domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -udev_read_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to read list of devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -
- - -
- -udev_read_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to read udev process state. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -udev_rw_db( - - - - - domain - - - )
-
-
- -
Summary
-

-Allow process to modify list of devices. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_unconfined.html b/www/api-docs/system_unconfined.html deleted file mode 100644 index ce82257..0000000 --- a/www/api-docs/system_unconfined.html +++ /dev/null @@ -1,799 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: unconfined

- -

Description:

- -

The unconfined domain.

- - - - -

Interfaces:

- - -
- - -
- -unconfined_alias_domain( - - - - - domain - - - )
-
-
- -
Summary
-

-Add an alias type to the unconfined domain. -

- - -
Description
-

-

-Add an alias type to the unconfined domain. -

-

-This is added to support targeted policy. Its -use should be limited. It has no effect -on the strict policy. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-New alias of the unconfined domain. -

-		 -No -
-
-
- - -
- - -
- -unconfined_dbus_send( - - - - - domain - - - )
-
-
- -
Summary
-

-Send messages to the unconfined domain over dbus. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_domain( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the specified domain unconfined and -audit executable memory and executable heap -usage. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to make unconfined. -

-		 -No -
-
-
- - -
- - -
- -unconfined_domain_noaudit( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the specified domain unconfined. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to make unconfined. -

-		 -No -
-
-
- - -
- - -
- -unconfined_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Transition to the unconfined domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_dontaudit_read_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read unconfined domain unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_dontaudit_rw_tcp_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read or write -unconfined domain tcp sockets. -

- - -
Description
-

-

-Do not audit attempts to read or write -unconfined domain tcp sockets. -

-

-This interface was added due to a broken -symptom in ldconfig. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -unconfined_read_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read unconfined domain unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
-
- -
Summary
-

-Execute specified programs in the unconfined domain. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-The type of the process performing this action. -

-		 -No -
-role - -

-The role to allow the unconfined domain. -

-		 -No -
-terminal - -

-The type of the terminal allow the unconfined domain to use. -

-		 -No -
-
-
- - -
- - -
- -unconfined_rw_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unconfined domain unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_shell_domtrans( - - - - - domain - - - )
-
-
- -
Summary
-

-Transition to the unconfined domain by executing a shell. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_sigchld( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to the unconfined domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_signal( - - - - - domain - - - )
-
-
- -
Summary
-

-Send generic signals to the unconfined domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -unconfined_use_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit file descriptors from the unconfined domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - - -
- - diff --git a/www/api-docs/system_userdomain.html b/www/api-docs/system_userdomain.html deleted file mode 100644 index 13f8554..0000000 --- a/www/api-docs/system_userdomain.html +++ /dev/null @@ -1,7425 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
- -

Layer: system

-

Module: userdomain

- -Interfaces -Templates - -

Description:

- -

Policy for user domains

- - - - -

Interfaces:

- - -
- - -
- -userdom_bin_spec_domtrans_sysadm( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a generic bin program in the sysadm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_bin_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute bin_t in the unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dbus_send_all_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a dbus message to all user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_append_staff_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to append to the staff -users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_getattr_sysadm_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to get the -attributes of the sysadm users -home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_getattr_sysadm_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attepts to get the attributes -of sysadm ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_list_sysadm_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list the sysadm -users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_read_sysadm_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the sysadm -users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_relabelfrom_unpriv_users_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to relabel files from -unprivileged user pty types. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_search_all_users_home_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_search_generic_user_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Don't audit search on the user home subdirectory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_search_staff_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the staff -users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_search_sysadm_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to search the sysadm -users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_all_users_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit the file -descriptors from any user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_sysadm_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Dont audit attempts to read and write sysadm ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_sysadm_terms( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to use sysadm ttys and ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_sysadm_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to use sysadm ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_unpriv_user_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to inherit the -file descriptors from all user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_unpriv_users_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to use unprivileged -user ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_unpriv_users_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to use unprivileged -user ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_entry_spec_domtrans_sysadm( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute all entrypoint files in the sysadm domain. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_entry_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute all entrypoint files in unprivileged user -domains. This is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_generic_user_home_dir_filetrans_generic_user_home_content( - - - - - domain - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in generic user home directories -with automatic file type transition. -

- - -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-object_class - -

-The class of the object to be created. -If not specified, file is used. -

-		 -No -
-
-
- - -
- - -
- -userdom_getattr_all_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of all user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_getattr_sysadm_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Get the attributes of the sysadm users -home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_home_filetrans_generic_user_home_dir( - - - - - domain - - - )
-
-
- -
Summary
-

-Create generic user home directories -with automatic file type transition. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_all_users_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-List all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_sysadm_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-List the sysadm users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_unpriv_users_tmp( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all unprivileged users temporary directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_all_users_home_content_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete all directories -in all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_all_users_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete all files -in all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_all_users_home_content_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete all symlinks -in all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_generic_user_home_content_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete -subdirectories of generic user -home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_generic_user_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files -in generic user home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_generic_user_home_content_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named -pipes in generic user home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_generic_user_home_content_sockets( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named -sockets in generic user home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_generic_user_home_content_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic -links in generic user home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_unpriv_user_semaphores( - - - - - domain - - - )
-
-
- -
Summary
-

-Manage unpriviledged user SysV sempaphores. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_unpriv_user_shared_mem( - - - - - domain - - - )
-
-
- -
Summary
-

-Manage unpriviledged user SysV shared -memory segments. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_priveleged_home_dir_manager( - - - - - domain - - - )
-
-
- -
Summary
-

-Make the specified domain a privileged -home directory manager. -

- - -
Description
-

-

-Make the specified domain a privileged -home directory manager. This domain will be -able to manage the contents of all users -general home directory content, and create -files with the correct context. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_all_tmp_untrusted_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all user temporary untrusted content files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_all_untrusted_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all user untrusted content files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_all_users_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all files in all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_all_users_state( - - - - - domain - - - )
-
-
- -
Summary
-

-Read the process state of all user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_staff_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in the staff users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_sysadm_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read files in the sysadm users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_unpriv_users_home_content_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all unprivileged users home directory -files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_unpriv_users_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all unprivileged users temporary files. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_unpriv_users_tmp_symlinks( - - - - - domain - - - )
-
-
- -
Summary
-

-Read all unprivileged users temporary symbolic links. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_relabelto_unpriv_users_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Relabel files to unprivileged user pty types. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_rw_sysadm_pipes( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write sysadm user unnamed pipes. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_sbin_spec_domtrans_sysadm( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a generic sbin program in the sysadm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_sbin_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute generic sbin programs in all unprivileged user -domains. This is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_all_users_home_content( - - - - - domain - - - )
-
-
- -
Summary
-

-Search all users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_generic_user_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search generic user home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_staff_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the staff users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_sysadm_home_content_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the sysadm users home sub directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_sysadm_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search the sysadm users home directory. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_unpriv_users_home_dirs( - - - - - domain - - - )
-
-
- -
Summary
-

-Search all unprivileged users home directories. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_setattr_unpriv_users_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of user ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_shell_domtrans_sysadm( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a shell in the sysadm domain. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_sigchld_all_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to all user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_sigchld_sysadm( - - - - - domain - - - )
-
-
- -
Summary
-

-Send a SIGCHLD signal to sysadm users. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_signal_all_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Send general signals to all user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_signal_unpriv_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Send general signals to unprivileged user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_spec_domtrans_all_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a shell in all user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute a shell in all unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_sysadm_home_dir_filetrans( - - - - - domain - - - - , - - - - private type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in sysadm home directories -with automatic file type transition. -

- - -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-private type - -

-The type of the object to be created. -

-		 -No -
-object_class - -

-The class of the object to be created. -If not specified, file is used. -

-		 -No -
-
-
- - -
- - -
- -userdom_unconfined( - - - - - domain - - - )
-
-
- -
Summary
-

-Unconfined access to user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_all_users_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit the file descriptors from all user domains -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_sysadm_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit and use sysadm file descriptors -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_sysadm_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write sysadm ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_sysadm_terms( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write sysadm ttys and ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_sysadm_ttys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write sysadm ttys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_unpriv_users_fds( - - - - - domain - - - )
-
-
- -
Summary
-

-Inherit the file descriptors from unprivileged user domains. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_unpriv_users_ptys( - - - - - domain - - - )
-
-
- -
Summary
-

-Read and write unprivileged user ptys. -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_write_unpriv_users_tmp_files( - - - - - domain - - - )
-
-
- -
Summary
-

-Write all unprivileged users files in /tmp -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_xsession_spec_domtrans_all_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute an Xserver session in all unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_xsession_spec_domtrans_unpriv_users( - - - - - domain - - - )
-
-
- -
Summary
-

-Execute an Xserver session in all unprivileged user domains. This -is an explicit transition, requiring the -caller to use setexeccon(). -

- - -
Parameters
- - - - - -
Parameter:Description:Optional:
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -

Templates:

- - -
- - -
- -admin_user_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The template for creating an administrative user. -

- - -
Description
-

-

-This template creates a user domain, types, and -rules for the user's tty, pty, home directories, -tmp, and tmpfs files. -

-

-The privileges given to administrative users are: -

    -

  • Raw disk access

    • -

  • Set all sysctls

    • -

  • All kernel ring buffer controls

    • -

  • Set SELinux enforcement mode (enforcing/permissive)

    • -

  • Set SELinux booleans

    • -

  • Relabel all files but shadow

    • -

  • Create, read, write, and delete all files but shadow

    • -

  • Manage source and binary format SELinux policy

    • -

  • Run insmod

    • -

-

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., sysadm -is the prefix for sysadm_t). -

-		 -No -
-
-
- - -
- - -
- -base_user_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The template containing rules common to unprivileged -users and administrative users. -

- - -
Description
-

-

-This template creates a user domain, types, and -rules for the user's tty, pty, home directories, -tmp, and tmpfs files. -

-

-This generally should not be used, rather the -unpriv_user_template or admin_user_template should -be used. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -
- - -
- -unpriv_user_template( - - - - - userdomain_prefix - - - )
-
-
- -
Summary
-

-The template for creating a unprivileged user. -

- - -
Description
-

-

-This template creates a user domain, types, and -rules for the user's tty, pty, home directories, -tmp, and tmpfs files. -

-

- -
Parameters
- - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-
-
- - -
- - -
- -userdom_create_user_pty( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create a user pty. -

- - -
Description
-

-

-Create a user pty. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_append_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to append users -temporary files. -

- - -
Description
-

-

-Do not audit attempts to append users -temporary files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_exec_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to execute user home files. -

- - -
Description
-

-

-Do not audit attempts to execute user home files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_list_user_home_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list user home subdirectories. -

- - -
Description
-

-

-Do not audit attempts to list user home subdirectories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_list_user_tmp( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list user -temporary directories. -

- - -
Description
-

-

-Do not audit attempts to list user -temporary directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_list_user_tmp_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list user -temporary untrusted directories. -

- - -
Description
-

-

-Do not audit attempts to list user -temporary directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_list_user_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to list user -untrusted directories. -

- - -
Description
-

-

-Do not audit attempts to read user -untrusted directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_read_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read user home files. -

- - -
Description
-

-

-Do not audit attempts to read user home files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_read_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read users -temporary files. -

- - -
Description
-

-

-Do not audit attempts to read users -temporary files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_read_user_tmp_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read users -temporary untrusted files. -

- - -
Description
-

-

-Do not audit attempts to read users -temporary untrusted files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_read_user_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read users -untrusted files. -

- - -
Description
-

-

-Do not audit attempts to read users -untrusted files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_setattr_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to set the -attributes of user home files. -

- - -
Description
-

-

-Do not audit attempts to set the -attributes of user home files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_use_user_terminals( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to read and write -a user domain tty and pty. -

- - -
Description
-

-

-Do not audit attempts to read and write -a user domain tty and pty. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_dontaudit_write_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Do not audit attempts to write user home files. -

- - -
Description
-

-

-Do not audit attempts to write user home files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain to not audit. -

-		 -No -
-
-
- - -
- - -
- -userdom_exec_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Execute user home files. -

- - -
Description
-

-

-Execute user home files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_user_home_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-List user home directories. -

- - -
Description
-

-

-List user home directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_user_tmp( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-List user temporary directories. -

- - -
Description
-

-

-List user temporary directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_user_tmp_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-List users temporary untrusted directories. -

- - -
Description
-

-

-List users temporary untrusted directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_list_user_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-List users untrusted directories. -

- - -
Description
-

-

-List users untrusted directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_home_content_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete directories -in a user home subdirectory. -

- - -
Description
-

-

-Create, read, write, and delete directories -in a user home subdirectory. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete files -in a user home subdirectory. -

- - -
Description
-

-

-Create, read, write, and delete files -in a user home subdirectory. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_home_content_pipes( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named pipes -in a user home subdirectory. -

- - -
Description
-

-

-Create, read, write, and delete named pipes -in a user home subdirectory. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_home_content_sockets( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete named sockets -in a user home subdirectory. -

- - -
Description
-

-

-Create, read, write, and delete named sockets -in a user home subdirectory. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_home_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete symbolic links -in a user home subdirectory. -

- - -
Description
-

-

-Create, read, write, and delete symbolic links -in a user home subdirectory. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_tmp_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete user -temporary directories. -

- - -
Description
-

-

-Create, read, write, and delete user -temporary directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete user -temporary files. -

- - -
Description
-

-

-Create, read, write, and delete user -temporary files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_tmp_pipes( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete user -temporary named pipes. -

- - -
Description
-

-

-Create, read, write, and delete user -temporary named pipes. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_tmp_sockets( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete user -temporary named sockets. -

- - -
Description
-

-

-Create, read, write, and delete user -temporary named sockets. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_manage_user_tmp_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Create, read, write, and delete user -temporary symbolic links. -

- - -
Description
-

-

-Create, read, write, and delete user -temporary symbolic links. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user home files. -

- - -
Description
-

-

-Read user home files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_home_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user home subdirectory symbolic links. -

- - -
Description
-

-

-Read user home subdirectory symbolic links. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user temporary files. -

- - -
Description
-

-

-Read user temporary files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_tmp_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user -temporary symbolic links. -

- - -
Description
-

-

-Read user -temporary symbolic links. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_tmp_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user temporary untrusted files. -

- - -
Description
-

-

-Read user temporary untrusted files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_tmp_untrusted_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user temporary untrusted symbolic links. -

- - -
Description
-

-

-Read user temporary untrusted symbolic links. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user untrusted files. -

- - -
Description
-

-

-Read user untrusted files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_read_user_untrusted_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user untrusted symbolic links. -

- - -
Description
-

-

-Read user untrusted symbolic links. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_rw_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read and write user temporary files. -

- - -
Description
-

-

-Read and write user temporary files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_rw_user_tmpfs_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read user tmpfs files. -

- - -
Description
-

-

-Read user tmpfs files. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_search_user_home_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Search user home directories. -

- - -
Description
-

-

-Search user home directories. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_setattr_user_ptys( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of a user pty. -

- - -
Description
-

-

-Set the attributes of a user pty. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_setattr_user_ttys( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Set the attributes of a user domain tty. -

- - -
Description
-

-

-Set the attributes of a user domain tty. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_user_terminals( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read and write a user domain tty and pty. -

- - -
Description
-

-

-Read and write a user domain tty and pty. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_use_user_ttys( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Read and write a user domain tty. -

- - -
Description
-

-

-Read and write a user domain tty. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -
- - -
- -userdom_user_home_content( - - - - - userdomain_prefix - - - - , - - - - type - - - )
-
-
- -
Summary
-

-Make the specified type usable in a -user home directory. -

- - -
Description
-

-

-Make the specified type usable in a -user home directory. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-type - -

-Type to be used as a file in the -user home directory. -

-		 -No -
-
-
- - -
- - -
- -userdom_user_home_dir_filetrans( - - - - - userdomain_prefix - - - - , - - - - domain - - - - , - - - - private_type - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in a user home directory -with an automatic type transition to -a specified private type. -

- - -
Description
-

-

-Create objects in a user home directory -with an automatic type transition to -a specified private type. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-private_type - -

-The type of the object to create. -

-		 -No -
-object_class - -

-The class of the object to be created. If not -specified, file is used. -

-		 -No -
-
-
- - -
- - -
- -userdom_user_home_dir_filetrans_user_home_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - - , - - - - object_class - - - )
-
-
- -
Summary
-

-Create objects in a user home directory -with an automatic type transition to -the user home file type. -

- - -
Description
-

-

-Create objects in a user home directory -with an automatic type transition to -the user home file type. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-object_class - -

-The class of the object to be created. If not -specified, file is used. -

-		 -No -
-
-
- - -
- - -
- -userdom_user_home_domtrans( - - - - - userdomain_prefix - - - - , - - - - source_domain - - - - , - - - - target_domain - - - )
-
-
- -
Summary
-

-Do a domain transition to the specified -domain when executing a program in the -user home directory. -

- - -
Description
-

-

-Do a domain transition to the specified -domain when executing a program in the -user home directory. -

-

-No interprocess communication (signals, pipes, -etc.) is provided by this interface since -the domains are not owned by this module. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-source_domain - -

-Domain allowed access. -

-		 -No -
-target_domain - -

-Domain to transition to. -

-		 -No -
-
-
- - -
- - -
- -userdom_write_user_tmp_sockets( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
-
- -
Summary
-

-Write to user temporary named sockets. -

- - -
Description
-

-

-Write to user temporary named sockets. -

-

-This is a templated interface, and should only -be called from a per-userdomain template. -

-

- -
Parameters
- - - - - - - -
Parameter:Description:Optional:
-userdomain_prefix - -

-The prefix of the user domain (e.g., user -is the prefix for user_t). -

-		 -No -
-domain - -

-Domain allowed access. -

-		 -No -
-
-
- - -Return - - - -
- - diff --git a/www/api-docs/templates.html b/www/api-docs/templates.html deleted file mode 100644 index 10c481a..0000000 --- a/www/api-docs/templates.html +++ /dev/null @@ -1,4006 +0,0 @@ - - - - Security Enhanced Linux Reference Policy - - - - - - - -
-

Master template index:

- - -
-Module: -userdomain

-Layer: -system

-

- -admin_user_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The template for creating an administrative user. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_content_template( - - - - - prefix - - - )
-
- -
-

-Create a set of derived types for apache -web content. -

-
- -
- -
-Module: -apache

-Layer: -services

-

- -apache_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the apache module. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_domtrans_user_chk_passwd( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Run unix_chkpwd to check a password -for a user domain. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -authlogin_common_auth_domain_template( - - - - - userdomain_prefix - - - )
-
- -
-

-Common template to create a domain for authentication. -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -authlogin_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the authlogin module. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -base_user_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The template containing rules common to unprivileged -users and administrative users. -

-
- -
- -
-Module: -cdrecord

-Layer: -apps

-

- -cdrecord_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the cdrecord module. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_admin_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The administrative functions template for the cron module. -

-
- -
- -
-Module: -cron

-Layer: -services

-

- -cron_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the cron module. -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the dbus module. -

-
- -
- -
-Module: -dbus

-Layer: -services

-

- -dbus_system_bus_client_template( - - - - - domain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Template for creating connections to -the system DBUS. -

-
- -
- -
-Module: -djbdns

-Layer: -services

-

- -djbdns_daemontools_domain_template( - - - - - prefix - - - )
-
- -
-

-Create a set of derived types for djbdns -components that are directly supervised by daemontools. -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_auto_trans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -domain

-Layer: -kernel

-

- -domain_trans( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -ftp

-Layer: -services

-

- -ftp_per_userdomain_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The per user domain template for the ftp module. -

-
- -
- -
-Module: -gpg

-Layer: -apps

-

- -gpg_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - userdomain - - - - , - - - - role - - - )
-
- -
-

-The per user domain template for the gpg module. -

-
- -
- -
-Module: -irc

-Layer: -apps

-

- -irc_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the irc module. -

-
- -
- -
-Module: -java

-Layer: -apps

-

- -java_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the java module. -

-
- -
- -
-Module: -lockdev

-Layer: -apps

-

- -lockdev_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the lockdev module. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpd_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the lpd module. -

-
- -
- -
-Module: -lpd

-Layer: -services

-

- -lpr_admin_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The administrative functions template for the lpd module. -

-
- -
- -
-Module: -mailman

-Layer: -services

-

- -mailman_domain_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The template to define a mailmain domain. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_admin_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - )
-
- -
-

-Provide extra permissions for admin users -mail domain. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_base_mail_template( - - - - - domain_prefix - - - )
-
- -
-

-Basic mail transfer agent domain template. -

-
- -
- -
-Module: -mta

-Layer: -services

-

- -mta_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the mta module. -

-
- -
- -
-Module: -portage

-Layer: -admin

-

- -portage_compile_domain_template( - - - - - prefix - - - )
-
- -
-

-Template for portage sandbox. -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_domain_template( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_per_userdomain_template( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_public_domain_template( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_server_domain_template( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -postfix

-Layer: -services

-

- -postfix_user_domain_template( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -rpc

-Layer: -services

-

- -rpc_domain_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The template to define a rpc domain. -

-
- -
- -
-Module: -samba

-Layer: -services

-

- -samba_per_userdomain_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The per user domain template for the samba module. -

-
- -
- -
-Module: -screen

-Layer: -apps

-

- -screen_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the screen module. -

-
- -
- -
-Module: -spamassassin

-Layer: -services

-

- -spamassassin_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the spamassassin module. -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the ssh module. -

-
- -
- -
-Module: -ssh

-Layer: -services

-

- -ssh_server_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The template to define a ssh server. -

-
- -
- -
-Module: -su

-Layer: -admin

-

- -su_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the su module. -

-
- -
- -
-Module: -su

-Layer: -admin

-

- -su_restricted_domain_template( - - - - - ? - - - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -sudo

-Layer: -admin

-

- -sudo_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the sudo module. -

-
- -
- -
-Module: -tvtime

-Layer: -apps

-

- -tvtime_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the tvtime module. -

-
- -
- -
-Module: -uml

-Layer: -apps

-

- -uml_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the uml module. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -unpriv_user_template( - - - - - userdomain_prefix - - - )
-
- -
-

-The template for creating a unprivileged user. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_create_user_pty( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create a user pty. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_append_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to append users -temporary files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_exec_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to execute user home files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_list_user_home_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to list user home subdirectories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_list_user_tmp( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to list user -temporary directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_list_user_tmp_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to list user -temporary untrusted directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_list_user_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to list user -untrusted directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_read_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to read user home files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_read_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to read users -temporary files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_read_user_tmp_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to read users -temporary untrusted files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_read_user_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to read users -untrusted files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_setattr_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to set the -attributes of user home files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_use_user_terminals( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to read and write -a user domain tty and pty. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_dontaudit_write_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Do not audit attempts to write user home files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_exec_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Execute user home files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_user_home_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-List user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_user_tmp( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-List user temporary directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_user_tmp_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-List users temporary untrusted directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_list_user_untrusted_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-List users untrusted directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_home_content_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete directories -in a user home subdirectory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete files -in a user home subdirectory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_home_content_pipes( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named pipes -in a user home subdirectory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_home_content_sockets( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete named sockets -in a user home subdirectory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_home_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete symbolic links -in a user home subdirectory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_tmp_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete user -temporary directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete user -temporary files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_tmp_pipes( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete user -temporary named pipes. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_tmp_sockets( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete user -temporary named sockets. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_manage_user_tmp_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Create, read, write, and delete user -temporary symbolic links. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_home_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user home files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_home_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user home subdirectory symbolic links. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user temporary files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_tmp_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user -temporary symbolic links. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_tmp_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user temporary untrusted files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_tmp_untrusted_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user temporary untrusted symbolic links. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_untrusted_content_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user untrusted files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_read_user_untrusted_content_symlinks( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user untrusted symbolic links. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_rw_user_tmp_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read and write user temporary files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_rw_user_tmpfs_files( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read user tmpfs files. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_search_user_home_dirs( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Search user home directories. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_setattr_user_ptys( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Set the attributes of a user pty. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_setattr_user_ttys( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Set the attributes of a user domain tty. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_user_terminals( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read and write a user domain tty and pty. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_use_user_ttys( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Read and write a user domain tty. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_user_home_content( - - - - - userdomain_prefix - - - - , - - - - type - - - )
-
- -
-

-Make the specified type usable in a -user home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_user_home_dir_filetrans( - - - - - userdomain_prefix - - - - , - - - - domain - - - - , - - - - private_type - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in a user home directory -with an automatic type transition to -a specified private type. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_user_home_dir_filetrans_user_home_content( - - - - - userdomain_prefix - - - - , - - - - domain - - - - , - - - - object_class - - - )
-
- -
-

-Create objects in a user home directory -with an automatic type transition to -the user home file type. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_user_home_domtrans( - - - - - userdomain_prefix - - - - , - - - - source_domain - - - - , - - - - target_domain - - - )
-
- -
-

-Do a domain transition to the specified -domain when executing a program in the -user home directory. -

-
- -
- -
-Module: -userdomain

-Layer: -system

-

- -userdom_write_user_tmp_sockets( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Write to user temporary named sockets. -

-
- -
- -
-Module: -userhelper

-Layer: -apps

-

- -userhelper_per_userdomain_template( - - - - - userdomain_prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the userhelper module. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_common_domain_template( - - - - - prefix - - - )
-
- -
-

-Template to create types and rules common to -all X server domains. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_domtrans_user_xauth( - - - - - userdomain_prefix - - - - , - - - - domain - - - )
-
- -
-

-Transition to a user Xauthority domain. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_per_userdomain_template( - - - - - prefix - - - - , - - - - user_domain - - - - , - - - - user_role - - - )
-
- -
-

-The per user domain template for the xserver module. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_ro_session_template( - - - - - prefix - - - - , - - - - domain - - - - , - - - - tmpfs_type - - - )
-
- -
-

-Template for creating sessions on a -prefix X server, with read-only -access to the X server shared -memory segments. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_rw_session_template( - - - - - prefix - - - - , - - - - domain - - - - , - - - - tmpfs_type - - - )
-
- -
-

-Template for creating sessions on a -prefix X server, with read and write -access to the X server shared -memory segments. -

-
- -
- -
-Module: -xserver

-Layer: -services

-

- -xserver_user_client_template( - - - - - prefix - - - - , - - - - domain - - - - , - - - - tmpfs_type - - - )
-
- -
-

-Template for creating full client sessions -on a user X server. -

-
- -
- - -
- - diff --git a/www/html/Changelog.txt b/www/html/Changelog.txt deleted file mode 100644 index fd1d8e6..0000000 --- a/www/html/Changelog.txt +++ /dev/null @@ -1,287 +0,0 @@ -* Tue Mar 07 2006 Chris PeBenito - 20060307 -- Make all interface parameters required. -- Move boot_t, system_map_t, and modules_object_t to files module, - and move bootloader to admin layer. -- Add semanage policy for semodule from Dan Walsh. -- Remove allow_execmem from targeted policy domain_base_type(). -- Add users_extra and seusers support. -- Postfix fixes from Serge Hallyn. -- Run python and shell directly to interpret scripts so policy - sources need not be executable. -- Add desc tag XML to booleans and tunables, and add summary - to param XML tag, to make future translations possible. -- Remove unused lvm_vg_t. -- Many interface renames to improve naming consistency. -- Merge xdm into xserver. -- Remove kernel module reversed interfaces. -- Add filename attribute to module XML tag and lineno attribute to - interface XML tag. -- Changed QUIET build option to a yes or no option. -- Add a Makefile used for compiling loadable modules in a - user's development environment, building against policy headers. -- Add Make target for installing policy headers. -- Separate per-userdomain template expansion from the userdomain - module and add infrastructure to expand templates in the modules - that own the template. -- Enable secadm only for MLS policies. -- Remove role change rules in su and sudo since this functionality has been - removed from these programs. -- Add ctags Make target from Thomas Bleher. -- Collapse commands with grep piped to sed into one sed command. -- Fix type_change bug in term_user_pty(). -- Move ice_tmp_t from miscfiles to xserver. -- Login fixes from Serge Hallyn. -- Move xserver_log_t from xdm to xserver. -- Add lpr per-userdomain policy to lpd. -- Miscellaneous fixes from Dan Walsh. -- Change initrc_var_run_t interface noun from script_pid to utmp, - for greater clarity. -- Added modules: - certwatch - mono (Dan Walsh) - mrtg - portage - tvtime - userhelper - usernetctl - wine (Dan Walsh) - xserver - -* Tue Jan 17 2006 Chris PeBenito - 20060117 -- Adds support for generating corenetwork interfaces based on attributes - in addition to types. -- Permits the listing of multiple nodes in a network_node() that will be - given the same type. -- Add two new permission sets for stream sockets. -- Rename file type transition interfaces verb from create to - filetrans to differentiate it from create interfaces without - type transitions. -- Fix expansion of interfaces from disabled modules. -- Rsync can be long running from init, - added rules to allow this. -- Add polyinstantiation build option. -- Add setcontext to the association object class. -- Add apache relay and db connect tunables. -- Rename texrel_shlib_t to textrel_shlib_t. -- Add swat to samba module. -- Numerous miscellaneous fixes from Dan Walsh. -- Added modules: - alsa - automount - cdrecord - daemontools (Petre Rodan) - ddcprobe - djbdns (Petre Rodan) - fetchmail - irc - java - lockdev - logwatch (Dan Walsh) - openct - prelink (Dan Walsh) - publicfile (Petre Rodan) - readahead - roundup - screen - slocate (Dan Walsh) - slrnpull - smartmon - sysstat - ucspitcp (Petre Rodan) - usbmodules - vbetool (Dan Walsh) - -* Wed Dec 07 2005 Chris PeBenito - 20051207 -- Add unlabeled IPSEC association rule to domains with - networking permissions. -- Merge systemuser back in to users, as these files - do not need to be split. -- Add check for duplicate interface/template definitions. -- Move domain, files, and corecommands modules to kernel - layer to resolve some layering inconsistencies. -- Move policy build options out of Makefile into build.conf. -- Add yppasswd to nis module. -- Change optional_policy() to refer to the module name - rather than modulename.te. -- Fix labeling targets to use installed file_contexts rather - than partial file_contexts in the policy source directory. -- Fix build process to use make's internal vpath functions - to detect modules rather than using subshells and find. -- Add install target for modular policy. -- Add load target for modular policy. -- Add appconfig dependency to the load target. -- Miscellaneous fixes from Dan Walsh. -- Fix corenetwork gen_context()'s to expand during the policy - build phase instead of during the generation phase. -- Added policies: - amanda - avahi - canna - cyrus - dbskk - dovecot - distcc - i18n_input - irqbalance - lpd - networkmanager - pegasus - postfix - procmail - radius - rdisc - rpc - spamassassin - timidity - xdm - xfs - -* Wed Oct 19 2005 Chris PeBenito - 20051019 -- Many fixes to make loadable modules build. -- Add targets for sechecker. -- Updated to sedoctool to read bool files and tunable - files separately. -- Changed the xml tag of to to be consistent - with gen_bool(). -- Modified the implementation of segenxml to use regular - expressions. -- Rename context_template() to gen_context() to clarify - that its not a Reference Policy template, but a support - macro. -- Add disable_*_trans bool support for targeted policy. -- Add MLS module to handle MLS constraint exceptions, - such as reading up and writing down. -- Fix errors uncovered by sediff. -- Added policies: - anaconda - apache - apm - arpwatch - bluetooth - dmidecode - finger - ftp - kudzu - mailman - ppp - radvd - sasl - webalizer - -* Thu Sep 22 2005 Chris PeBenito - 20050922 -- Make logrotate, sendmail, sshd, and rpm policies - unconfined in the targeted policy so no special - modules.conf is required. -- Add experimental MCS support. -- Add appconfig for MLS. -- Add equivalents for old can_resolve(), can_ldap(), and - can_portmap() to sysnetwork. -- Fix base module compile issues. -- Added policies: - cpucontrol - cvs - ktalk - portmap - postgresql - rlogin - samba - snmp - stunnel - telnet - tftp - uucp - vpn - zebra - -* Wed Sep 07 2005 Chris PeBenito - 20050907 -- Fix errors uncovered by sediff. -- Doc tool will explicitly say a module does not have interfaces - or templates on the module page. -- Added policies: - comsat - dbus - dhcp - dictd - hal - inn - ntp - squid - -* Fri Aug 26 2005 Chris PeBenito - 20050826 -- Add Makefile support for building loadable modules. -- Add genclassperms.py tool to add require blocks - for loadable modules. -- Change sedoctool to make required modules part of base - by default, otherwise make as modules, in modules.conf. -- Fix segenxml to handle modules with no interfaces. -- Rename ipsec connect interface for consistency. -- Add missing parts of unix stream socket connect interface - of ipsec. -- Rename inetd connect interface for consistency. -- Rename interface for purging contents of tmp, for clarity, - since it allows deletion of classes other than file. -- Misc. cleanups. -- Added policies: - acct - bind - firstboot - gpm - howl - ldap - loadkeys - mysql - privoxy - quota - rshd - rsync - su - sudo - tcpd - tmpreaper - updfstab - -* Tue Aug 2 2005 Chris PeBenito - 20050802 -- Fix comparison bug in fc_sort. -- Fix handling of ordered and unordered HTML lists. -- Corenetwork now supports multiple network interfaces having the - same type. -- Doc tool now creates pages for global Booleans and global tunables. -- Doc tool now links directly to the interface/template in the - module page when it is selected in the interface/template index. -- Added support for layer summaries. -- Added policies: - ipsec - nscd - pcmcia - raid - -* Thu Jul 7 2005 Chris PeBenito - 20050707 -- Changed xml to have modules encapsulated by layer tags, rather - than putting layer="foo" in the module tags. Also in the future - we can put a summary and description for each layer. -- Added tool to infer interface, module, and layer tags. This will - now list all interfaces, even if they are missing xml docs. -- Shortened xml tag names. -- Added macros to declare interfaces and templates. -- Added interface call trace. -- Updated all xml documentation for shorter and inferred tags. -- Doc tool now displays templates in the web pages. -- Doc tool retains the user's settings in modules.conf and - tunables.conf if the files already exist. -- Modules.conf behavior has been changed to be a list of all - available modules, and the user can specify if the module is - built as a loadable module, included in the monolithic policy, - or excluded. -- Added policies: - fstools (fsck, mkfs, swapon, etc. tools) - logrotate - inetd - kerberos - nis (ypbind and ypserv) - ssh (server, client, and agent) - unconfined -- Added infrastructure for targeted policy support, only missing - transition boolean support. - -* Wed Jun 15 2005 Chris PeBenito - 20050615 - - Initial release diff --git a/www/html/contributing.html b/www/html/contributing.html deleted file mode 100644 index 9f43a8f..0000000 --- a/www/html/contributing.html +++ /dev/null @@ -1,4 +0,0 @@ -

Contributing

-

-If you are interested in working on refpolicy feel free to contact the developers at either selinux@tresys.com or on the SELinux mailing list. All public development related discussion happens on the SELinux mailing list. -

\ No newline at end of file diff --git a/www/html/documentation.html b/www/html/documentation.html deleted file mode 100644 index c02cdd1..0000000 --- a/www/html/documentation.html +++ /dev/null @@ -1,2 +0,0 @@ -

Documentation

-

Documentation is one of the primary goals of refpolicy. The current release has some documentation available in the form of a getting started guide. There is also interface documentation generated from the policy source.

\ No newline at end of file diff --git a/www/html/download.html b/www/html/download.html deleted file mode 100644 index 35ae3e5..0000000 --- a/www/html/download.html +++ /dev/null @@ -1,31 +0,0 @@ -

Download

- -

Dependencies

-

-A relatively modern system (e.g., Fedora Core 3/4 or RHEL 4) should easily support refpolicy. The only likely upgrade is a new version of checkpolicy. -RPMS are available on the files page. -

-

Build dependencies

-

- The SELinux reference policy has the following build-time - dependencies: -

-
    -
  • Checkpolicy 1.28 or higher
    • -
  • Python PyXML (only required to regenerate config files and documentation)
    • -
  • gcc (temporary, required to compile fc_sort until fix is upstreamed)
    • -
- -

Run-time dependencies

-

- The SELinux reference policy have the following run-time - dependencies: -

-
    -
  • Kernel that can support at least a version 16 policy, or higher
    • -
-

- Continue on to the Sourceforge - files - page to download the SELinux reference policy. -

diff --git a/www/html/getting-started.html b/www/html/getting-started.html deleted file mode 100644 index 25871ef..0000000 --- a/www/html/getting-started.html +++ /dev/null @@ -1,249 +0,0 @@ -

Getting Started

-

-This guide will walk you through the basics of creating a new reference policy -module. This will also serve as an introduction to the basics concepts and -philosophy of refpolicy. -

-

Creating A Module

-

-Modules are the principal organizing component in refpolicy. A module contains -the policy for an application or related group of applications, private and shared -resources, labeling information, and interfaces that allow other modules access -to the modules resources. The majority of the global policy has been eliminated -in refpolicy. Certain policy components, like users and object classes, are -still global in refpolicy, but almost all TE policy is now contained within a -module. -

-

-Let's create a new module called myapp. This is done by creating three files: -myapp.te, mayapp.fc, and myapp.if. The file myapp.te file will contain all of -the policy private to this module, including any types or attributes. The file -myapp.fc file will contain the file context labeling statement for this module. -Finally, the file myapp.if will contain the interfaces for this module (interfaces -will be explained below). -

-

Module TE Policy

-

-First create myapp.te and add the following: -

-
-policy_module(myapp,1.0)
-
-# Private type declarations
-type myapp_t;
-type myapp_exec_t;
-type myapp_log_t;
-type myapp_tmp_t;
-
-domain_type(myapp_t)
-domain_entry_file(myapp_t, myapp_exec_t)
-logging_log_file(myapp_log_t)
-files_tmp_file(myapp_tmp_t)
-
-
-

-

-This creates all of the types needed for this module, including a type for the -process, executables, log files, and temporary files. The first thing to notice -is that there are no attributes applied to any of these types. In refpolicy all -types and attributes can only be referred to in the module that declares them. -This means that it is not possible, for example, to directly refer to the domain -attribute. Instead, macros in other modules are used to declare that a type will -be used for a certain purpose. These macros will likely use attributes (but not -necessarily), but it allows the module that declared the attribute to strictly -control how it can be used. In this example interfaces are used to transform the -types into a domain, entry file, log file, and temporary file. -

-

-Let's expand this example further by allowing some access for these types. My -application needs access between it's own types and access to read random numbers. -The access between private types is written exactly the same way current policy -rules are written, i.e.: -

-
-allow myapp_t myapp_log_t:file ra_file_perms;
-allow myapp_t myapp_tmp_t:file create_file_perms;
-
-
-

This allows myapp_t to write to it's private types, but it needs to be able to -create its temporary files in /tmp. This requires a call to the files module.

-
-
-files_tmp_filetrans(myapp_t,myapp_tmp_t,file)
-
-
-

-This call to the files module allows myapp_t to create myapp_tmp_t files in -the /tmp directory. -

-

Module FC Policy

-

-The file contexts file lists files and the labels they should have. Create -myapp.fc and add the following: -

-
-/usr/bin/myapp	--	gen_context(system_u:object_r:myapp_exec_t,s0)
-
-
-

-The gen_context() macro has three parameters, the base SELinux label, -the MLS sensitivity, and the MCS category set (optional). When compiling a -module, the macro will add the appropriate MLS/MCS part to the label when needed. -

-

Module IF Policy

-

-The interface file creates the macros that other modules will use to gain access -to my resources. This allows the module that created the type or attribute to -define appropriate uses. Additionally, it provides a single point for -documentation. Create myapp.if and add the following: -

-
-## <summary>Myapp example policy</summary>
-## <desc>
-##	<p>
-##		More descriptive text about myapp.  The <desc>
-##		tag can also use <p>, <ul>, and <ol>
-##		html tags for formatting.
-##	</p>
-##	<p>
-##		This policy supports the following myapp features:
-##		<ul>
-##		<li>Feature A</li>
-##		<li>Feature B</li>
-##		<li>Feature C</li>
-##		</ul>
-##	</p>
-## </desc>
-
-########################################
-## <summary>
-##	Execute a domain transition to run myapp.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed to transition.
-##	</summary>
-## </param>
-interface(`myapp_domtrans',`
-	gen_requires(`
-		type myapp_t, myapp_exec_t;
-	')
-
-	domain_auto_trans($1,myapp_exec_t,myapp_t)
-
-	allow $1 myapp_t:fd use;
-	allow $1 myapp_t:fifo_file rw_file_perms;
-	allow $1 myapp_t:process sigchld;
-')
-
-########################################
-## <summary>
-##	Read myapp log files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed to read the log files.
-##	</summary>
-## </param>
-interface(`myapp_read_log',`
-	gen_requires(`
-		type myapp_log_t;
-	')
-
-	logging_search_logs($1)
-	allow $1 myapp_log_t:file r_file_perms;
-')
-
-
-

-The first interface allows other domains to do a domain -transition to myapp_t, by executing a program labeled myapp_exec_t. -

-

-The second interface allows other domains to read myapp's log files. Myapp's -log files are in the /var/log directory, so the access to search the /var/log -directory is also given by the interface. The gen_requires() macro is used to -support loadable policy modules, and must explicitly list the type and attributes -used by this interface. If object classes of a userland object manager are used, -the class and the permissions used by the interface must also be listed. -

-

-

Compiling Modules

-

-Two methods of building modules are supported, headers and complete source. -Current systems, such as Fedora Core 5, which support loadable policy modules -should compile modules using headers. Using the complete source for building -modules is only needed if loadable modules are not supported on the system or -if when doing other modifications to the base policy. Genereally this is only -suggested for experts. -

-

Building Using Policy Headers

-

-When building a loadable policy module, the three module source files need not -be in a specific directory. A development directory in the user's home directory -would be sufficient. In this example, lets place it in the policy directory -in the home directory. The example Makefile should be copied to this directory. -It is usually located in the /usr/share/doc/PKGNAME directory, where PKGNAME -is the name of the policy package that has the policy headers. -

-
-
-$ cp /usr/share/doc/refpolicy-20060307/Makefile.example ~/policy/Makefile
-
-
-

-Alternatively, this can be copied from the Reference Policy source, from the doc -directory. The Makefile is not required, but will simplify the process. -

-

-Now the policy directory should have the three module source files and Makefile. -All that needs to be done is to run make, and the policy will be compiled. -

-

-
-$ make
-Compiling targeted myapp module
-/usr/bin/checkmodule:  loading policy configuration from tmp/myapp.tmp
-/usr/bin/checkmodule:  policy configuration loaded
-/usr/bin/checkmodule:  writing binary representation (version 5) to tmp/myapp.mod
-Creating targeted myapp.pp policy package
-
-
-

-If you do not have the example Makefile, you must tell make where to find the -policy header's Makefile, by using the -f option. The Makefile for the base -policy provided by the Linux distribution should be found in the -/usr/share/selinux/NAME/include directory, where NAME is the name -of the policy, for example, strict or targeted. -

-
-
-$ make -f /usr/share/selinux/targeted/include/Makefile
-Compiling targeted myapp module
-/usr/bin/checkmodule:  loading policy configuration from tmp/myapp.tmp
-/usr/bin/checkmodule:  policy configuration loaded
-/usr/bin/checkmodule:  writing binary representation (version 5) to tmp/myapp.mod
-Creating targeted myapp.pp policy package
-
-
-

-When this succeeds, there will be a myapp.pp policy package that can be inserted -into the running policy To load the module, you must be running as root, in a -role allowed to run semodule. Then run semodule -i to insert the module into -the running policy. -

-
-
-# semodule -i myapp.pp
-
-
-

-The semodule command will only have messages if there is an error inserting the -module. If it succeeds, semodule -l should list the myapp module, and the version. -

-
-
-# semodule -l
-myapp   1.0
-
-
diff --git a/www/html/index.html b/www/html/index.html deleted file mode 100644 index a105337..0000000 --- a/www/html/index.html +++ /dev/null @@ -1,92 +0,0 @@ -

Project Overview

-

-The SELinux Reference Policy project (refpolicy) is creating a complete SELinux -policy as an alternative to the existing strict and targeted policies available -from http://selinux.sf.net. Once complete, -this policy will be able to be used as the system policy for a variety of -systems and used as the basis for creating other policies. Refpolicy is based on -the current strict and targeted policies, but aims to accomplish many additional -goals. -

-
-

-Refpolicy is under active development, with support and full time development -staff from Tresys Technology. The -current release is available from the download -page. The status page has more details on -what is included in the current release. -

-
-

-The project is always looking for policy developers interested in contributing. -See the getting started guide for -more information on writing Refpolicy modules. -

-
-

Project Goals

-

Security is the reason for existence for SELinux policies and must, -therefore, always be the first priority. The common view of security as a binary -state (secure or not secure) is not a sufficient goal for developing an SELinux -policy. In reality, different systems have different requirements and purposes -and corresponding differences in the meaning of secure. What is a fundamental -security flaw on one system might be the acceptable, or even the primary -functionality, of another. The challenge for a system policies like the current -strict and targeted policy or refpolicy is to support as many of these differring -security goals as is practical. To accomplish this refpolicy will provide: -

-
    -
  • Strong Modularity: central to the design of the policy is - strict modularity. Access to resources are abstracted, and - implementation details are encapsulated in the module. -
    • -
  • Security Goals: clearly stated security goals will for each - component of the policy. This will allow policy developers to - determine if a given component meets their security needs. -
    • -
  • Documentation: the difficulty and complexity of creating - SELinux policies has become the number one barrier to the - adoption of SELinux. It also potentially reduces the security - of the policies: a policy that is too complex to easily - understand is difficult to make secure. Refpolicy will make - aggressive improvements in this area by including documentation - for modules and their interfaces as a critical part of the - infrastructure. See the documentation - page for more information. -
    • -
  • Development Tool Support: In addition to documentation, - Refpolicy aims to make improvements in this area, making - policies easier to develop, understand, analyze, and verify by adding - interface call backtraces which can be used for debugging and - graphical development tools. -
    • -
  • Forward Looking: Refpolicy aims to support a variety of - policy configurations and formats, including standard source - policies, MLS policies, and loadable policy modules - all from the same source tree. This is done through the addition - of infrastructure for automatically handling the differences - between source and loadable module based policies and the - additional MLS fields to all policy statements that include - contexts. -
    • -
  • Configurability: configuration tools that allow the - policy developer to make important security decisions including - defining roles, configuring networking, and trading legacy - compatibility for increased security. -
    • -
  • Flexible Base Policy: a base policy that protects the basic - operating system and serves as a foundation to the rest of the - policy. This base policy should be able to support a variety of - application policies with differing security goals. -
    • -
  • Application Policy Variations: application policy variations - that make different security tradeoffs. For example, two Apache - policies might be created, one that is for serving read-only - static content that is severely restricted, and another that is - appropriate for dynamic content. -
    • -
  • Multi-Level Security: MLS will be supported out-of-the-box - without requiring destructive changes to the policy. It will be - possible to compile and MLS and non-MLS policy from the same - policy files by switching a configuration option. -
    • -
diff --git a/www/html/menu.html b/www/html/menu.html deleted file mode 100644 index f9005b3..0000000 --- a/www/html/menu.html +++ /dev/null @@ -1,10 +0,0 @@ - Reference Policy Home
- Status/Roadmap
- Contributing
- Documentation
- - Getting Started
- - Use Reference Policy
- - Interface Reference
- Download
- diff --git a/www/html/outer.html b/www/html/outer.html deleted file mode 100644 index d155d7a..0000000 --- a/www/html/outer.html +++ /dev/null @@ -1,15 +0,0 @@ - - -Security Enhanced Linux Reference Policy - - - - - -
- {$body} -
- - diff --git a/www/html/status.html b/www/html/status.html deleted file mode 100644 index 56e44fa..0000000 --- a/www/html/status.html +++ /dev/null @@ -1,196 +0,0 @@ -

Status

-Current Version: 20060307 -

- See download for download - information. Details of this release are part of the changelog. - This release focused on improving the consistency of interface names - in an effort to stabilize the Reference Policy interfaces. - Currently both strict and targeted policies can - be built. MLS policies can be built, but the policy is still undergoing - testing on running systems. -

-

 

-

Status and Tasks

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Reference Policy Status
Task/ComponentStatusDescription
Policy StructureCompleteThe policy is converted over to new Reference Policy structure
TE PolicyConversion OngoingConversion of old policy to Reference Policy modules is ongoing
Loadable Policy ModulesMajor improvementsInfrastructure is in place to support both source policy and - loadable policy modules. Makefile support completed.
Documentation InfrastructureInterfaces, templates, Booleans, and tunables completeTools to create webpages from the module interface and - template documentation is complete. Global Booleans and - tunables are supported. Booleans and tunables local to - policies are planned.
Policy DocumentationOngoingMost modules are documented.
Unused ModulesCompleteModules can be disabled by using modules.conf.
MLS InfrastructureMinor improvementsMLS infrastructure added to support easy conversion between - MLS and non-MLS policy. Policy is compilable, but - only lightly tested.
MCS SupportMinor improvementsMLS infrastructure has been extended to support MCS - categories in users and all contexts. MCS constraints - have been added. Policy has been tested in the - targeted-mcs policy configuration.
Network InfrastructureMinor improvementsAll network ports, nodes, and interfaces moved to - corenetwork module, interfaces generated automatically. - Plan to add more infrastructure for configuration of - ports, nodes, and interfaces.
User domains and rolesMinor improvementsSome infrastructure added to support per-user domain policy, - e.g., to create types and policy for ssh, - for each user. Plan to add infrastructure to easily - configure userdomains and roles.
LabelingMinor improvementsAll labeling moved to modules, consistent with Reference - Policy structure. Levels can be added to the labels - without changes to the policy.
TunablesMinor improvementsTunables are documented and included in the webpage policy - documentation.
UsersUnchangedAssignment of users to roles.
ConstraintsUnchangedPlan to split up into relevant modules when loadable modules - support this. There are ordering problems with source - policies.
FlaskUnchangedHeaders for the policy, describing object classes, and - their permissions. No planned changes.
-

 

- -

Policy Conversion

-

-This phase of reference policy development involves the conversion of policies -from the example policy. Please use the current NSA example policy -in -NSA SourceForge CVS. -For those who wish to contribute, here is a listing of modules which need to be -converted: -

- - - - - - - - - - - - - - - - -
Policy Module Status
Module NamePrevious Policy FilesAssigned To
gnomegnome.te gnome.fc gnome_macros.te gnome_vfs.te gnome_vfs.fc gnome_vfs_macros.te gnome-pty-helper.te gnome-pty-helper.fc gph_macros.te bonobo.te bonobo.fc bonobo_macros.te gconf.te gconf.fc gconf_macros.te orbit.te orbit.fc orbit_macros.teTresys
- -

Testing Status

-

-Reference policy is used as the basis of all of the Fedora Core 5 policies. -

diff --git a/www/html/switch.html b/www/html/switch.html deleted file mode 100644 index 9c907c4..0000000 --- a/www/html/switch.html +++ /dev/null @@ -1,137 +0,0 @@ -

Switching to Targeted Reference Policy

-

- The targeted policy is now available on Fedora Core 5 systems, as selinux-policy-targeted 2.*. - If you are using Rawhide, simply update your policy using yum. - This guide will walk you through switching to the targeted reference - policy on a Fedora system not using these repositories. -

-

- Download and unpack the policy -

-

- The policy is available - from Sourceforge. Download the policy, and unpack it to a temporary - directory. Then use the install-src make target to install the policy - sources. -

-
-
-# tar -jxvf refpolicy-20050922.tar.bz2 -C /tmp
-# cd /tmp/refpolicy
-# make install-src
-
-
-

- Configure the policy -

-

- The policy source is found in the - /etc/selinux/refpolicy/src/policy/ directory. -

-
-
-# cd /etc/selinux/refpolicy/src/policy
-
-
-

- Edit the policy Makefile (/etc/selinux/refpolicy/src/policy/Makefile). - Near the top of the file, the policy has a few build options. - The TYPE needs to be set to targeted, the DISTRO option needs to be - uncommented and set to redhat, and DIRECT_INITRC should be set to y. -

-
-
-########################################
-#
-# Configurable portions of the Makefile
-#
-
-# Policy version
-# By default, checkpolicy will create the highest
-# version policy it supports.  Setting this will
-# override the version.
-#OUTPUT_POLICY = 18
-
-# Policy Type
-# strict, targeted,
-# strict-mls, targeted-mls,
-# strict-mcs, targeted-mcs
-TYPE = targeted
-
-# Policy Name
-# If set, this will be used as the policy
-# name.  Otherwise the policy type will be
-# used for the name.
-NAME = refpolicy
-
-# Distribution
-# Some distributions have portions of policy
-# for programs or configurations specific to the
-# distribution.  Setting this will enable options
-# for the distribution.
-# redhat, gentoo, debian, and suse are current options.
-# Fedora users should enable redhat.
-DISTRO = redhat
-
-# Direct admin init
-# Setting this will allow sysadm to directly
-# run init scripts, instead of requring run_init.
-# This is a build option, as role transitions do
-# not work in conditional policy.
-DIRECT_INITRC=y
-
-# Build monolithic policy.  Putting n here
-# will build a loadable module policy.
-# Only monolithic policies are currently supported.
-MONOLITHIC=y
-
-# Uncomment this to disable command echoing
-QUIET:=n
-
-
-

- Install the policy -

-

- Next, install the policy, application configuration files, and - file contexts. -

-
-
-# make install
-
-
-

- Change SELinux Configuration -

-

- Modify the /etc/selinux/config file, and set SELINUXTYPE to refpolicy. - It should look similar to this: -

-
-
-# This file controls the state of SELinux on the system.
-# SELINUX= can take one of these three values:
-#       enforcing - SELinux security policy is enforced.
-#       permissive - SELinux prints warnings instead of enforcing.
-#       disabled - No SELinux policy is loaded.
-SELINUX=enforcing
-# SELINUXTYPE= can take one of these two values:
-#       targeted - Only targeted network daemons are protected.
-#       strict - Full SELinux protection.
-SELINUXTYPE=refpolicy
-
-
-

- Restart and Relabel -

-

- The system needs to be restarted with the new policy, and relabeled - on booting, to finalize the switch. -

-
-
-# touch /.autorelabel
-# shutdown -r now
-
-
diff --git a/www/index.php b/www/index.php deleted file mode 100644 index 0297ccb..0000000 --- a/www/index.php +++ /dev/null @@ -1,22 +0,0 @@ -left_delimiter = '\n"; - $_ret .= "\n"; - - return $_ret; - - - } elseif ($encode == 'hex') { - - preg_match('!^(.*)(\?.*)$!',$address,$match); - if(!empty($match[2])) { - $smarty->trigger_error("mailto: hex encoding does not work with extra attributes. Try javascript."); - return; - } - $address_encode = ''; - for ($x=0; $x < strlen($address); $x++) { - if(preg_match('!\w!',$address[$x])) { - $address_encode .= '%' . bin2hex($address[$x]); - } else { - $address_encode .= $address[$x]; - } - } - $text_encode = ''; - for ($x=0; $x < strlen($text); $x++) { - $text_encode .= '&#x' . bin2hex($text[$x]).';'; - } - - $mailto = "mailto:"; - return ''.$text_encode.''; - - } else { - // no encoding - return ''.$text.''; - - } - -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/function.math.php b/www/smarty/plugins/function.math.php deleted file mode 100644 index 0439107..0000000 --- a/www/smarty/plugins/function.math.php +++ /dev/null @@ -1,83 +0,0 @@ - - * Name: math
- * Purpose: handle math computations in template
- * @link http://smarty.php.net/manual/en/language.function.math.php {math} - * (Smarty online manual) - * @param array - * @param Smarty - * @return string - */ -function smarty_function_math($params, &$smarty) -{ - // be sure equation parameter is present - if (empty($params['equation'])) { - $smarty->trigger_error("math: missing equation parameter"); - return; - } - - $equation = $params['equation']; - - // make sure parenthesis are balanced - if (substr_count($equation,"(") != substr_count($equation,")")) { - $smarty->trigger_error("math: unbalanced parenthesis"); - return; - } - - // match all vars in equation, make sure all are passed - preg_match_all("!(?:0x[a-fA-F0-9]+)|([a-zA-Z][a-zA-Z0-9_]+)!",$equation, $match); - $allowed_funcs = array('int','abs','ceil','cos','exp','floor','log','log10', - 'max','min','pi','pow','rand','round','sin','sqrt','srand','tan'); - - foreach($match[1] as $curr_var) { - if ($curr_var && !in_array($curr_var, array_keys($params)) && !in_array($curr_var, $allowed_funcs)) { - $smarty->trigger_error("math: function call $curr_var not allowed"); - return; - } - } - - foreach($params as $key => $val) { - if ($key != "equation" && $key != "format" && $key != "assign") { - // make sure value is not empty - if (strlen($val)==0) { - $smarty->trigger_error("math: parameter $key is empty"); - return; - } - if (!is_numeric($val)) { - $smarty->trigger_error("math: parameter $key: is not numeric"); - return; - } - $equation = preg_replace("/\b$key\b/",$val, $equation); - } - } - - eval("\$smarty_math_result = ".$equation.";"); - - if (empty($params['format'])) { - if (empty($params['assign'])) { - return $smarty_math_result; - } else { - $smarty->assign($params['assign'],$smarty_math_result); - } - } else { - if (empty($params['assign'])){ - printf($params['format'],$smarty_math_result); - } else { - $smarty->assign($params['assign'],sprintf($params['format'],$smarty_math_result)); - } - } -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/function.popup.php b/www/smarty/plugins/function.popup.php deleted file mode 100644 index 2ba54de..0000000 --- a/www/smarty/plugins/function.popup.php +++ /dev/null @@ -1,117 +0,0 @@ - - * Name: popup
- * Purpose: make text pop up in windows via overlib - * @link http://smarty.php.net/manual/en/language.function.popup.php {popup} - * (Smarty online manual) - * @param array - * @param Smarty - * @return string - */ -function smarty_function_popup($params, &$smarty) -{ - $append = ''; - foreach ($params as $_key=>$_value) { - switch ($_key) { - case 'text': - case 'trigger': - case 'function': - case 'inarray': - $$_key = (string)$_value; - if ($_key == 'function' || $_key == 'inarray') - $append .= ',' . strtoupper($_key) . ",'$_value'"; - break; - - case 'caption': - case 'closetext': - case 'status': - $append .= ',' . strtoupper($_key) . ",'" . str_replace("'","\'",$_value) . "'"; - break; - - case 'fgcolor': - case 'bgcolor': - case 'textcolor': - case 'capcolor': - case 'closecolor': - case 'textfont': - case 'captionfont': - case 'closefont': - case 'fgbackground': - case 'bgbackground': - case 'caparray': - case 'capicon': - case 'background': - case 'frame': - $append .= ',' . strtoupper($_key) . ",'$_value'"; - break; - - case 'textsize': - case 'captionsize': - case 'closesize': - case 'width': - case 'height': - case 'border': - case 'offsetx': - case 'offsety': - case 'snapx': - case 'snapy': - case 'fixx': - case 'fixy': - case 'padx': - case 'pady': - case 'timeout': - case 'delay': - $append .= ',' . strtoupper($_key) . ",$_value"; - break; - - case 'sticky': - case 'left': - case 'right': - case 'center': - case 'above': - case 'below': - case 'noclose': - case 'autostatus': - case 'autostatuscap': - case 'fullhtml': - case 'hauto': - case 'vauto': - case 'mouseoff': - case 'followmouse': - if ($_value) $append .= ',' . strtoupper($_key); - break; - - default: - $smarty->trigger_error("[popup] unknown parameter $_key", E_USER_WARNING); - } - } - - if (empty($text) && !isset($inarray) && empty($function)) { - $smarty->trigger_error("overlib: attribute 'text' or 'inarray' or 'function' required"); - return false; - } - - if (empty($trigger)) { $trigger = "onmouseover"; } - - $retval = $trigger . '="return overlib(\''.preg_replace(array("!'!","![\r\n]!"),array("\'",'\r'),$text).'\''; - $retval .= $append . ');"'; - if ($trigger == 'onmouseover') - $retval .= ' onmouseout="nd();"'; - - - return $retval; -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/function.popup_init.php b/www/smarty/plugins/function.popup_init.php deleted file mode 100644 index f62c33c..0000000 --- a/www/smarty/plugins/function.popup_init.php +++ /dev/null @@ -1,39 +0,0 @@ - - * Name: popup_init
- * Purpose: initialize overlib - * @link http://smarty.php.net/manual/en/language.function.popup.init.php {popup_init} - * (Smarty online manual) - * @param array - * @param Smarty - * @return string - */ -function smarty_function_popup_init($params, &$smarty) -{ - $zindex = 1000; - - if (!empty($params['zindex'])) { - $zindex = $params['zindex']; - } - - if (!empty($params['src'])) { - return '' . "\n" - . '' . "\n"; - } else { - $smarty->trigger_error("popup_init: missing src parameter"); - } -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.capitalize.php b/www/smarty/plugins/modifier.capitalize.php deleted file mode 100644 index 2b9169c..0000000 --- a/www/smarty/plugins/modifier.capitalize.php +++ /dev/null @@ -1,42 +0,0 @@ - - * Name: capitalize
- * Purpose: capitalize words in the string - * @link http://smarty.php.net/manual/en/language.modifiers.php#LANGUAGE.MODIFIER.CAPITALIZE - * capitalize (Smarty online manual) - * @param string - * @return string - */ -function smarty_modifier_capitalize($string, $uc_digits = false) -{ - smarty_modifier_capitalize_ucfirst(null, $uc_digits); - return preg_replace_callback('!\b\w+\b!', 'smarty_modifier_capitalize_ucfirst', $string); -} - -function smarty_modifier_capitalize_ucfirst($string, $uc_digits = null) -{ - static $_uc_digits = false; - - if(isset($uc_digits)) { - $_uc_digits = $uc_digits; - return; - } - - if(!preg_match('!\d!',$string[0]) || $_uc_digits) - return ucfirst($string[0]); - else - return $string[0]; -} - - -?> diff --git a/www/smarty/plugins/modifier.cat.php b/www/smarty/plugins/modifier.cat.php deleted file mode 100644 index 2e37940..0000000 --- a/www/smarty/plugins/modifier.cat.php +++ /dev/null @@ -1,33 +0,0 @@ - - * Name: cat
- * Date: Feb 24, 2003 - * Purpose: catenate a value to a variable - * Input: string to catenate - * Example: {$var|cat:"foo"} - * @link http://smarty.php.net/manual/en/language.modifier.cat.php cat - * (Smarty online manual) - * @author Monte Ohrt - * @version 1.0 - * @param string - * @param string - * @return string - */ -function smarty_modifier_cat($string, $cat) -{ - return $string . $cat; -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.count_characters.php b/www/smarty/plugins/modifier.count_characters.php deleted file mode 100644 index 49ce655..0000000 --- a/www/smarty/plugins/modifier.count_characters.php +++ /dev/null @@ -1,31 +0,0 @@ - - * Name: count_characteres
- * Purpose: count the number of characters in a text - * @link http://smarty.php.net/manual/en/language.modifier.count.characters.php - * count_characters (Smarty online manual) - * @param string - * @param boolean include whitespace in the character count - * @return integer - */ -function smarty_modifier_count_characters($string, $include_spaces = false) -{ - if ($include_spaces) - return(strlen($string)); - - return preg_match_all("/[^\s]/",$string, $match); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.count_paragraphs.php b/www/smarty/plugins/modifier.count_paragraphs.php deleted file mode 100644 index 6a9833c..0000000 --- a/www/smarty/plugins/modifier.count_paragraphs.php +++ /dev/null @@ -1,28 +0,0 @@ - - * Name: count_paragraphs
- * Purpose: count the number of paragraphs in a text - * @link http://smarty.php.net/manual/en/language.modifier.count.paragraphs.php - * count_paragraphs (Smarty online manual) - * @param string - * @return integer - */ -function smarty_modifier_count_paragraphs($string) -{ - // count \r or \n characters - return count(preg_split('/[\r\n]+/', $string)); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.count_sentences.php b/www/smarty/plugins/modifier.count_sentences.php deleted file mode 100644 index 0c210f0..0000000 --- a/www/smarty/plugins/modifier.count_sentences.php +++ /dev/null @@ -1,28 +0,0 @@ - - * Name: count_sentences - * Purpose: count the number of sentences in a text - * @link http://smarty.php.net/manual/en/language.modifier.count.paragraphs.php - * count_sentences (Smarty online manual) - * @param string - * @return integer - */ -function smarty_modifier_count_sentences($string) -{ - // find periods with a word before but not after. - return preg_match_all('/[^\s]\.(?!\w)/', $string, $match); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.count_words.php b/www/smarty/plugins/modifier.count_words.php deleted file mode 100644 index 42c8a74..0000000 --- a/www/smarty/plugins/modifier.count_words.php +++ /dev/null @@ -1,32 +0,0 @@ - - * Name: count_words
- * Purpose: count the number of words in a text - * @link http://smarty.php.net/manual/en/language.modifier.count.words.php - * count_words (Smarty online manual) - * @param string - * @return integer - */ -function smarty_modifier_count_words($string) -{ - // split text by ' ',\r,\n,\f,\t - $split_array = preg_split('/\s+/',$string); - // count matches that contain alphanumerics - $word_count = preg_grep('/[a-zA-Z0-9\\x80-\\xff]/', $split_array); - - return count($word_count); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.date_format.php b/www/smarty/plugins/modifier.date_format.php deleted file mode 100644 index 2f36b3b..0000000 --- a/www/smarty/plugins/modifier.date_format.php +++ /dev/null @@ -1,48 +0,0 @@ -_get_plugin_filepath('shared','make_timestamp'); -/** - * Smarty date_format modifier plugin - * - * Type: modifier
- * Name: date_format
- * Purpose: format datestamps via strftime
- * Input:
- * - string: input date string - * - format: strftime format for output - * - default_date: default date if $string is empty - * @link http://smarty.php.net/manual/en/language.modifier.date.format.php - * date_format (Smarty online manual) - * @param string - * @param string - * @param string - * @return string|void - * @uses smarty_make_timestamp() - */ -function smarty_modifier_date_format($string, $format="%b %e, %Y", $default_date=null) -{ - if (substr(PHP_OS,0,3) == 'WIN') { - $_win_from = array ('%e', '%T', '%D'); - $_win_to = array ('%#d', '%H:%M:%S', '%m/%d/%y'); - $format = str_replace($_win_from, $_win_to, $format); - } - if($string != '') { - return strftime($format, smarty_make_timestamp($string)); - } elseif (isset($default_date) && $default_date != '') { - return strftime($format, smarty_make_timestamp($default_date)); - } else { - return; - } -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.debug_print_var.php b/www/smarty/plugins/modifier.debug_print_var.php deleted file mode 100644 index b9bb184..0000000 --- a/www/smarty/plugins/modifier.debug_print_var.php +++ /dev/null @@ -1,56 +0,0 @@ - - * Name: debug_print_var
- * Purpose: formats variable contents for display in the console - * @link http://smarty.php.net/manual/en/language.modifier.debug.print.var.php - * debug_print_var (Smarty online manual) - * @param array|object - * @param integer - * @param integer - * @return string - */ -function smarty_modifier_debug_print_var($var, $depth = 0, $length = 40) -{ - $_replace = array("\n"=>'\n', "\r"=>'\r', "\t"=>'\t'); - if (is_array($var)) { - $results = "Array (".count($var).")"; - foreach ($var as $curr_key => $curr_val) { - $return = smarty_modifier_debug_print_var($curr_val, $depth+1, $length); - $results .= "
".str_repeat(' ', $depth*2)."".strtr($curr_key, $_replace)." => $return"; - } - } else if (is_object($var)) { - $object_vars = get_object_vars($var); - $results = "".get_class($var)." Object (".count($object_vars).")"; - foreach ($object_vars as $curr_key => $curr_val) { - $return = smarty_modifier_debug_print_var($curr_val, $depth+1, $length); - $results .= "
".str_repeat(' ', $depth*2)."$curr_key => $return"; - } - } else if (is_resource($var)) { - $results = ''.(string)$var.''; - } else if (empty($var) && $var != "0") { - $results = 'empty'; - } else { - if (strlen($var) > $length ) { - $results = substr($var, 0, $length-3).'...'; - } else { - $results = $var; - } - $results = htmlspecialchars($results); - $results = strtr($results, $_replace); - } - return $results; -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.default.php b/www/smarty/plugins/modifier.default.php deleted file mode 100644 index 8268e39..0000000 --- a/www/smarty/plugins/modifier.default.php +++ /dev/null @@ -1,31 +0,0 @@ - - * Name: default
- * Purpose: designate default value for empty variables - * @link http://smarty.php.net/manual/en/language.modifier.default.php - * default (Smarty online manual) - * @param string - * @param string - * @return string - */ -function smarty_modifier_default($string, $default = '') -{ - if (!isset($string) || $string === '') - return $default; - else - return $string; -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.escape.php b/www/smarty/plugins/modifier.escape.php deleted file mode 100644 index a32a876..0000000 --- a/www/smarty/plugins/modifier.escape.php +++ /dev/null @@ -1,89 +0,0 @@ - - * Name: escape
- * Purpose: Escape the string according to escapement type - * @link http://smarty.php.net/manual/en/language.modifier.escape.php - * escape (Smarty online manual) - * @param string - * @param html|htmlall|url|quotes|hex|hexentity|javascript - * @return string - */ -function smarty_modifier_escape($string, $esc_type = 'html') -{ - switch ($esc_type) { - case 'html': - return htmlspecialchars($string, ENT_QUOTES); - - case 'htmlall': - return htmlentities($string, ENT_QUOTES); - - case 'url': - return rawurlencode($string); - - case 'quotes': - // escape unescaped single quotes - return preg_replace("%(?'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n',''<\/')); - - case 'mail': - // safe way to display e-mail address on a web page - return str_replace(array('@', '.'),array(' [AT] ', ' [DOT] '), $string); - - case 'nonstd': - // escape non-standard chars, such as ms document quotes - $_res = ''; - for($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) { - $_ord = ord($string{$_i}); - // non-standard char, escape it - if($_ord >= 126){ - $_res .= '&#' . $_ord . ';'; - } - else { - $_res .= $string{$_i}; - } - } - return $_res; - - default: - return $string; - } -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.indent.php b/www/smarty/plugins/modifier.indent.php deleted file mode 100644 index 1642bac..0000000 --- a/www/smarty/plugins/modifier.indent.php +++ /dev/null @@ -1,27 +0,0 @@ - - * Name: indent
- * Purpose: indent lines of text - * @link http://smarty.php.net/manual/en/language.modifier.indent.php - * indent (Smarty online manual) - * @param string - * @param integer - * @param string - * @return string - */ -function smarty_modifier_indent($string,$chars=4,$char=" ") -{ - return preg_replace('!^!m',str_repeat($char,$chars),$string); -} - -?> diff --git a/www/smarty/plugins/modifier.lower.php b/www/smarty/plugins/modifier.lower.php deleted file mode 100644 index 0b4d151..0000000 --- a/www/smarty/plugins/modifier.lower.php +++ /dev/null @@ -1,25 +0,0 @@ - - * Name: lower
- * Purpose: convert string to lowercase - * @link http://smarty.php.net/manual/en/language.modifier.lower.php - * lower (Smarty online manual) - * @param string - * @return string - */ -function smarty_modifier_lower($string) -{ - return strtolower($string); -} - -?> diff --git a/www/smarty/plugins/modifier.nl2br.php b/www/smarty/plugins/modifier.nl2br.php deleted file mode 100644 index d6fabff..0000000 --- a/www/smarty/plugins/modifier.nl2br.php +++ /dev/null @@ -1,35 +0,0 @@ - - * Name: nl2br
- * Date: Feb 26, 2003 - * Purpose: convert \r\n, \r or \n to <
> - * Input:
- * - contents = contents to replace - * - preceed_test = if true, includes preceeding break tags - * in replacement - * Example: {$text|nl2br} - * @link http://smarty.php.net/manual/en/language.modifier.nl2br.php - * nl2br (Smarty online manual) - * @version 1.0 - * @author Monte Ohrt - * @param string - * @return string - */ -function smarty_modifier_nl2br($string) -{ - return nl2br($string); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.regex_replace.php b/www/smarty/plugins/modifier.regex_replace.php deleted file mode 100644 index 7eee497..0000000 --- a/www/smarty/plugins/modifier.regex_replace.php +++ /dev/null @@ -1,33 +0,0 @@ - - * Name: regex_replace
- * Purpose: regular epxression search/replace - * @link http://smarty.php.net/manual/en/language.modifier.regex.replace.php - * regex_replace (Smarty online manual) - * @param string - * @param string|array - * @param string|array - * @return string - */ -function smarty_modifier_regex_replace($string, $search, $replace) -{ - if (preg_match('!\W(\w+)$!s', $search, $match) && (strpos($match[1], 'e') !== false)) { - /* remove eval-modifier from $search */ - $search = substr($search, 0, -strlen($match[1])) . str_replace('e', '', $match[1]); - } - return preg_replace($search, $replace, $string); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.replace.php b/www/smarty/plugins/modifier.replace.php deleted file mode 100644 index 2a43515..0000000 --- a/www/smarty/plugins/modifier.replace.php +++ /dev/null @@ -1,29 +0,0 @@ - - * Name: replace
- * Purpose: simple search/replace - * @link http://smarty.php.net/manual/en/language.modifier.replace.php - * replace (Smarty online manual) - * @param string - * @param string - * @param string - * @return string - */ -function smarty_modifier_replace($string, $search, $replace) -{ - return str_replace($search, $replace, $string); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.spacify.php b/www/smarty/plugins/modifier.spacify.php deleted file mode 100644 index dad057f..0000000 --- a/www/smarty/plugins/modifier.spacify.php +++ /dev/null @@ -1,29 +0,0 @@ - - * Name: spacify
- * Purpose: add spaces between characters in a string - * @link http://smarty.php.net/manual/en/language.modifier.spacify.php - * spacify (Smarty online manual) - * @param string - * @param string - * @return string - */ -function smarty_modifier_spacify($string, $spacify_char = ' ') -{ - return implode($spacify_char, - preg_split('//', $string, -1, PREG_SPLIT_NO_EMPTY)); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.string_format.php b/www/smarty/plugins/modifier.string_format.php deleted file mode 100644 index efd6215..0000000 --- a/www/smarty/plugins/modifier.string_format.php +++ /dev/null @@ -1,28 +0,0 @@ - - * Name: string_format
- * Purpose: format strings via sprintf - * @link http://smarty.php.net/manual/en/language.modifier.string.format.php - * string_format (Smarty online manual) - * @param string - * @param string - * @return string - */ -function smarty_modifier_string_format($string, $format) -{ - return sprintf($format, $string); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.strip.php b/www/smarty/plugins/modifier.strip.php deleted file mode 100644 index cc5c453..0000000 --- a/www/smarty/plugins/modifier.strip.php +++ /dev/null @@ -1,33 +0,0 @@ - - * Name: strip
- * Purpose: Replace all repeated spaces, newlines, tabs - * with a single space or supplied replacement string.
- * Example: {$var|strip} {$var|strip:" "} - * Date: September 25th, 2002 - * @link http://smarty.php.net/manual/en/language.modifier.strip.php - * strip (Smarty online manual) - * @author Monte Ohrt - * @version 1.0 - * @param string - * @param string - * @return string - */ -function smarty_modifier_strip($text, $replace = ' ') -{ - return preg_replace('!\s+!', $replace, $text); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.strip_tags.php b/www/smarty/plugins/modifier.strip_tags.php deleted file mode 100644 index 45f1ec1..0000000 --- a/www/smarty/plugins/modifier.strip_tags.php +++ /dev/null @@ -1,31 +0,0 @@ - - * Name: strip_tags
- * Purpose: strip html tags from text - * @link http://smarty.php.net/manual/en/language.modifier.strip.tags.php - * strip_tags (Smarty online manual) - * @param string - * @param boolean - * @return string - */ -function smarty_modifier_strip_tags($string, $replace_with_space = true) -{ - if ($replace_with_space) - return preg_replace('!<[^>]*?>!', ' ', $string); - else - return strip_tags($string); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.truncate.php b/www/smarty/plugins/modifier.truncate.php deleted file mode 100644 index 15a26ba..0000000 --- a/www/smarty/plugins/modifier.truncate.php +++ /dev/null @@ -1,43 +0,0 @@ - - * Name: truncate
- * Purpose: Truncate a string to a certain length if necessary, - * optionally splitting in the middle of a word, and - * appending the $etc string. - * @link http://smarty.php.net/manual/en/language.modifier.truncate.php - * truncate (Smarty online manual) - * @param string - * @param integer - * @param string - * @param boolean - * @return string - */ -function smarty_modifier_truncate($string, $length = 80, $etc = '...', - $break_words = false) -{ - if ($length == 0) - return ''; - - if (strlen($string) > $length) { - $length -= strlen($etc); - if (!$break_words) - $string = preg_replace('/\s+?(\S+)?$/', '', substr($string, 0, $length+1)); - - return substr($string, 0, $length).$etc; - } else - return $string; -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/modifier.upper.php b/www/smarty/plugins/modifier.upper.php deleted file mode 100644 index 69960ae..0000000 --- a/www/smarty/plugins/modifier.upper.php +++ /dev/null @@ -1,25 +0,0 @@ - - * Name: upper
- * Purpose: convert string to uppercase - * @link http://smarty.php.net/manual/en/language.modifier.upper.php - * upper (Smarty online manual) - * @param string - * @return string - */ -function smarty_modifier_upper($string) -{ - return strtoupper($string); -} - -?> diff --git a/www/smarty/plugins/modifier.wordwrap.php b/www/smarty/plugins/modifier.wordwrap.php deleted file mode 100644 index b9a9fe9..0000000 --- a/www/smarty/plugins/modifier.wordwrap.php +++ /dev/null @@ -1,28 +0,0 @@ - - * Name: wordwrap
- * Purpose: wrap a string of text at a given length - * @link http://smarty.php.net/manual/en/language.modifier.wordwrap.php - * wordwrap (Smarty online manual) - * @param string - * @param integer - * @param string - * @param boolean - * @return string - */ -function smarty_modifier_wordwrap($string,$length=80,$break="\n",$cut=false) -{ - return wordwrap($string,$length,$break,$cut); -} - -?> diff --git a/www/smarty/plugins/outputfilter.trimwhitespace.php b/www/smarty/plugins/outputfilter.trimwhitespace.php deleted file mode 100644 index 01e35e0..0000000 --- a/www/smarty/plugins/outputfilter.trimwhitespace.php +++ /dev/null @@ -1,75 +0,0 @@ - - * Type: outputfilter
- * Name: trimwhitespace
- * Date: Jan 25, 2003
- * Purpose: trim leading white space and blank lines from - * template source after it gets interpreted, cleaning - * up code and saving bandwidth. Does not affect - * <
>
and blocks.
- * Install: Drop into the plugin directory, call - * $smarty->load_filter('output','trimwhitespace'); - * from application. - * @author Monte Ohrt - * @author Contributions from Lars Noschinski - * @version 1.3 - * @param string - * @param Smarty - */ -function smarty_outputfilter_trimwhitespace($source, &$smarty) -{ - // Pull out the script blocks - preg_match_all("!]+>.*?!is", $source, $match); - $_script_blocks = $match[0]; - $source = preg_replace("!]+>.*?!is", - '@@@SMARTY:TRIM:SCRIPT@@@', $source); - - // Pull out the pre blocks - preg_match_all("!
.*?
!is", $source, $match); - $_pre_blocks = $match[0]; - $source = preg_replace("!
.*?
!is", - '@@@SMARTY:TRIM:PRE@@@', $source); - - // Pull out the textarea blocks - preg_match_all("!]+>.*?!is", $source, $match); - $_textarea_blocks = $match[0]; - $source = preg_replace("!]+>.*?!is", - '@@@SMARTY:TRIM:TEXTAREA@@@', $source); - - // remove all leading spaces, tabs and carriage returns NOT - // preceeded by a php close tag. - $source = trim(preg_replace('/((?)\n)[\s]+/m', '\1', $source)); - - // replace script blocks - smarty_outputfilter_trimwhitespace_replace("@@@SMARTY:TRIM:SCRIPT@@@",$_script_blocks, $source); - - // replace pre blocks - smarty_outputfilter_trimwhitespace_replace("@@@SMARTY:TRIM:PRE@@@",$_pre_blocks, $source); - - // replace textarea blocks - smarty_outputfilter_trimwhitespace_replace("@@@SMARTY:TRIM:TEXTAREA@@@",$_textarea_blocks, $source); - - return $source; -} - -function smarty_outputfilter_trimwhitespace_replace($search_str, $replace, &$subject) { - $_len = strlen($search_str); - $_pos = 0; - for ($_i=0, $_count=count($replace); $_i<$_count; $_i++) - if (($_pos=strpos($subject, $search_str, $_pos))!==false) - $subject = substr_replace($subject, $replace[$_i], $_pos, $_len); - else - break; - -} - -?> diff --git a/www/smarty/plugins/shared.escape_special_chars.php b/www/smarty/plugins/shared.escape_special_chars.php deleted file mode 100644 index 515763a..0000000 --- a/www/smarty/plugins/shared.escape_special_chars.php +++ /dev/null @@ -1,30 +0,0 @@ - - * Purpose: used by other smarty functions to escape - * special chars except for already escaped ones - * @param string - * @return string - */ -function smarty_function_escape_special_chars($string) -{ - if(!is_array($string)) { - $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); - $string = htmlspecialchars($string); - $string = str_replace(array('%%%SMARTY_START%%%','%%%SMARTY_END%%%'), array('&',';'), $string); - } - return $string; -} - -/* vim: set expandtab: */ - -?> diff --git a/www/smarty/plugins/shared.make_timestamp.php b/www/smarty/plugins/shared.make_timestamp.php deleted file mode 100644 index acdd777..0000000 --- a/www/smarty/plugins/shared.make_timestamp.php +++ /dev/null @@ -1,43 +0,0 @@ - - * Purpose: used by other smarty functions to make a timestamp - * from a string. - * @param string - * @return string - */ -function smarty_make_timestamp($string) -{ - if(empty($string)) { - $string = "now"; - } - $time = strtotime($string); - if (is_numeric($time) && $time != -1) - return $time; - - // is mysql timestamp format of YYYYMMDDHHMMSS? - if (preg_match('/^\d{14}$/', $string)) { - $time = mktime(substr($string,8,2),substr($string,10,2),substr($string,12,2), - substr($string,4,2),substr($string,6,2),substr($string,0,4)); - - return $time; - } - - // couldn't recognize it, try to return a time - $time = (int) $string; - if ($time > 0) - return $time; - else - return time(); -} - -/* vim: set expandtab: */ - -?> diff --git a/www/style.css b/www/style.css deleted file mode 100644 index 0bec87e..0000000 --- a/www/style.css +++ /dev/null @@ -1,147 +0,0 @@ -body { - margin:0px; - padding:0px; - font-family:verdana, arial, helvetica, sans-serif; - color:#333; - background-color:white; - } -h1 { - margin:0px 0px 15px 0px; - padding:0px; - font-size:28px; - line-height:28px; - font-weight:900; - color:#aaa; - } -h2 { - font-size:100%; - } -h3 { - font-size:75%; - } -h4 { - font-size:67%; - } -li { - font:11px/20px verdana, arial, helvetica, sans-serif; - margin:0px 0px 0px 0px; - padding:0px; - list-style-type:circle; -} -p { - /* normal */ - font:11px/20px verdana, arial, helvetica, sans-serif; - margin:0px 0px 16px 0px; - padding:0px; - } - -tt { - /* inline code */ - font-family: monospace; - } - -table { - background-color: white; - color: black; - text-align: left; - font:11px/20px verdana, arial, helvetica, sans-serif; - margin-left: 10%; - margin-right: 10%; -} - -th { - background-color: #ccccff; - text-align: center; -} - -td.header { - font-weight: bold; -} - -#Content>p {margin:0px;} -#Content>p+p {text-indent:30px;} -a { - color:#09c; - font-size:11px; - text-decoration:none; - font-weight:600; - font-family:verdana, arial, helvetica, sans-serif; - } -a:link {color:#09c;} -a:visited {color:#07a;} -a:hover {background-color:#eee;} - -#Codeblock { - margin:5px 50px 5px 50px; - padding:5px 0px 5px 15px; - border-style:solid; - border-color:black; - border-width:1px 1px 1px 1px; - background-color:#f8f8f8; - font-size:11px; - font-weight:600; - text-decoration:none; - font-family:courier; -} -pre { - font-size:11px; - font-weight:600; - text-decoration:none; - font-family:courier; -} -pre.codeblock { - /* code block (bordered, slight gray background) */ - border-style:solid; - border-color:black; - border-width:1px 1px 1px 1px; - background-color:#f8f8f8; - margin-left: 10%; - margin-right: 10%; -} -dl { - /* definition text block */ - font:11px/20px verdana, arial, helvetica, sans-serif; - margin:0px 0px 16px 0px; - padding:0px; - } -dt { - /* definition term */ - font-weight: bold; - } - -#Header { - margin:50px 0px 10px 0px; - padding:17px 0px 0px 20px; - /* For IE5/Win's benefit height = [correct height] + [top padding] + [top and bottom border widths] */ - height:33px; /* 14px + 17px + 2px = 33px */ - border-style:solid; - border-color:black; - border-width:1px 0px; /* top and bottom borders: 1px; left and right borders: 0px */ - line-height:11px; - font-size:110%; - background-color:#eee; - voice-family: "\"}\""; - voice-family:inherit; - height:14px; /* the correct height */ - } -body>#Header {height:14px;} -#Content { - margin:0px 50px 50px 200px; - padding:10px; - } - -#Menu { - position:absolute; - top:100px; - left:20px; - width:162px; - padding:10px; - background-color:#eee; - border:1px dashed #999; - line-height:17px; - text-align:left; - voice-family: "\"}\""; - voice-family:inherit; - width:160px; - } -body>#Menu {width:160px;}