diff --git a/www/api-docs/admin.html b/www/api-docs/admin.html index 86b55dd..7d12965 100644 --- a/www/api-docs/admin.html +++ b/www/api-docs/admin.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -112,6 +121,11 @@

Berkeley process accounting

+ + anaconda +

Policy for the Anaconda installer.

+ + consoletype

@@ -124,6 +138,11 @@ Determine of the console connected to the controlling terminal.

Policy for dmesg.

+ + dmidecode +

Decode DMI data for x86/ia64 bioses.

+ + firstboot

@@ -132,6 +151,11 @@ after installation of Red Hat/Fedora systems.

+ + kudzu +

Hardware detection and configuration tools

+ + logrotate

Rotate and archive system logs

diff --git a/www/api-docs/admin_acct.html b/www/api-docs/admin_acct.html index 0ebc8c1..30672e1 100644 --- a/www/api-docs/admin_acct.html +++ b/www/api-docs/admin_acct.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_anaconda.html b/www/api-docs/admin_anaconda.html new file mode 100644 index 0000000..55b58ae --- /dev/null +++ b/www/api-docs/admin_anaconda.html @@ -0,0 +1,123 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: admin

+

Module: anaconda

+ +

Description:

+ +

Policy for the Anaconda installer.

+ + + + + +

No interfaces or templates.

+ + +
+ + diff --git a/www/api-docs/admin_consoletype.html b/www/api-docs/admin_consoletype.html index 796337a..dbf7c29 100644 --- a/www/api-docs/admin_consoletype.html +++ b/www/api-docs/admin_consoletype.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_dmesg.html b/www/api-docs/admin_dmesg.html index da7f797..0da5752 100644 --- a/www/api-docs/admin_dmesg.html +++ b/www/api-docs/admin_dmesg.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_dmidecode.html b/www/api-docs/admin_dmidecode.html new file mode 100644 index 0000000..b2cfacd --- /dev/null +++ b/www/api-docs/admin_dmidecode.html @@ -0,0 +1,248 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: admin

+

Module: dmidecode

+ +

Description:

+ +

Decode DMI data for x86/ia64 bioses.

+ + + + +

Interfaces:

+ + +
+ + +
+ +dmidecode_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute dmidecode in the dmidecode domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +dmidecode_run( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Execute dmidecode in the dmidecode domain, and +allow the specified role the dmidecode domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+role + + +The role to be allowed the dmidecode domain. + + +No +
+terminal + + +The type of the terminal allow the dmidecode domain to use. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/admin_firstboot.html b/www/api-docs/admin_firstboot.html index c84666a..93e2019 100644 --- a/www/api-docs/admin_firstboot.html +++ b/www/api-docs/admin_firstboot.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_kudzu.html b/www/api-docs/admin_kudzu.html new file mode 100644 index 0000000..70fa937 --- /dev/null +++ b/www/api-docs/admin_kudzu.html @@ -0,0 +1,248 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: admin

+

Module: kudzu

+ +

Description:

+ +

Hardware detection and configuration tools

+ + + + +

Interfaces:

+ + +
+ + +
+ +kudzu_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute kudzu in the kudzu domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +kudzu_run( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Execute kudzu in the kudzu domain, and +allow the specified role the kudzu domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+role + + +The role to be allowed the kudzu domain. + + +No +
+terminal + + +The type of the terminal allow the kudzu domain to use. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/admin_logrotate.html b/www/api-docs/admin_logrotate.html index ff9327b..d22f285 100644 --- a/www/api-docs/admin_logrotate.html +++ b/www/api-docs/admin_logrotate.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -354,6 +363,48 @@ No + +
+ + +
+ +logrotate_use_fd( + + + + + domain + + + )
+
+
+ +
Summary
+

+Inherit and use logrotate file descriptors. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ Return diff --git a/www/api-docs/admin_netutils.html b/www/api-docs/admin_netutils.html index f51f45c..21a44f4 100644 --- a/www/api-docs/admin_netutils.html +++ b/www/api-docs/admin_netutils.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -517,6 +526,85 @@ No + +
+ + +
+ +netutils_run_ping_cond( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Conditionally execute ping in the ping domain, and +allow the specified role the ping domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+role + + +The role to be allowed the ping domain. + + +No +
+terminal + + +The type of the terminal allow the ping domain to use. + + +No +
+
+
+
@@ -596,6 +684,85 @@ No
+ +
+ + +
+ +netutils_run_traceroute_cond( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Conditionally execute traceroute in the traceroute domain, and +allow the specified role the traceroute domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+role + + +The role to be allowed the traceroute domain. + + +No +
+terminal + + +The type of the terminal allow the traceroute domain to use. + + +No +
+
+
+ Return diff --git a/www/api-docs/admin_quota.html b/www/api-docs/admin_quota.html index 0cf7629..863c9f7 100644 --- a/www/api-docs/admin_quota.html +++ b/www/api-docs/admin_quota.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_rpm.html b/www/api-docs/admin_rpm.html index 7e70e15..928b257 100644 --- a/www/api-docs/admin_rpm.html +++ b/www/api-docs/admin_rpm.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_su.html b/www/api-docs/admin_su.html index 1f63acf..d645e0f 100644 --- a/www/api-docs/admin_su.html +++ b/www/api-docs/admin_su.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -98,12 +107,63 @@

Layer: admin

Module: su

+Interfaces +Templates +

Description:

Run shells with substitute user and group

+ +

Interfaces:

+ + +
+ + +
+ +su_exec( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute su in the caller domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return +

Templates:

diff --git a/www/api-docs/admin_sudo.html b/www/api-docs/admin_sudo.html index 4d635b8..77d87d9 100644 --- a/www/api-docs/admin_sudo.html +++ b/www/api-docs/admin_sudo.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_tmpreaper.html b/www/api-docs/admin_tmpreaper.html index dba0046..dc8753e 100644 --- a/www/api-docs/admin_tmpreaper.html +++ b/www/api-docs/admin_tmpreaper.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_updfstab.html b/www/api-docs/admin_updfstab.html index 94f349d..249da55 100644 --- a/www/api-docs/admin_updfstab.html +++ b/www/api-docs/admin_updfstab.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/admin_usermanage.html b/www/api-docs/admin_usermanage.html index 1f4c0c7..89fa6df 100644 --- a/www/api-docs/admin_usermanage.html +++ b/www/api-docs/admin_usermanage.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -107,6 +116,49 @@

Interfaces:

+ +
+ + +
+ +usermanage_domtrans_admin_passwd( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute password admin functions in +the admin passwd domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/admin_vpn.html b/www/api-docs/admin_vpn.html index f1cf90a..5276de7 100644 --- a/www/api-docs/admin_vpn.html +++ b/www/api-docs/admin_vpn.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
diff --git a/www/api-docs/apps.html b/www/api-docs/apps.html index df5f733..b9616d6 100644 --- a/www/api-docs/apps.html +++ b/www/api-docs/apps.html @@ -25,6 +25,9 @@    -  loadkeys
+    -  + webalizer
+
+  @@ -81,6 +84,11 @@ loadkeys

Load keyboard mappings.

+ + + webalizer +

Web server log analysis

+ diff --git a/www/api-docs/apps_gpg.html b/www/api-docs/apps_gpg.html index 4fc6416..a60e44b 100644 --- a/www/api-docs/apps_gpg.html +++ b/www/api-docs/apps_gpg.html @@ -25,6 +25,9 @@    -  loadkeys
+    -  + webalizer
+ +  diff --git a/www/api-docs/apps_loadkeys.html b/www/api-docs/apps_loadkeys.html index fde47c4..44b768c 100644 --- a/www/api-docs/apps_loadkeys.html +++ b/www/api-docs/apps_loadkeys.html @@ -25,6 +25,9 @@    -  loadkeys
+    -  + webalizer
+ +  diff --git a/www/api-docs/apps_webalizer.html b/www/api-docs/apps_webalizer.html new file mode 100644 index 0000000..c97a25b --- /dev/null +++ b/www/api-docs/apps_webalizer.html @@ -0,0 +1,206 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: apps

+

Module: webalizer

+ +

Description:

+ +

Web server log analysis

+ + + + +

Interfaces:

+ + +
+ + +
+ +webalizer_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute webalizer in the webalizer domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +webalizer_run( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Execute webalizer in the webalizer domain, and +allow the specified role the webalizer domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+role + + +The role to be allowed the webalizer domain. + + +No +
+terminal + + +The type of the terminal allow the webalizer domain to use. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/global_booleans.html b/www/api-docs/global_booleans.html index 42974ac..3ae081e 100644 --- a/www/api-docs/global_booleans.html +++ b/www/api-docs/global_booleans.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -67,6 +76,9 @@    -  loadkeys
+    -  + webalizer
+ +  @@ -88,6 +100,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -103,9 +118,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -127,6 +154,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -151,6 +184,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -172,9 +208,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -190,6 +232,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -330,10 +375,7 @@
Description

-Enabling secure mode disallows programs, such as -newrole, from transitioning to administrative -user domains. -

+Enabling secure mode disallows programs, such asnewrole, from transitioning to administrativeuser domains.

diff --git a/www/api-docs/global_tunables.html b/www/api-docs/global_tunables.html index ba986ce..64e2fc3 100644 --- a/www/api-docs/global_tunables.html +++ b/www/api-docs/global_tunables.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -67,6 +76,9 @@    -  loadkeys
+    -  + webalizer
+ +  @@ -88,6 +100,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -103,9 +118,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -127,6 +154,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -151,6 +184,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -172,9 +208,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -190,6 +232,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -330,9 +375,7 @@
Description

-Allow making anonymous memory executable, e.g. -for runtime-code generation or executable stack. -

+Allow making anonymous memory executable, e.g.for runtime-code generation or executable stack.

@@ -344,9 +387,7 @@ for runtime-code generation or executable stack.
Description

-Allow making a modified private file -mapping executable (text relocation). -

+Allow making a modified private filemapping executable (text relocation).

@@ -358,9 +399,19 @@ mapping executable (text relocation).
Description

-Allow making the stack executable via mprotect. -Also requires allow_execmem. -

+Allow making the stack executable via mprotect.Also requires allow_execmem.

+ + + +
+
allow_ftpd_anon_write
+
+
Default value
+

false

+ +
Description
+

+Allow ftp servers to modify public filesused for public file transfer services.

@@ -372,8 +423,19 @@ Also requires allow_execmem.
Description

-Allow gpg executable stack -

+Allow gpg executable stack

+ + + +
+
allow_httpd_anon_write
+
+
Default value
+

false

+ +
Description
+

+Allow Apache to modify public filesused for public file transfer services.

@@ -385,8 +447,31 @@ Allow gpg executable stack
Description

-Allow system to run with kerberos -

+Allow system to run with kerberos

+ + + +
+
allow_ptrace
+
+
Default value
+

false

+ +
Description
+

+Allow sysadm to ptrace all processes

+ +
+ +
+
allow_saslauthd_read_shadow
+
+
Default value
+

false

+ +
Description
+

+Allow sasl to read shadow

@@ -398,8 +483,7 @@ Allow system to run with kerberos
Description

-allow host key based authentication -

+allow host key based authentication

@@ -411,8 +495,7 @@ allow host key based authentication
Description

-Allow users to connect to mysql -

+Allow users to connect to mysql

@@ -424,8 +507,7 @@ Allow users to connect to mysql
Description

-Allow system to run with NIS -

+Allow system to run with NIS

@@ -437,9 +519,7 @@ Allow system to run with NIS
Description

-Allow system cron jobs to relabel filesystem -for restoring file contexts. -

+Allow system cron jobs to relabel filesystemfor restoring file contexts.

@@ -451,9 +531,115 @@ for restoring file contexts.
Description

-Enable extra rules in the cron domain -to support fcron. -

+Enable extra rules in the cron domainto support fcron.

+ + + +
+
ftp_home_dir
+
+
Default value
+

false

+ +
Description
+

+Allow ftp to read and write files in the user home directories

+ +
+ +
+
ftpd_is_daemon
+
+
Default value
+

false

+ +
Description
+

+Allow ftpd to run directly without inetd

+ +
+ +
+
httpd_builtin_scripting
+
+
Default value
+

false

+ +
Description
+

+Allow httpd to use built in scripting (usually php)

+ +
+ +
+
httpd_can_network_connect
+
+
Default value
+

false

+ +
Description
+

+Allow http daemon to tcp connect

+ +
+ +
+
httpd_enable_cgi
+
+
Default value
+

false

+ +
Description
+

+Allow httpd cgi support

+ +
+ +
+
httpd_enable_homedirs
+
+
Default value
+

false

+ +
Description
+

+Allow httpd to read home directories

+ +
+ +
+
httpd_ssi_exec
+
+
Default value
+

false

+ +
Description
+

+Run SSI execs in system CGI script domain.

+ +
+ +
+
httpd_tty_comm
+
+
Default value
+

false

+ +
Description
+

+Allow http daemon to communicate with the TTY

+ +
+ +
+
httpd_unified
+
+
Default value
+

false

+ +
Description
+

+Run CGI in the main httpd domain

@@ -465,9 +651,31 @@ to support fcron.
Description

-Allow BIND to write the master zone files. -Generally this is used for dynamic DNS. -

+Allow BIND to write the master zone files.Generally this is used for dynamic DNS.

+ + + +
+
pppd_can_insmod
+
+
Default value
+

false

+ +
Description
+

+Allow pppd to load kernel modules for certain modems

+ +
+ +
+
pppd_for_user
+
+
Default value
+

false

+ +
Description
+

+Allow pppd to be run for a regular user

@@ -479,8 +687,7 @@ Generally this is used for dynamic DNS.
Description

-Allow reading of default_t files. -

+Allow reading of default_t files.

@@ -492,10 +699,7 @@ Allow reading of default_t files.
Description

-Allow applications to read untrusted content -If this is disallowed, Internet content has -to be manually relabeled for read access to be granted -

+Allow applications to read untrusted contentIf this is disallowed, Internet content hasto be manually relabeled for read access to be granted

@@ -507,8 +711,7 @@ to be manually relabeled for read access to be granted
Description

-Allow ssh to run from inetd instead of as a daemon. -

+Allow ssh to run from inetd instead of as a daemon.

@@ -520,9 +723,7 @@ Allow ssh to run from inetd instead of as a daemon.
Description

-Allow squid to connect to all ports, not just -HTTP, FTP, and Gopher ports. -

+Allow squid to connect to all ports, not justHTTP, FTP, and Gopher ports.

@@ -534,8 +735,7 @@ HTTP, FTP, and Gopher ports.
Description

-Allow ssh logins as sysadm_r:sysadm_t -

+Allow ssh logins as sysadm_r:sysadm_t

@@ -547,9 +747,7 @@ Allow ssh logins as sysadm_r:sysadm_t
Description

-Allow staff_r users to search the sysadm home -dir and read files (such as ~/.bashrc) -

+Allow staff_r users to search the sysadm homedir and read files (such as ~/.bashrc)

@@ -561,8 +759,7 @@ dir and read files (such as ~/.bashrc)
Description

-Support NFS home directories -

+Support NFS home directories

@@ -574,8 +771,7 @@ Support NFS home directories
Description

-Support SAMBA home directories -

+Support SAMBA home directories

@@ -587,8 +783,7 @@ Support SAMBA home directories
Description

-Allow regular users direct mouse access -

+Allow regular users direct mouse access

@@ -600,8 +795,7 @@ Allow regular users direct mouse access
Description

-Allow users to read system messages. -

+Allow users to read system messages.

@@ -613,9 +807,7 @@ Allow users to read system messages.
Description

-Allow users to control network interfaces -(also needs USERCTL=true) -

+Allow users to control network interfaces(also needs USERCTL=true)

@@ -627,8 +819,7 @@ Allow users to control network interfaces
Description

-Control users use of ping and traceroute -

+Control users use of ping and traceroute

@@ -640,8 +831,7 @@ Control users use of ping and traceroute
Description

-Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY) -

+Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)

@@ -653,8 +843,7 @@ Allow user to r/w noextattrfile (FAT, CDROM, FLOPPY)
Description

-Allow users to rw usb devices -

+Allow users to rw usb devices

@@ -666,10 +855,7 @@ Allow users to rw usb devices
Description

-Allow users to run TCP servers (bind to ports and accept connection from -the same domain and outside users) disabling this forces FTP passive mode -and may change other protocols. -

+Allow users to run TCP servers (bind to ports and accept connection fromthe same domain and outside users) disabling this forces FTP passive modeand may change other protocols.

@@ -681,8 +867,7 @@ and may change other protocols.
Description

-Allow w to display everyone -

+Allow w to display everyone

@@ -694,10 +879,7 @@ Allow w to display everyone
Description

-Allow applications to write untrusted content -If this is disallowed, no Internet content -will be stored. -

+Allow applications to write untrusted contentIf this is disallowed, no Internet contentwill be stored.

diff --git a/www/api-docs/index.html b/www/api-docs/index.html index 5fca52d..81c9363 100644 --- a/www/api-docs/index.html +++ b/www/api-docs/index.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -67,6 +76,9 @@    -  loadkeys
+    -  + webalizer
+ +  @@ -88,6 +100,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -103,9 +118,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -127,6 +154,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -151,6 +184,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -172,9 +208,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -190,6 +232,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -337,6 +382,11 @@

Berkeley process accounting

+ + anaconda +

Policy for the Anaconda installer.

+ + consoletype

@@ -349,6 +399,11 @@ Determine of the console connected to the controlling terminal.

Policy for dmesg.

+ + dmidecode +

Decode DMI data for x86/ia64 bioses.

+ + firstboot

@@ -357,6 +412,11 @@ after installation of Red Hat/Fedora systems.

+ + kudzu +

Hardware detection and configuration tools

+ + logrotate

Rotate and archive system logs

@@ -470,6 +530,11 @@ Policy for kernel threads, proc filesystem,and unlabeled processes and objects.

+ + mls +

Multilevel security policy

+ + selinux

@@ -519,6 +584,11 @@ Policy for kernel security interface, in particular, selinuxfs. loadkeys

Load keyboard mappings.

+ + + webalizer +

Web server log analysis

+ @@ -721,11 +791,31 @@ connection and disconnection of devices at runtime. + + apache +

Apache web server

+ + + + apm +

Advanced power management daemon

+ + + + arpwatch +

Ethernet activity monitor.

+ + bind

Berkeley internet name domain DNS server.

+ + bluetooth +

Bluetooth tools and system services.

+ + comsat

Comsat, a biff server.

@@ -761,6 +851,16 @@ connection and disconnection of devices at runtime.

Dictionary daemon

+ + finger +

Finger user information service.

+ + + + ftp +

File transfer protocol service

+ + gpm

General Purpose Mouse driver

@@ -801,6 +901,11 @@ connection and disconnection of devices at runtime.

OpenLDAP directory server

+ + mailman +

Mailman is for managing electronic mail discussion and e-newsletter lists

+ + mta

Policy common to all email tranfer agents.

@@ -836,11 +941,21 @@ connection and disconnection of devices at runtime.

PostgreSQL relational database

+ + ppp +

Point to Point Protocol daemon creates links in ppp networks

+ + privoxy

Privacy enhancing web proxy.

+ + radvd +

IPv6 router advertisement daemon

+ + remotelogin

Policy for rshd, rlogind, and telnetd.

@@ -863,7 +978,16 @@ connection and disconnection of devices at runtime. samba -

SMB and CIFS client/server programs for UNIX

+

+SMB and CIFS client/server programs for UNIX and +name Service Switch daemon for resolving names +from Windows NT servers. +

+ + + + sasl +

SASL authentication server

diff --git a/www/api-docs/interfaces.html b/www/api-docs/interfaces.html index f141f57..ea502ad 100644 --- a/www/api-docs/interfaces.html +++ b/www/api-docs/interfaces.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -67,6 +76,9 @@    -  loadkeys
+    -  + webalizer
+
+  @@ -88,6 +100,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -103,9 +118,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -127,6 +154,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -151,6 +184,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -172,9 +208,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -190,6 +232,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -427,13 +472,13 @@ Create, read, write, and delete process accounting data.
-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_append_faillog( +apache_append_squirrelmail_data( @@ -446,25 +491,26 @@ system

-Append to the login failure log. +Allow the specified domain to append +apache squirrelmail data.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_create_login_records( +apache_domtrans( - ? + domain )
@@ -472,20 +518,20 @@ system

-Summary is missing! +Transition to apache.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_delete_pam_console_data( +apache_domtrans_all_scripts( @@ -498,20 +544,21 @@ system

-Delete pam_console data. +Execute all user scripts in the user +script domain.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_delete_pam_pid( +apache_domtrans_helper( @@ -524,20 +571,21 @@ system

-Delete pam PID files. +Execute the Apache helper program with +a domain transition.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_domtrans_chk_passwd( +apache_domtrans_sys_script( @@ -550,20 +598,21 @@ system

-Run unix_chkpwd to check a password. +Execute all web scripts in the system +script domain.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_domtrans_login_program( +apache_dontaudit_append_log( @@ -571,33 +620,26 @@ system

domain - - , - - - - target_domain - - )

-Execute a login_program in the target domain. +Do not audit attempts to append to the +Apache logs.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_domtrans_pam( +apache_dontaudit_rw_stream_socket( @@ -610,25 +652,26 @@ system

-Execute pam programs in the pam domain. +Do not audit attempts to read and write Apache +unix domain stream sockets.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_domtrans_pam_console( +apache_dontaudit_rw_sys_script_stream_socket( - ? + domain )
@@ -636,20 +679,21 @@ system

-Summary is missing! +Do not audit attempts to read and write Apache +system script unix domain stream sockets.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_domtrans_utempter( +apache_dontaudit_rw_tcp_socket( @@ -662,20 +706,21 @@ system

-Execute utempter programs in the utempter domain. +Do not audit attempts to read and write Apache +TCP sockets.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_dontaudit_getattr_shadow( +apache_list_modules( @@ -688,21 +733,22 @@ system

-Do not audit attempts to get the attributes -of the shadow passwords file. +Allow the specified domain to list +the contents of the apache modules +directory.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_dontaudit_read_shadow( +apache_manage_sys_content( @@ -715,26 +761,26 @@ system

-Do not audit attempts to read the shadow -password file (/etc/shadow). +Allow the specified domain to manage +apache system content files.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_dontaudit_write_login_records( +apache_read_config( - ? + domain )
@@ -742,20 +788,21 @@ system

-Summary is missing! +Allow the specified domain to read +apache configuration files.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_exec_pam( +apache_read_log( @@ -768,20 +815,21 @@ system

-Execute the pam program. +Allow the specified domain to read +apache log files.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_getattr_shadow( +apache_read_squirrelmail_data( @@ -794,51 +842,34 @@ system

-Get the attributes of the shadow passwords file. +Allow the specified domain to read +apache squirrelmail data.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_list_pam_console_data( +apache_run_all_scripts( - ? + domain - )
-
- -
-

-Summary is missing! -

-
- -
- -
-Module: -authlogin

-Layer: -system

-

- -auth_login_entry_type( - + + , - domain + role )
@@ -846,20 +877,22 @@ system

-Use the login program as an entry point program. +Execute all user scripts in the user +script domain. Add user script domains +to the specified role.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_manage_all_files_except_shadow( +apache_run_helper( @@ -872,11 +905,15 @@ system

- [ + role - exception_types + - ] + , + + + + terminal )
@@ -884,26 +921,27 @@ system

-Manage all files on the filesystem, except -the shadow passwords and listed exceptions. +Execute the Apache helper program with +a domain transition, and allow the +specified role the dmidecode domain.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_manage_login_records( +apache_sigchld( - ? + domain )
@@ -911,25 +949,25 @@ system

-Summary is missing! +Send a SIGCHLD signal to apache.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_manage_pam_console_data( +apache_signull( - ? + domain )
@@ -937,25 +975,25 @@ system

-Summary is missing! +Send a null signal to apache.

-Module: -authlogin

-Layer: -system

+Module: +apache

+Layer: +services

-auth_manage_shadow( +apache_use_fd( - ? + domain )
@@ -963,25 +1001,25 @@ system

-Summary is missing! +Inherit and use file descriptors from Apache.

-Module: -authlogin

-Layer: -system

+Module: +apm

+Layer: +services

-auth_read_login_records( +apm_append_log( - ? + domain )
@@ -989,25 +1027,25 @@ system

-Summary is missing! +Append to apm's log file.

-Module: -authlogin

-Layer: -system

+Module: +apm

+Layer: +services

-auth_read_pam_console_data( +apm_domtrans_client( - ? + domain )
@@ -1015,25 +1053,25 @@ system

-Summary is missing! +Execute APM in the apm domain.

-Module: -authlogin

-Layer: -system

+Module: +apm

+Layer: +services

-auth_read_pam_pid( +apm_rw_stream_socket( - ? + domain )
@@ -1041,20 +1079,20 @@ system

-Summary is missing! +Read and write to an apm unix stream socket.

-Module: -authlogin

-Layer: -system

+Module: +apm

+Layer: +services

-auth_read_shadow( +apm_use_fd( @@ -1067,20 +1105,20 @@ system

-Read the shadow passwords file (/etc/shadow) +Use file descriptors for apmd.

-Module: -authlogin

-Layer: -system

+Module: +apm

+Layer: +services

-auth_relabel_all_files_except_shadow( +apm_write_pipe( @@ -1088,43 +1126,30 @@ system

domain - - , - - - - [ - - exception_types - - ] - - )

-Relabel all files on the filesystem, except -the shadow passwords and listed exceptions. +Write to apmd unnamed pipes.

-Module: -authlogin

-Layer: -system

+Module: +arpwatch

+Layer: +services

-auth_relabelto_shadow( +arpwatch_dontaudit_rw_packet_socket( - ? + domain )
@@ -1132,20 +1157,21 @@ system

-Summary is missing! +Do not audit attempts to read and write +arpwatch packet sockets.

-Module: -authlogin

-Layer: -system

+Module: +arpwatch

+Layer: +services

-auth_run_pam( +arpwatch_manage_data_files( @@ -1153,41 +1179,25 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute pam programs in the PAM domain. +Create arpwatch data files.

-Module: -authlogin

-Layer: -system

+Module: +arpwatch

+Layer: +services

-auth_run_utempter( +arpwatch_rw_tmp_files( @@ -1195,20 +1205,30 @@ system

domain - - , - - - - role - + )
+

+ +
+

+Read and write arpwatch temporary files. +

+
+ +
+ +
+Module: +arpwatch

+Layer: +services

+

+ +arpwatch_search_data( - , - - terminal + domain )
@@ -1216,25 +1236,25 @@ system

-Execute utempter programs in the utempter domain. +Search arpwatch's data file directories.

-Module: +Module: authlogin

Layer: system

-auth_rw_faillog( +auth_append_faillog( - ? + domain )
@@ -1242,25 +1262,25 @@ system

-Summary is missing! +Append to the login failure log.

-Module: +Module: authlogin

Layer: system

-auth_rw_lastlog( +auth_append_lastlog( - ? + domain )
@@ -1268,25 +1288,25 @@ system

-Summary is missing! +Append only to the last logins log.

-Module: +Module: authlogin

Layer: system

-auth_rw_login_records( +auth_append_login_records( - ? + domain )
@@ -1294,25 +1314,25 @@ system

-Summary is missing! +Append to login records (wtmp).

-Module: +Module: authlogin

Layer: system

-auth_rw_shadow( +auth_create_login_records( - domain + ? )
@@ -1320,20 +1340,20 @@ system

-Read and write the shadow password file (/etc/shadow). +Summary is missing!

-Module: +Module: authlogin

Layer: system

-auth_unconfined( +auth_delete_pam_console_data( @@ -1346,20 +1366,20 @@ system

-Unconfined access to the authlogin module. +Delete pam_console data.

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_domtrans_ndc( +auth_delete_pam_pid( @@ -1372,20 +1392,20 @@ services

-Execute ndc in the ndc domain. +Delete pam PID files.

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_manage_config_dir( +auth_domtrans_chk_passwd( @@ -1398,21 +1418,20 @@ services

-Create, read, write, and delete -BIND configuration directories. +Run unix_chkpwd to check a password.

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_read_config( +auth_domtrans_login_program( @@ -1420,25 +1439,33 @@ services

domain + + , + + + + target_domain + + )

-Read BIND named configuration files. +Execute a login_program in the target domain.

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_read_dnssec_keys( +auth_domtrans_pam( @@ -1451,41 +1478,25 @@ services

-Read DNSSEC keys. +Execute pam programs in the pam domain.

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_run_ndc( - - - - - domain - - - - , - - - - role - +auth_domtrans_pam_console( - , - - terminal + ? )
@@ -1493,21 +1504,20 @@ services

-Execute ndc in the ndc domain, and -allow the specified role the ndc domain. +Summary is missing!

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_setattr_pid_dir( +auth_domtrans_utempter( @@ -1520,21 +1530,20 @@ services

-Do not audit attempts to set the attributes -of the BIND pid directory. +Execute utempter programs in the utempter domain.

-Module: -bind

-Layer: -services

+Module: +authlogin

+Layer: +system

-bind_write_config( +auth_dontaudit_getattr_shadow( @@ -1547,20 +1556,21 @@ services

-Write BIND named configuration files. +Do not audit attempts to get the attributes +of the shadow passwords file.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_create_kernel( +auth_dontaudit_read_shadow( @@ -1573,25 +1583,26 @@ kernel

-Install a kernel into the /boot directory. +Do not audit attempts to read the shadow +password file (/etc/shadow).

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_create_kernel_symbol_table( +auth_dontaudit_write_login_records( - domain + ? )
@@ -1599,25 +1610,25 @@ kernel

-Install a system.map into the /boot directory. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_create_modules( +auth_exec_pam( - ? + domain )
@@ -1625,20 +1636,20 @@ kernel

-Summary is missing! +Execute the pam program.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_create_runtime_file( +auth_getattr_shadow( @@ -1651,26 +1662,25 @@ kernel

-Read and write the bootloader -temporary data in /tmp. +Get the attributes of the shadow passwords file.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_delete_kernel( +auth_list_pam_console_data( - domain + ? )
@@ -1678,20 +1688,20 @@ kernel

-Delete a kernel from /boot. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_delete_kernel_symbol_table( +auth_login_entry_type( @@ -1704,20 +1714,20 @@ kernel

-Delete a system.map in the /boot directory. +Use the login program as an entry point program.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_domtrans( +auth_manage_all_files_except_shadow( @@ -1725,30 +1735,43 @@ kernel

domain + + , + + + + [ + + exception_types + + ] + + )

-Execute bootloader in the bootloader domain. +Manage all files on the filesystem, except +the shadow passwords and listed exceptions.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_dontaudit_getattr_boot_dir( +auth_manage_login_records( - domain + ? )
@@ -1756,26 +1779,25 @@ kernel

-Do not audit attempts to get attributes -of the /boot directory. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_dontaudit_search_boot( +auth_manage_pam_console_data( - domain + ? )
@@ -1783,25 +1805,25 @@ kernel

-Do not audit attempts to search the /boot directory. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_getattr_kernel_modules( +auth_manage_shadow( - domain + ? )
@@ -1809,20 +1831,20 @@ kernel

-Get the attributes of kernel module files. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_list_kernel_modules( +auth_read_lastlog( @@ -1835,25 +1857,25 @@ kernel

-List the contents of the kernel module directories. +Read the last logins log.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_manage_kernel_modules( +auth_read_login_records( - domain + ? )
@@ -1861,26 +1883,25 @@ kernel

-Create, read, write, and delete -kernel module files. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_read_config( +auth_read_pam_console_data( - domain + ? )
@@ -1888,25 +1909,25 @@ kernel

-Read the bootloader configuration file. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_read_kernel_modules( +auth_read_pam_pid( - domain + ? )
@@ -1914,20 +1935,20 @@ kernel

-Read kernel module files. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_read_kernel_symbol_table( +auth_read_shadow( @@ -1940,20 +1961,20 @@ kernel

-Read system.map in the /boot directory. +Read the shadow passwords file (/etc/shadow)

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_run( +auth_relabel_all_files_except_shadow( @@ -1966,15 +1987,11 @@ kernel

- role - - - - , - + [ + exception_types - terminal + ] )
@@ -1982,26 +1999,26 @@ kernel

-Execute bootloader interactively and do -a domain transition to the bootloader domain. +Relabel all files on the filesystem, except +the shadow passwords and listed exceptions.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_rw_boot_symlinks( +auth_relabelto_shadow( - domain + ? )
@@ -2009,21 +2026,20 @@ kernel

-Read and write symbolic links -in the /boot directory. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_rw_config( +auth_run_pam( @@ -2031,26 +2047,41 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Read and write the bootloader -configuration file. +Execute pam programs in the PAM domain.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_rw_tmp_file( +auth_run_utempter( @@ -2058,31 +2089,46 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Read and write the bootloader -temporary data in /tmp. +Execute utempter programs in the utempter domain.

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_search_boot( +auth_rw_faillog( - domain + ? )
@@ -2090,20 +2136,20 @@ kernel

-Search the /boot directory. +Summary is missing!

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_write_kernel_modules( +auth_rw_lastlog( @@ -2116,25 +2162,25 @@ kernel

-Write kernel module files. +Read and write to the last logins log.

-Module: -clock

+Module: +authlogin

Layer: system

-clock_domtrans( +auth_rw_login_records( - domain + ? )
@@ -2142,20 +2188,20 @@ system

-Execute hwclock in the clock domain. +Summary is missing!

-Module: -clock

+Module: +authlogin

Layer: system

-clock_exec( +auth_rw_shadow( @@ -2168,20 +2214,20 @@ system

- Execute hwclock in the caller domain. -

+Read and write the shadow password file (/etc/shadow). +

-Module: -clock

+Module: +authlogin

Layer: system

-clock_run( +auth_unconfined( @@ -2189,42 +2235,25 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute hwclock in the clock domain, and -allow the specified role the hwclock domain. +Unconfined access to the authlogin module.

-Module: -clock

+Module: +authlogin

Layer: system

-clock_rw_adjtime( +auth_use_nsswitch( @@ -2237,20 +2266,20 @@ system

- Allow executing domain to modify clock drift -

+Use nsswitch to look up uid-username mappings. +

-Module: -consoletype

-Layer: -admin

+Module: +authlogin

+Layer: +system

-consoletype_domtrans( +auth_write_login_records( @@ -2263,20 +2292,20 @@ admin

-Execute consoletype in the consoletype domain. +Write to login records (wtmp).

-Module: -consoletype

-Layer: -admin

+Module: +bind

+Layer: +services

-consoletype_exec( +bind_domtrans( @@ -2289,20 +2318,20 @@ admin

-Execute consoletype in the caller domain. +Execute bind in the named domain.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_bin_domtrans( +bind_domtrans_ndc( @@ -2310,39 +2339,30 @@ system

domain - - , - - - - target_domain - - )

-Execute a file in a bin directory -in the specified domain. +Execute ndc in the ndc domain.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_dontaudit_getattr_sbin_file( +bind_manage_config_dir( - ? + domain )
@@ -2350,25 +2370,26 @@ system

-Summary is missing! +Create, read, write, and delete +BIND configuration directories.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_exec_bin( +bind_read_config( - ? + domain )
@@ -2376,25 +2397,25 @@ system

-Summary is missing! +Read BIND named configuration files.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_exec_chroot( +bind_read_dnssec_keys( - ? + domain )
@@ -2402,25 +2423,41 @@ system

-Summary is missing! +Read DNSSEC keys.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_exec_ls( +bind_run_ndc( - ? + domain + + + + , + + + + role + + + + , + + + + terminal )
@@ -2428,25 +2465,26 @@ system

-Summary is missing! +Execute ndc in the ndc domain, and +allow the specified role the ndc domain.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_exec_sbin( +bind_setattr_pid_dir( - ? + domain )
@@ -2454,25 +2492,26 @@ system

-Summary is missing! +Do not audit attempts to set the attributes +of the BIND pid directory.

-Module: -corecommands

-Layer: -system

+Module: +bind

+Layer: +services

-corecmd_exec_shell( +bind_write_config( - ? + domain )
@@ -2480,20 +2519,20 @@ system

-Summary is missing! +Write BIND named configuration files.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_getattr_bin_file( +bootloader_create_kernel( @@ -2506,25 +2545,25 @@ system

-Get the attributes of files in bin directories. +Install a kernel into the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_getattr_sbin_file( +bootloader_create_kernel_symbol_table( - ? + domain )
@@ -2532,20 +2571,20 @@ system

-Summary is missing! +Install a system.map into the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_list_bin( +bootloader_create_modules( @@ -2565,18 +2604,18 @@ Summary is missing!
-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_list_sbin( +bootloader_create_runtime_file( - ? + domain )
@@ -2584,20 +2623,21 @@ system

-Summary is missing! +Read and write the bootloader +temporary data in /tmp.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_bin_file( +bootloader_delete_kernel( @@ -2610,20 +2650,20 @@ system

-Read files in bin directories. +Delete a kernel from /boot.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_bin_pipe( +bootloader_delete_kernel_symbol_table( @@ -2636,20 +2676,20 @@ system

-Read pipes in bin directories. +Delete a system.map in the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_bin_socket( +bootloader_domtrans( @@ -2662,20 +2702,20 @@ system

-Read named sockets in bin directories. +Execute bootloader in the bootloader domain.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_bin_symlink( +bootloader_dontaudit_getattr_boot_dir( @@ -2688,20 +2728,21 @@ system

-Read symbolic links in bin directories. +Do not audit attempts to get attributes +of the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_sbin_file( +bootloader_dontaudit_search_boot( @@ -2714,20 +2755,20 @@ system

-Read files in sbin directories. +Do not audit attempts to search the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_sbin_pipe( +bootloader_getattr_kernel_modules( @@ -2740,20 +2781,20 @@ system

-Read named pipes in sbin directories. +Get the attributes of kernel module files.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_sbin_socket( +bootloader_list_kernel_modules( @@ -2766,20 +2807,20 @@ system

-Read named sockets in sbin directories. +List the contents of the kernel module directories.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_read_sbin_symlink( +bootloader_manage_kernel_modules( @@ -2792,20 +2833,21 @@ system

-Read symbolic links in sbin directories. +Create, read, write, and delete +kernel module files.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_sbin_domtrans( +bootloader_read_config( @@ -2813,39 +2855,30 @@ system

domain - - , - - - - target_domain - - )

-Execute a file in a sbin directory -in the specified domain. +Read the bootloader configuration file.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_search_bin( +bootloader_read_kernel_modules( - ? + domain )
@@ -2853,25 +2886,25 @@ system

-Summary is missing! +Read kernel module files.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_search_sbin( +bootloader_read_kernel_symbol_table( - ? + domain )
@@ -2879,20 +2912,20 @@ system

-Summary is missing! +Read system.map in the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_shell_domtrans( +bootloader_run( @@ -2905,7 +2938,15 @@ system

- target_domain + role + + + + , + + + + terminal )
@@ -2913,20 +2954,21 @@ system

-Execute a shell in the specified domain. +Execute bootloader interactively and do +a domain transition to the bootloader domain.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_shell_entry_type( +bootloader_rw_boot_symlinks( @@ -2939,20 +2981,21 @@ system

-Make the shell an entrypoint for the specified domain. +Read and write symbolic links +in the /boot directory.

-Module: -corecommands

-Layer: -system

+Module: +bootloader

+Layer: +kernel

-corecmd_shell_spec_domtrans( +bootloader_rw_config( @@ -2960,35 +3003,26 @@ system

domain - - , - - - - target_domain - - )

-Execute a shell in the target domain. This -is an explicit transition, requiring the -caller to use setexeccon(). +Read and write the bootloader +configuration file.

-Module: -corenetwork

+Module: +bootloader

Layer: kernel

-corenet_dontaudit_tcp_bind_all_reserved_ports( +bootloader_rw_tmp_file( @@ -3001,20 +3035,21 @@ kernel

-Do not audit attempts to bind TCP sockets to all reserved ports. +Read and write the bootloader +temporary data in /tmp.

-Module: -corenetwork

+Module: +bootloader

Layer: kernel

-corenet_dontaudit_tcp_connect_all_reserved_ports( +bootloader_search_boot( @@ -3027,21 +3062,20 @@ kernel

-Do not audit attempts to connect TCP sockets -all reserved ports. +Search the /boot directory.

-Module: -corenetwork

+Module: +bootloader

Layer: kernel

-corenet_dontaudit_udp_bind_all_reserved_ports( +bootloader_search_kernel_modules( @@ -3054,20 +3088,20 @@ kernel

-Do not audit attempts to bind UDP sockets to all reserved ports. +Search the contents of the kernel module directories.

-Module: -corenetwork

+Module: +bootloader

Layer: kernel

-corenet_raw_receive_all_if( +bootloader_write_kernel_modules( @@ -3080,20 +3114,20 @@ kernel

-Receive raw IP packets on all interfaces. +Write kernel module files.

-Module: -corenetwork

-Layer: -kernel

+Module: +clock

+Layer: +system

-corenet_raw_receive_all_nodes( +clock_domtrans( @@ -3106,20 +3140,20 @@ kernel

-Receive raw IP packets on all nodes. +Execute hwclock in the clock domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +clock

+Layer: +system

-corenet_raw_receive_compat_ipv4_node( +clock_exec( @@ -3132,20 +3166,20 @@ kernel

-Receive raw IP packets on the compat_ipv4 node. +Execute hwclock in the caller domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +clock

+Layer: +system

-corenet_raw_receive_generic_if( +clock_run( @@ -3153,25 +3187,42 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Receive raw IP packets on generic interfaces. +Execute hwclock in the clock domain, and +allow the specified role the hwclock domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +clock

+Layer: +system

-corenet_raw_receive_generic_node( +clock_rw_adjtime( @@ -3184,20 +3235,20 @@ kernel

-Receive raw IP packets on generic nodes. +Allow executing domain to modify clock drift

-Module: -corenetwork

-Layer: -kernel

+Module: +consoletype

+Layer: +admin

-corenet_raw_receive_inaddr_any_node( +consoletype_domtrans( @@ -3210,20 +3261,20 @@ kernel

-Receive raw IP packets on the inaddr_any node. +Execute consoletype in the consoletype domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +consoletype

+Layer: +admin

-corenet_raw_receive_link_local_node( +consoletype_exec( @@ -3236,20 +3287,20 @@ kernel

-Receive raw IP packets on the link_local node. +Execute consoletype in the caller domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_lo_node( +corecmd_bin_domtrans( @@ -3257,30 +3308,39 @@ kernel

domain + + , + + + + target_domain + + )

-Receive raw IP packets on the lo node. +Execute a file in a bin directory +in the specified domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_mapped_ipv4_node( +corecmd_dontaudit_getattr_sbin_file( - domain + ? )
@@ -3288,25 +3348,25 @@ kernel

-Receive raw IP packets on the mapped_ipv4 node. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_multicast_node( +corecmd_exec_bin( - domain + ? )
@@ -3314,25 +3374,25 @@ kernel

-Receive raw IP packets on the multicast node. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_site_local_node( +corecmd_exec_chroot( - domain + ? )
@@ -3340,25 +3400,25 @@ kernel

-Receive raw IP packets on the site_local node. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_unspec_node( +corecmd_exec_ls( - domain + ? )
@@ -3366,25 +3426,25 @@ kernel

-Receive raw IP packets on the unspec node. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_all_if( +corecmd_exec_sbin( - domain + ? )
@@ -3392,25 +3452,25 @@ kernel

-Send raw IP packets on all interfaces. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_all_nodes( +corecmd_exec_shell( - domain + ? )
@@ -3418,20 +3478,20 @@ kernel

-Send raw IP packets on all nodes. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_compat_ipv4_node( +corecmd_getattr_bin_file( @@ -3444,25 +3504,25 @@ kernel

-Send raw IP packets on the compat_ipv4 node. +Get the attributes of files in bin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_generic_if( +corecmd_getattr_sbin_file( - domain + ? )
@@ -3470,25 +3530,25 @@ kernel

-Send raw IP packets on generic interfaces. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_generic_node( +corecmd_list_bin( - domain + ? )
@@ -3496,25 +3556,25 @@ kernel

-Send raw IP packets on generic nodes. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_inaddr_any_node( +corecmd_list_sbin( - domain + ? )
@@ -3522,20 +3582,20 @@ kernel

-Send raw IP packets on the inaddr_any node. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_link_local_node( +corecmd_read_bin_file( @@ -3548,20 +3608,20 @@ kernel

-Send raw IP packets on the link_local node. +Read files in bin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_lo_node( +corecmd_read_bin_pipe( @@ -3574,20 +3634,20 @@ kernel

-Send raw IP packets on the lo node. +Read pipes in bin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_mapped_ipv4_node( +corecmd_read_bin_socket( @@ -3600,20 +3660,20 @@ kernel

-Send raw IP packets on the mapped_ipv4 node. +Read named sockets in bin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_multicast_node( +corecmd_read_bin_symlink( @@ -3626,20 +3686,20 @@ kernel

-Send raw IP packets on the multicast node. +Read symbolic links in bin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_site_local_node( +corecmd_read_sbin_file( @@ -3652,20 +3712,20 @@ kernel

-Send raw IP packets on the site_local node. +Read files in sbin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_send_unspec_node( +corecmd_read_sbin_pipe( @@ -3678,20 +3738,20 @@ kernel

-Send raw IP packets on the unspec node. +Read named pipes in sbin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_all_if( +corecmd_read_sbin_socket( @@ -3704,20 +3764,20 @@ kernel

-Send and receive raw IP packets on all interfaces. +Read named sockets in sbin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_all_nodes( +corecmd_read_sbin_symlink( @@ -3730,20 +3790,20 @@ kernel

-Send and receive raw IP packets on all nodes. +Read symbolic links in sbin directories.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_compat_ipv4_node( +corecmd_sbin_domtrans( @@ -3751,30 +3811,39 @@ kernel

domain + + , + + + + target_domain + + )

-Send and receive raw IP packets on the compat_ipv4 node. +Execute a file in a sbin directory +in the specified domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_generic_if( +corecmd_search_bin( - domain + ? )
@@ -3782,25 +3851,25 @@ kernel

-Send and receive raw IP packets on generic interfaces. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_generic_node( +corecmd_search_sbin( - domain + ? )
@@ -3808,20 +3877,20 @@ kernel

-Send and receive raw IP packets on generic nodes. +Summary is missing!

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_inaddr_any_node( +corecmd_shell_domtrans( @@ -3829,25 +3898,33 @@ kernel

domain + + , + + + + target_domain + + )

-Send and receive raw IP packets on the inaddr_any node. +Execute a shell in the specified domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_link_local_node( +corecmd_shell_entry_type( @@ -3860,20 +3937,20 @@ kernel

-Send and receive raw IP packets on the link_local node. +Make the shell an entrypoint for the specified domain.

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_sendrecv_lo_node( +corecmd_shell_spec_domtrans( @@ -3881,25 +3958,35 @@ kernel

domain + + , + + + + target_domain + + )

-Send and receive raw IP packets on the lo node. +Execute a shell in the target domain. This +is an explicit transition, requiring the +caller to use setexeccon().

-Module: +Module: corenetwork

Layer: kernel

-corenet_raw_sendrecv_mapped_ipv4_node( +corenet_dontaudit_tcp_bind_all_reserved_ports( @@ -3912,20 +3999,20 @@ kernel

-Send and receive raw IP packets on the mapped_ipv4 node. +Do not audit attempts to bind TCP sockets to all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_raw_sendrecv_multicast_node( +corenet_dontaudit_tcp_connect_all_reserved_ports( @@ -3938,20 +4025,21 @@ kernel

-Send and receive raw IP packets on the multicast node. +Do not audit attempts to connect TCP sockets +all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_raw_sendrecv_site_local_node( +corenet_dontaudit_udp_bind_all_reserved_ports( @@ -3964,20 +4052,20 @@ kernel

-Send and receive raw IP packets on the site_local node. +Do not audit attempts to bind UDP sockets to all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_raw_sendrecv_unspec_node( +corenet_raw_receive_all_if( @@ -3990,20 +4078,20 @@ kernel

-Send and receive raw IP packets on the unspec node. +Receive raw IP packets on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_afs_bos_port( +corenet_raw_receive_all_nodes( @@ -4016,20 +4104,20 @@ kernel

-Bind TCP sockets to the afs_bos port. +Receive raw IP packets on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_afs_fs_port( +corenet_raw_receive_compat_ipv4_node( @@ -4042,20 +4130,20 @@ kernel

-Bind TCP sockets to the afs_fs port. +Receive raw IP packets on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_afs_ka_port( +corenet_raw_receive_generic_if( @@ -4068,20 +4156,20 @@ kernel

-Bind TCP sockets to the afs_ka port. +Receive raw IP packets on generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_afs_pt_port( +corenet_raw_receive_generic_node( @@ -4094,20 +4182,20 @@ kernel

-Bind TCP sockets to the afs_pt port. +Receive raw IP packets on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_afs_vl_port( +corenet_raw_receive_inaddr_any_node( @@ -4120,20 +4208,20 @@ kernel

-Bind TCP sockets to the afs_vl port. +Receive raw IP packets on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_all_nodes( +corenet_raw_receive_link_local_node( @@ -4146,20 +4234,20 @@ kernel

-Bind TCP sockets to all nodes. +Receive raw IP packets on the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_all_ports( +corenet_raw_receive_lo_node( @@ -4172,20 +4260,20 @@ kernel

-Bind TCP sockets to all ports. +Receive raw IP packets on the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_all_reserved_ports( +corenet_raw_receive_mapped_ipv4_node( @@ -4198,20 +4286,20 @@ kernel

-Bind TCP sockets to all reserved ports. +Receive raw IP packets on the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_amanda_port( +corenet_raw_receive_multicast_node( @@ -4224,20 +4312,20 @@ kernel

-Bind TCP sockets to the amanda port. +Receive raw IP packets on the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_amavisd_recv_port( +corenet_raw_receive_site_local_node( @@ -4250,20 +4338,20 @@ kernel

-Bind TCP sockets to the amavisd_recv port. +Receive raw IP packets on the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_amavisd_send_port( +corenet_raw_receive_unspec_node( @@ -4276,20 +4364,20 @@ kernel

-Bind TCP sockets to the amavisd_send port. +Receive raw IP packets on the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_asterisk_port( +corenet_raw_send_all_if( @@ -4302,20 +4390,20 @@ kernel

-Bind TCP sockets to the asterisk port. +Send raw IP packets on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_auth_port( +corenet_raw_send_all_nodes( @@ -4328,20 +4416,20 @@ kernel

-Bind TCP sockets to the auth port. +Send raw IP packets on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_clamd_port( +corenet_raw_send_compat_ipv4_node( @@ -4354,20 +4442,20 @@ kernel

-Bind TCP sockets to the clamd port. +Send raw IP packets on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_clockspeed_port( +corenet_raw_send_generic_if( @@ -4380,20 +4468,20 @@ kernel

-Bind TCP sockets to the clockspeed port. +Send raw IP packets on generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_compat_ipv4_node( +corenet_raw_send_generic_node( @@ -4406,20 +4494,20 @@ kernel

-Bind TCP sockets to node compat_ipv4. +Send raw IP packets on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_cvs_port( +corenet_raw_send_inaddr_any_node( @@ -4432,20 +4520,20 @@ kernel

-Bind TCP sockets to the cvs port. +Send raw IP packets on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_dbskkd_port( +corenet_raw_send_link_local_node( @@ -4458,20 +4546,20 @@ kernel

-Bind TCP sockets to the dbskkd port. +Send raw IP packets on the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_dcc_port( +corenet_raw_send_lo_node( @@ -4484,20 +4572,20 @@ kernel

-Bind TCP sockets to the dcc port. +Send raw IP packets on the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_dhcpc_port( +corenet_raw_send_mapped_ipv4_node( @@ -4510,20 +4598,20 @@ kernel

-Bind TCP sockets to the dhcpc port. +Send raw IP packets on the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_dhcpd_port( +corenet_raw_send_multicast_node( @@ -4536,20 +4624,20 @@ kernel

-Bind TCP sockets to the dhcpd port. +Send raw IP packets on the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_dict_port( +corenet_raw_send_site_local_node( @@ -4562,20 +4650,20 @@ kernel

-Bind TCP sockets to the dict port. +Send raw IP packets on the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_dns_port( +corenet_raw_send_unspec_node( @@ -4588,20 +4676,20 @@ kernel

-Bind TCP sockets to the dns port. +Send raw IP packets on the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_fingerd_port( +corenet_raw_sendrecv_all_if( @@ -4614,20 +4702,20 @@ kernel

-Bind TCP sockets to the fingerd port. +Send and receive raw IP packets on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ftp_data_port( +corenet_raw_sendrecv_all_nodes( @@ -4640,20 +4728,20 @@ kernel

-Bind TCP sockets to the ftp_data port. +Send and receive raw IP packets on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ftp_port( +corenet_raw_sendrecv_compat_ipv4_node( @@ -4666,20 +4754,20 @@ kernel

-Bind TCP sockets to the ftp port. +Send and receive raw IP packets on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_generic_node( +corenet_raw_sendrecv_generic_if( @@ -4692,20 +4780,20 @@ kernel

-Bind TCP sockets to generic nodes. +Send and receive raw IP packets on generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_generic_port( +corenet_raw_sendrecv_generic_node( @@ -4718,20 +4806,20 @@ kernel

-Bind TCP sockets to generic ports. +Send and receive raw IP packets on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_giftd_port( +corenet_raw_sendrecv_inaddr_any_node( @@ -4744,20 +4832,20 @@ kernel

-Bind TCP sockets to the giftd port. +Send and receive raw IP packets on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_gopher_port( +corenet_raw_sendrecv_link_local_node( @@ -4770,20 +4858,20 @@ kernel

-Bind TCP sockets to the gopher port. +Send and receive raw IP packets on the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_howl_port( +corenet_raw_sendrecv_lo_node( @@ -4796,20 +4884,20 @@ kernel

-Bind TCP sockets to the howl port. +Send and receive raw IP packets on the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_hplip_port( +corenet_raw_sendrecv_mapped_ipv4_node( @@ -4822,20 +4910,20 @@ kernel

-Bind TCP sockets to the hplip port. +Send and receive raw IP packets on the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_http_cache_port( +corenet_raw_sendrecv_multicast_node( @@ -4848,20 +4936,20 @@ kernel

-Bind TCP sockets to the http_cache port. +Send and receive raw IP packets on the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_http_port( +corenet_raw_sendrecv_site_local_node( @@ -4874,20 +4962,20 @@ kernel

-Bind TCP sockets to the http port. +Send and receive raw IP packets on the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_imaze_port( +corenet_raw_sendrecv_unspec_node( @@ -4900,20 +4988,20 @@ kernel

-Bind TCP sockets to the imaze port. +Send and receive raw IP packets on the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_inaddr_any_node( +corenet_tcp_bind_afs_bos_port( @@ -4926,20 +5014,20 @@ kernel

-Bind TCP sockets to node inaddr_any. +Bind TCP sockets to the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_inetd_child_port( +corenet_tcp_bind_afs_fs_port( @@ -4952,20 +5040,20 @@ kernel

-Bind TCP sockets to the inetd_child port. +Bind TCP sockets to the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_innd_port( +corenet_tcp_bind_afs_ka_port( @@ -4978,20 +5066,20 @@ kernel

-Bind TCP sockets to the innd port. +Bind TCP sockets to the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ipp_port( +corenet_tcp_bind_afs_pt_port( @@ -5004,20 +5092,20 @@ kernel

-Bind TCP sockets to the ipp port. +Bind TCP sockets to the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ircd_port( +corenet_tcp_bind_afs_vl_port( @@ -5030,20 +5118,20 @@ kernel

-Bind TCP sockets to the ircd port. +Bind TCP sockets to the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_isakmp_port( +corenet_tcp_bind_all_nodes( @@ -5056,20 +5144,20 @@ kernel

-Bind TCP sockets to the isakmp port. +Bind TCP sockets to all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_jabber_client_port( +corenet_tcp_bind_all_ports( @@ -5082,20 +5170,20 @@ kernel

-Bind TCP sockets to the jabber_client port. +Bind TCP sockets to all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_jabber_interserver_port( +corenet_tcp_bind_all_reserved_ports( @@ -5108,20 +5196,20 @@ kernel

-Bind TCP sockets to the jabber_interserver port. +Bind TCP sockets to all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_kerberos_admin_port( +corenet_tcp_bind_amanda_port( @@ -5134,20 +5222,20 @@ kernel

-Bind TCP sockets to the kerberos_admin port. +Bind TCP sockets to the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_kerberos_master_port( +corenet_tcp_bind_amavisd_recv_port( @@ -5160,20 +5248,20 @@ kernel

-Bind TCP sockets to the kerberos_master port. +Bind TCP sockets to the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_kerberos_port( +corenet_tcp_bind_amavisd_send_port( @@ -5186,20 +5274,20 @@ kernel

-Bind TCP sockets to the kerberos port. +Bind TCP sockets to the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ktalkd_port( +corenet_tcp_bind_asterisk_port( @@ -5212,20 +5300,20 @@ kernel

-Bind TCP sockets to the ktalkd port. +Bind TCP sockets to the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ldap_port( +corenet_tcp_bind_auth_port( @@ -5238,20 +5326,20 @@ kernel

-Bind TCP sockets to the ldap port. +Bind TCP sockets to the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_link_local_node( +corenet_tcp_bind_clamd_port( @@ -5264,20 +5352,20 @@ kernel

-Bind TCP sockets to node link_local. +Bind TCP sockets to the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_lo_node( +corenet_tcp_bind_clockspeed_port( @@ -5290,20 +5378,20 @@ kernel

-Bind TCP sockets to node lo. +Bind TCP sockets to the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_mail_port( +corenet_tcp_bind_compat_ipv4_node( @@ -5316,20 +5404,20 @@ kernel

-Bind TCP sockets to the mail port. +Bind TCP sockets to node compat_ipv4.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_mapped_ipv4_node( +corenet_tcp_bind_cvs_port( @@ -5342,20 +5430,20 @@ kernel

-Bind TCP sockets to node mapped_ipv4. +Bind TCP sockets to the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_monopd_port( +corenet_tcp_bind_dbskkd_port( @@ -5368,20 +5456,20 @@ kernel

-Bind TCP sockets to the monopd port. +Bind TCP sockets to the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_multicast_node( +corenet_tcp_bind_dcc_port( @@ -5394,20 +5482,20 @@ kernel

-Bind TCP sockets to node multicast. +Bind TCP sockets to the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_mysqld_port( +corenet_tcp_bind_dhcpc_port( @@ -5420,20 +5508,20 @@ kernel

-Bind TCP sockets to the mysqld port. +Bind TCP sockets to the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_nessus_port( +corenet_tcp_bind_dhcpd_port( @@ -5446,20 +5534,20 @@ kernel

-Bind TCP sockets to the nessus port. +Bind TCP sockets to the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_nmbd_port( +corenet_tcp_bind_dict_port( @@ -5472,20 +5560,20 @@ kernel

-Bind TCP sockets to the nmbd port. +Bind TCP sockets to the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ntp_port( +corenet_tcp_bind_dns_port( @@ -5498,20 +5586,20 @@ kernel

-Bind TCP sockets to the ntp port. +Bind TCP sockets to the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_openvpn_port( +corenet_tcp_bind_fingerd_port( @@ -5524,20 +5612,20 @@ kernel

-Bind TCP sockets to the openvpn port. +Bind TCP sockets to the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_pop_port( +corenet_tcp_bind_ftp_data_port( @@ -5550,20 +5638,20 @@ kernel

-Bind TCP sockets to the pop port. +Bind TCP sockets to the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_portmap_port( +corenet_tcp_bind_ftp_port( @@ -5576,20 +5664,20 @@ kernel

-Bind TCP sockets to the portmap port. +Bind TCP sockets to the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_postgresql_port( +corenet_tcp_bind_generic_node( @@ -5602,20 +5690,20 @@ kernel

-Bind TCP sockets to the postgresql port. +Bind TCP sockets to generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_postgrey_port( +corenet_tcp_bind_generic_port( @@ -5628,20 +5716,20 @@ kernel

-Bind TCP sockets to the postgrey port. +Bind TCP sockets to generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_printer_port( +corenet_tcp_bind_giftd_port( @@ -5654,20 +5742,20 @@ kernel

-Bind TCP sockets to the printer port. +Bind TCP sockets to the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ptal_port( +corenet_tcp_bind_gopher_port( @@ -5680,20 +5768,20 @@ kernel

-Bind TCP sockets to the ptal port. +Bind TCP sockets to the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_pxe_port( +corenet_tcp_bind_howl_port( @@ -5706,20 +5794,20 @@ kernel

-Bind TCP sockets to the pxe port. +Bind TCP sockets to the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_pyzor_port( +corenet_tcp_bind_hplip_port( @@ -5732,20 +5820,20 @@ kernel

-Bind TCP sockets to the pyzor port. +Bind TCP sockets to the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_radacct_port( +corenet_tcp_bind_http_cache_port( @@ -5758,20 +5846,20 @@ kernel

-Bind TCP sockets to the radacct port. +Bind TCP sockets to the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_radius_port( +corenet_tcp_bind_http_port( @@ -5784,20 +5872,20 @@ kernel

-Bind TCP sockets to the radius port. +Bind TCP sockets to the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_razor_port( +corenet_tcp_bind_imaze_port( @@ -5810,20 +5898,20 @@ kernel

-Bind TCP sockets to the razor port. +Bind TCP sockets to the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_reserved_port( +corenet_tcp_bind_inaddr_any_node( @@ -5836,20 +5924,20 @@ kernel

-Bind TCP sockets to generic reserved ports. +Bind TCP sockets to node inaddr_any.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_rndc_port( +corenet_tcp_bind_inetd_child_port( @@ -5862,20 +5950,20 @@ kernel

-Bind TCP sockets to the rndc port. +Bind TCP sockets to the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_rsh_port( +corenet_tcp_bind_innd_port( @@ -5888,20 +5976,20 @@ kernel

-Bind TCP sockets to the rsh port. +Bind TCP sockets to the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_rsync_port( +corenet_tcp_bind_ipp_port( @@ -5914,20 +6002,20 @@ kernel

-Bind TCP sockets to the rsync port. +Bind TCP sockets to the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_site_local_node( +corenet_tcp_bind_ircd_port( @@ -5940,20 +6028,20 @@ kernel

-Bind TCP sockets to node site_local. +Bind TCP sockets to the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_smbd_port( +corenet_tcp_bind_isakmp_port( @@ -5966,20 +6054,20 @@ kernel

-Bind TCP sockets to the smbd port. +Bind TCP sockets to the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_smtp_port( +corenet_tcp_bind_jabber_client_port( @@ -5992,20 +6080,20 @@ kernel

-Bind TCP sockets to the smtp port. +Bind TCP sockets to the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_snmp_port( +corenet_tcp_bind_jabber_interserver_port( @@ -6018,20 +6106,20 @@ kernel

-Bind TCP sockets to the snmp port. +Bind TCP sockets to the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_soundd_port( +corenet_tcp_bind_kerberos_admin_port( @@ -6044,20 +6132,20 @@ kernel

-Bind TCP sockets to the soundd port. +Bind TCP sockets to the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_spamd_port( +corenet_tcp_bind_kerberos_master_port( @@ -6070,20 +6158,20 @@ kernel

-Bind TCP sockets to the spamd port. +Bind TCP sockets to the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_ssh_port( +corenet_tcp_bind_kerberos_port( @@ -6096,20 +6184,20 @@ kernel

-Bind TCP sockets to the ssh port. +Bind TCP sockets to the kerberos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_swat_port( +corenet_tcp_bind_ktalkd_port( @@ -6122,20 +6210,20 @@ kernel

-Bind TCP sockets to the swat port. +Bind TCP sockets to the ktalkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_syslogd_port( +corenet_tcp_bind_ldap_port( @@ -6148,20 +6236,20 @@ kernel

-Bind TCP sockets to the syslogd port. +Bind TCP sockets to the ldap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_telnetd_port( +corenet_tcp_bind_link_local_node( @@ -6174,20 +6262,20 @@ kernel

-Bind TCP sockets to the telnetd port. +Bind TCP sockets to node link_local.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_tftp_port( +corenet_tcp_bind_lo_node( @@ -6200,20 +6288,20 @@ kernel

-Bind TCP sockets to the tftp port. +Bind TCP sockets to node lo.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_transproxy_port( +corenet_tcp_bind_mail_port( @@ -6226,20 +6314,20 @@ kernel

-Bind TCP sockets to the transproxy port. +Bind TCP sockets to the mail port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_unspec_node( +corenet_tcp_bind_mapped_ipv4_node( @@ -6252,20 +6340,20 @@ kernel

-Bind TCP sockets to node unspec. +Bind TCP sockets to node mapped_ipv4.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_uucpd_port( +corenet_tcp_bind_monopd_port( @@ -6278,20 +6366,20 @@ kernel

-Bind TCP sockets to the uucpd port. +Bind TCP sockets to the monopd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_vnc_port( +corenet_tcp_bind_multicast_node( @@ -6304,20 +6392,20 @@ kernel

-Bind TCP sockets to the vnc port. +Bind TCP sockets to node multicast.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_xserver_port( +corenet_tcp_bind_mysqld_port( @@ -6330,20 +6418,20 @@ kernel

-Bind TCP sockets to the xserver port. +Bind TCP sockets to the mysqld port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_zebra_port( +corenet_tcp_bind_nessus_port( @@ -6356,20 +6444,20 @@ kernel

-Bind TCP sockets to the zebra port. +Bind TCP sockets to the nessus port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_bind_zope_port( +corenet_tcp_bind_nmbd_port( @@ -6382,20 +6470,20 @@ kernel

-Bind TCP sockets to the zope port. +Bind TCP sockets to the nmbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_afs_bos_port( +corenet_tcp_bind_ntp_port( @@ -6408,20 +6496,20 @@ kernel

-Make a TCP connection to the afs_bos port. +Bind TCP sockets to the ntp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_afs_fs_port( +corenet_tcp_bind_openvpn_port( @@ -6434,20 +6522,20 @@ kernel

-Make a TCP connection to the afs_fs port. +Bind TCP sockets to the openvpn port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_afs_ka_port( +corenet_tcp_bind_pegasus_http_port( @@ -6460,20 +6548,20 @@ kernel

-Make a TCP connection to the afs_ka port. +Bind TCP sockets to the pegasus_http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_afs_pt_port( +corenet_tcp_bind_pegasus_https_port( @@ -6486,20 +6574,20 @@ kernel

-Make a TCP connection to the afs_pt port. +Bind TCP sockets to the pegasus_https port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_afs_vl_port( +corenet_tcp_bind_pop_port( @@ -6512,20 +6600,20 @@ kernel

-Make a TCP connection to the afs_vl port. +Bind TCP sockets to the pop port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_all_ports( +corenet_tcp_bind_portmap_port( @@ -6538,20 +6626,20 @@ kernel

-Connect TCP sockets to all ports. +Bind TCP sockets to the portmap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_amanda_port( +corenet_tcp_bind_postgresql_port( @@ -6564,20 +6652,20 @@ kernel

-Make a TCP connection to the amanda port. +Bind TCP sockets to the postgresql port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_amavisd_recv_port( +corenet_tcp_bind_postgrey_port( @@ -6590,20 +6678,20 @@ kernel

-Make a TCP connection to the amavisd_recv port. +Bind TCP sockets to the postgrey port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_amavisd_send_port( +corenet_tcp_bind_printer_port( @@ -6616,20 +6704,20 @@ kernel

-Make a TCP connection to the amavisd_send port. +Bind TCP sockets to the printer port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_asterisk_port( +corenet_tcp_bind_ptal_port( @@ -6642,20 +6730,20 @@ kernel

-Make a TCP connection to the asterisk port. +Bind TCP sockets to the ptal port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_auth_port( +corenet_tcp_bind_pxe_port( @@ -6668,20 +6756,20 @@ kernel

-Make a TCP connection to the auth port. +Bind TCP sockets to the pxe port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_clamd_port( +corenet_tcp_bind_pyzor_port( @@ -6694,20 +6782,20 @@ kernel

-Make a TCP connection to the clamd port. +Bind TCP sockets to the pyzor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_clockspeed_port( +corenet_tcp_bind_radacct_port( @@ -6720,20 +6808,20 @@ kernel

-Make a TCP connection to the clockspeed port. +Bind TCP sockets to the radacct port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_cvs_port( +corenet_tcp_bind_radius_port( @@ -6746,20 +6834,20 @@ kernel

-Make a TCP connection to the cvs port. +Bind TCP sockets to the radius port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_dbskkd_port( +corenet_tcp_bind_razor_port( @@ -6772,20 +6860,20 @@ kernel

-Make a TCP connection to the dbskkd port. +Bind TCP sockets to the razor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_dcc_port( +corenet_tcp_bind_reserved_port( @@ -6798,20 +6886,20 @@ kernel

-Make a TCP connection to the dcc port. +Bind TCP sockets to generic reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_dhcpc_port( +corenet_tcp_bind_rndc_port( @@ -6824,20 +6912,20 @@ kernel

-Make a TCP connection to the dhcpc port. +Bind TCP sockets to the rndc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_dhcpd_port( +corenet_tcp_bind_rsh_port( @@ -6850,20 +6938,20 @@ kernel

-Make a TCP connection to the dhcpd port. +Bind TCP sockets to the rsh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_dict_port( +corenet_tcp_bind_rsync_port( @@ -6876,20 +6964,20 @@ kernel

-Make a TCP connection to the dict port. +Bind TCP sockets to the rsync port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_dns_port( +corenet_tcp_bind_site_local_node( @@ -6902,20 +6990,20 @@ kernel

-Make a TCP connection to the dns port. +Bind TCP sockets to node site_local.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_fingerd_port( +corenet_tcp_bind_smbd_port( @@ -6928,20 +7016,20 @@ kernel

-Make a TCP connection to the fingerd port. +Bind TCP sockets to the smbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ftp_data_port( +corenet_tcp_bind_smtp_port( @@ -6954,20 +7042,20 @@ kernel

-Make a TCP connection to the ftp_data port. +Bind TCP sockets to the smtp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ftp_port( +corenet_tcp_bind_snmp_port( @@ -6980,20 +7068,20 @@ kernel

-Make a TCP connection to the ftp port. +Bind TCP sockets to the snmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_generic_port( +corenet_tcp_bind_soundd_port( @@ -7006,20 +7094,20 @@ kernel

-Connect TCP sockets to generic ports. +Bind TCP sockets to the soundd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_giftd_port( +corenet_tcp_bind_spamd_port( @@ -7032,20 +7120,20 @@ kernel

-Make a TCP connection to the giftd port. +Bind TCP sockets to the spamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_gopher_port( +corenet_tcp_bind_ssh_port( @@ -7058,20 +7146,20 @@ kernel

-Make a TCP connection to the gopher port. +Bind TCP sockets to the ssh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_howl_port( +corenet_tcp_bind_swat_port( @@ -7084,20 +7172,20 @@ kernel

-Make a TCP connection to the howl port. +Bind TCP sockets to the swat port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_hplip_port( +corenet_tcp_bind_syslogd_port( @@ -7110,20 +7198,20 @@ kernel

-Make a TCP connection to the hplip port. +Bind TCP sockets to the syslogd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_http_cache_port( +corenet_tcp_bind_telnetd_port( @@ -7136,20 +7224,20 @@ kernel

-Make a TCP connection to the http_cache port. +Bind TCP sockets to the telnetd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_http_port( +corenet_tcp_bind_tftp_port( @@ -7162,20 +7250,20 @@ kernel

-Make a TCP connection to the http port. +Bind TCP sockets to the tftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_imaze_port( +corenet_tcp_bind_transproxy_port( @@ -7188,20 +7276,20 @@ kernel

-Make a TCP connection to the imaze port. +Bind TCP sockets to the transproxy port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_inetd_child_port( +corenet_tcp_bind_unspec_node( @@ -7214,20 +7302,20 @@ kernel

-Make a TCP connection to the inetd_child port. +Bind TCP sockets to node unspec.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_innd_port( +corenet_tcp_bind_uucpd_port( @@ -7240,20 +7328,20 @@ kernel

-Make a TCP connection to the innd port. +Bind TCP sockets to the uucpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ipp_port( +corenet_tcp_bind_vnc_port( @@ -7266,20 +7354,20 @@ kernel

-Make a TCP connection to the ipp port. +Bind TCP sockets to the vnc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ircd_port( +corenet_tcp_bind_xserver_port( @@ -7292,20 +7380,20 @@ kernel

-Make a TCP connection to the ircd port. +Bind TCP sockets to the xserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_isakmp_port( +corenet_tcp_bind_zebra_port( @@ -7318,20 +7406,20 @@ kernel

-Make a TCP connection to the isakmp port. +Bind TCP sockets to the zebra port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_jabber_client_port( +corenet_tcp_bind_zope_port( @@ -7344,20 +7432,20 @@ kernel

-Make a TCP connection to the jabber_client port. +Bind TCP sockets to the zope port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_jabber_interserver_port( +corenet_tcp_connect_afs_bos_port( @@ -7370,20 +7458,20 @@ kernel

-Make a TCP connection to the jabber_interserver port. +Make a TCP connection to the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_kerberos_admin_port( +corenet_tcp_connect_afs_fs_port( @@ -7396,20 +7484,20 @@ kernel

-Make a TCP connection to the kerberos_admin port. +Make a TCP connection to the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_kerberos_master_port( +corenet_tcp_connect_afs_ka_port( @@ -7422,20 +7510,20 @@ kernel

-Make a TCP connection to the kerberos_master port. +Make a TCP connection to the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_kerberos_port( +corenet_tcp_connect_afs_pt_port( @@ -7448,20 +7536,20 @@ kernel

-Make a TCP connection to the kerberos port. +Make a TCP connection to the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ktalkd_port( +corenet_tcp_connect_afs_vl_port( @@ -7474,20 +7562,20 @@ kernel

-Make a TCP connection to the ktalkd port. +Make a TCP connection to the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ldap_port( +corenet_tcp_connect_all_ports( @@ -7500,20 +7588,20 @@ kernel

-Make a TCP connection to the ldap port. +Connect TCP sockets to all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_mail_port( +corenet_tcp_connect_all_reserved_ports( @@ -7526,20 +7614,20 @@ kernel

-Make a TCP connection to the mail port. +Connect TCP sockets to reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_monopd_port( +corenet_tcp_connect_amanda_port( @@ -7552,20 +7640,20 @@ kernel

-Make a TCP connection to the monopd port. +Make a TCP connection to the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_mysqld_port( +corenet_tcp_connect_amavisd_recv_port( @@ -7578,20 +7666,20 @@ kernel

-Make a TCP connection to the mysqld port. +Make a TCP connection to the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_nessus_port( +corenet_tcp_connect_amavisd_send_port( @@ -7604,20 +7692,20 @@ kernel

-Make a TCP connection to the nessus port. +Make a TCP connection to the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_nmbd_port( +corenet_tcp_connect_asterisk_port( @@ -7630,20 +7718,20 @@ kernel

-Make a TCP connection to the nmbd port. +Make a TCP connection to the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ntp_port( +corenet_tcp_connect_auth_port( @@ -7656,20 +7744,20 @@ kernel

-Make a TCP connection to the ntp port. +Make a TCP connection to the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_openvpn_port( +corenet_tcp_connect_clamd_port( @@ -7682,20 +7770,20 @@ kernel

-Make a TCP connection to the openvpn port. +Make a TCP connection to the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_pop_port( +corenet_tcp_connect_clockspeed_port( @@ -7708,20 +7796,20 @@ kernel

-Make a TCP connection to the pop port. +Make a TCP connection to the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_portmap_port( +corenet_tcp_connect_cvs_port( @@ -7734,20 +7822,20 @@ kernel

-Make a TCP connection to the portmap port. +Make a TCP connection to the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_postgresql_port( +corenet_tcp_connect_dbskkd_port( @@ -7760,20 +7848,20 @@ kernel

-Make a TCP connection to the postgresql port. +Make a TCP connection to the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_postgrey_port( +corenet_tcp_connect_dcc_port( @@ -7786,20 +7874,20 @@ kernel

-Make a TCP connection to the postgrey port. +Make a TCP connection to the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_printer_port( +corenet_tcp_connect_dhcpc_port( @@ -7812,20 +7900,20 @@ kernel

-Make a TCP connection to the printer port. +Make a TCP connection to the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ptal_port( +corenet_tcp_connect_dhcpd_port( @@ -7838,20 +7926,20 @@ kernel

-Make a TCP connection to the ptal port. +Make a TCP connection to the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_pxe_port( +corenet_tcp_connect_dict_port( @@ -7864,20 +7952,20 @@ kernel

-Make a TCP connection to the pxe port. +Make a TCP connection to the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_pyzor_port( +corenet_tcp_connect_dns_port( @@ -7890,20 +7978,20 @@ kernel

-Make a TCP connection to the pyzor port. +Make a TCP connection to the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_radacct_port( +corenet_tcp_connect_fingerd_port( @@ -7916,20 +8004,20 @@ kernel

-Make a TCP connection to the radacct port. +Make a TCP connection to the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_radius_port( +corenet_tcp_connect_ftp_data_port( @@ -7942,20 +8030,20 @@ kernel

-Make a TCP connection to the radius port. +Make a TCP connection to the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_razor_port( +corenet_tcp_connect_ftp_port( @@ -7968,20 +8056,20 @@ kernel

-Make a TCP connection to the razor port. +Make a TCP connection to the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_reserved_port( +corenet_tcp_connect_generic_port( @@ -7994,20 +8082,20 @@ kernel

-Connect TCP sockets to generic reserved ports. +Connect TCP sockets to generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_rndc_port( +corenet_tcp_connect_giftd_port( @@ -8020,20 +8108,20 @@ kernel

-Make a TCP connection to the rndc port. +Make a TCP connection to the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_rsh_port( +corenet_tcp_connect_gopher_port( @@ -8046,20 +8134,20 @@ kernel

-Make a TCP connection to the rsh port. +Make a TCP connection to the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_rsync_port( +corenet_tcp_connect_howl_port( @@ -8072,20 +8160,20 @@ kernel

-Make a TCP connection to the rsync port. +Make a TCP connection to the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_smbd_port( +corenet_tcp_connect_hplip_port( @@ -8098,20 +8186,20 @@ kernel

-Make a TCP connection to the smbd port. +Make a TCP connection to the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_smtp_port( +corenet_tcp_connect_http_cache_port( @@ -8124,20 +8212,20 @@ kernel

-Make a TCP connection to the smtp port. +Make a TCP connection to the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_snmp_port( +corenet_tcp_connect_http_port( @@ -8150,20 +8238,20 @@ kernel

-Make a TCP connection to the snmp port. +Make a TCP connection to the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_soundd_port( +corenet_tcp_connect_imaze_port( @@ -8176,20 +8264,20 @@ kernel

-Make a TCP connection to the soundd port. +Make a TCP connection to the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_spamd_port( +corenet_tcp_connect_inetd_child_port( @@ -8202,20 +8290,20 @@ kernel

-Make a TCP connection to the spamd port. +Make a TCP connection to the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_ssh_port( +corenet_tcp_connect_innd_port( @@ -8228,20 +8316,20 @@ kernel

-Make a TCP connection to the ssh port. +Make a TCP connection to the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_swat_port( +corenet_tcp_connect_ipp_port( @@ -8254,20 +8342,20 @@ kernel

-Make a TCP connection to the swat port. +Make a TCP connection to the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_syslogd_port( +corenet_tcp_connect_ircd_port( @@ -8280,20 +8368,20 @@ kernel

-Make a TCP connection to the syslogd port. +Make a TCP connection to the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_telnetd_port( +corenet_tcp_connect_isakmp_port( @@ -8306,20 +8394,20 @@ kernel

-Make a TCP connection to the telnetd port. +Make a TCP connection to the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_tftp_port( +corenet_tcp_connect_jabber_client_port( @@ -8332,20 +8420,20 @@ kernel

-Make a TCP connection to the tftp port. +Make a TCP connection to the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_transproxy_port( +corenet_tcp_connect_jabber_interserver_port( @@ -8358,20 +8446,20 @@ kernel

-Make a TCP connection to the transproxy port. +Make a TCP connection to the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_uucpd_port( +corenet_tcp_connect_kerberos_admin_port( @@ -8384,20 +8472,20 @@ kernel

-Make a TCP connection to the uucpd port. +Make a TCP connection to the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_vnc_port( +corenet_tcp_connect_kerberos_master_port( @@ -8410,20 +8498,20 @@ kernel

-Make a TCP connection to the vnc port. +Make a TCP connection to the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_xserver_port( +corenet_tcp_connect_kerberos_port( @@ -8436,20 +8524,20 @@ kernel

-Make a TCP connection to the xserver port. +Make a TCP connection to the kerberos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_zebra_port( +corenet_tcp_connect_ktalkd_port( @@ -8462,20 +8550,20 @@ kernel

-Make a TCP connection to the zebra port. +Make a TCP connection to the ktalkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_connect_zope_port( +corenet_tcp_connect_ldap_port( @@ -8488,20 +8576,20 @@ kernel

-Make a TCP connection to the zope port. +Make a TCP connection to the ldap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_afs_bos_port( +corenet_tcp_connect_mail_port( @@ -8514,20 +8602,20 @@ kernel

-Send and receive TCP traffic on the afs_bos port. +Make a TCP connection to the mail port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_afs_fs_port( +corenet_tcp_connect_monopd_port( @@ -8540,20 +8628,20 @@ kernel

-Send and receive TCP traffic on the afs_fs port. +Make a TCP connection to the monopd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_afs_ka_port( +corenet_tcp_connect_mysqld_port( @@ -8566,20 +8654,20 @@ kernel

-Send and receive TCP traffic on the afs_ka port. +Make a TCP connection to the mysqld port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_afs_pt_port( +corenet_tcp_connect_nessus_port( @@ -8592,20 +8680,20 @@ kernel

-Send and receive TCP traffic on the afs_pt port. +Make a TCP connection to the nessus port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_afs_vl_port( +corenet_tcp_connect_nmbd_port( @@ -8618,20 +8706,20 @@ kernel

-Send and receive TCP traffic on the afs_vl port. +Make a TCP connection to the nmbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_all_if( +corenet_tcp_connect_ntp_port( @@ -8644,20 +8732,20 @@ kernel

-Send and receive TCP network traffic on all interfaces. +Make a TCP connection to the ntp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_all_nodes( +corenet_tcp_connect_openvpn_port( @@ -8670,20 +8758,20 @@ kernel

-Send and receive TCP network traffic on all nodes. +Make a TCP connection to the openvpn port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_all_ports( +corenet_tcp_connect_pegasus_http_port( @@ -8696,20 +8784,20 @@ kernel

-Send and receive TCP network traffic on all ports. +Make a TCP connection to the pegasus_http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_all_reserved_ports( +corenet_tcp_connect_pegasus_https_port( @@ -8722,20 +8810,20 @@ kernel

-Send and receive TCP network traffic on all reserved ports. +Make a TCP connection to the pegasus_https port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_amanda_port( +corenet_tcp_connect_pop_port( @@ -8748,20 +8836,20 @@ kernel

-Send and receive TCP traffic on the amanda port. +Make a TCP connection to the pop port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_amavisd_recv_port( +corenet_tcp_connect_portmap_port( @@ -8774,20 +8862,20 @@ kernel

-Send and receive TCP traffic on the amavisd_recv port. +Make a TCP connection to the portmap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_amavisd_send_port( +corenet_tcp_connect_postgresql_port( @@ -8800,20 +8888,20 @@ kernel

-Send and receive TCP traffic on the amavisd_send port. +Make a TCP connection to the postgresql port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_asterisk_port( +corenet_tcp_connect_postgrey_port( @@ -8826,20 +8914,20 @@ kernel

-Send and receive TCP traffic on the asterisk port. +Make a TCP connection to the postgrey port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_auth_port( +corenet_tcp_connect_printer_port( @@ -8852,20 +8940,20 @@ kernel

-Send and receive TCP traffic on the auth port. +Make a TCP connection to the printer port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_clamd_port( +corenet_tcp_connect_ptal_port( @@ -8878,20 +8966,20 @@ kernel

-Send and receive TCP traffic on the clamd port. +Make a TCP connection to the ptal port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_clockspeed_port( +corenet_tcp_connect_pxe_port( @@ -8904,20 +8992,20 @@ kernel

-Send and receive TCP traffic on the clockspeed port. +Make a TCP connection to the pxe port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_compat_ipv4_node( +corenet_tcp_connect_pyzor_port( @@ -8930,20 +9018,20 @@ kernel

-Send and receive TCP traffic on the compat_ipv4 node. +Make a TCP connection to the pyzor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_cvs_port( +corenet_tcp_connect_radacct_port( @@ -8956,20 +9044,20 @@ kernel

-Send and receive TCP traffic on the cvs port. +Make a TCP connection to the radacct port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_dbskkd_port( +corenet_tcp_connect_radius_port( @@ -8982,20 +9070,20 @@ kernel

-Send and receive TCP traffic on the dbskkd port. +Make a TCP connection to the radius port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_dcc_port( +corenet_tcp_connect_razor_port( @@ -9008,20 +9096,20 @@ kernel

-Send and receive TCP traffic on the dcc port. +Make a TCP connection to the razor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_dhcpc_port( +corenet_tcp_connect_reserved_port( @@ -9034,20 +9122,20 @@ kernel

-Send and receive TCP traffic on the dhcpc port. +Connect TCP sockets to generic reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_dhcpd_port( +corenet_tcp_connect_rndc_port( @@ -9060,20 +9148,20 @@ kernel

-Send and receive TCP traffic on the dhcpd port. +Make a TCP connection to the rndc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_dict_port( +corenet_tcp_connect_rsh_port( @@ -9086,20 +9174,20 @@ kernel

-Send and receive TCP traffic on the dict port. +Make a TCP connection to the rsh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_dns_port( +corenet_tcp_connect_rsync_port( @@ -9112,20 +9200,20 @@ kernel

-Send and receive TCP traffic on the dns port. +Make a TCP connection to the rsync port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_fingerd_port( +corenet_tcp_connect_smbd_port( @@ -9138,20 +9226,20 @@ kernel

-Send and receive TCP traffic on the fingerd port. +Make a TCP connection to the smbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ftp_data_port( +corenet_tcp_connect_smtp_port( @@ -9164,20 +9252,20 @@ kernel

-Send and receive TCP traffic on the ftp_data port. +Make a TCP connection to the smtp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ftp_port( +corenet_tcp_connect_snmp_port( @@ -9190,20 +9278,20 @@ kernel

-Send and receive TCP traffic on the ftp port. +Make a TCP connection to the snmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_generic_if( +corenet_tcp_connect_soundd_port( @@ -9216,20 +9304,20 @@ kernel

-Send and receive TCP network traffic on the generic interfaces. +Make a TCP connection to the soundd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_generic_node( +corenet_tcp_connect_spamd_port( @@ -9242,20 +9330,20 @@ kernel

-Send and receive TCP network traffic on generic nodes. +Make a TCP connection to the spamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_generic_port( +corenet_tcp_connect_ssh_port( @@ -9268,20 +9356,20 @@ kernel

-Send and receive TCP network traffic on generic ports. +Make a TCP connection to the ssh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_giftd_port( +corenet_tcp_connect_swat_port( @@ -9294,20 +9382,20 @@ kernel

-Send and receive TCP traffic on the giftd port. +Make a TCP connection to the swat port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_gopher_port( +corenet_tcp_connect_syslogd_port( @@ -9320,20 +9408,20 @@ kernel

-Send and receive TCP traffic on the gopher port. +Make a TCP connection to the syslogd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_howl_port( +corenet_tcp_connect_telnetd_port( @@ -9346,20 +9434,20 @@ kernel

-Send and receive TCP traffic on the howl port. +Make a TCP connection to the telnetd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_hplip_port( +corenet_tcp_connect_tftp_port( @@ -9372,20 +9460,20 @@ kernel

-Send and receive TCP traffic on the hplip port. +Make a TCP connection to the tftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_http_cache_port( +corenet_tcp_connect_transproxy_port( @@ -9398,20 +9486,20 @@ kernel

-Send and receive TCP traffic on the http_cache port. +Make a TCP connection to the transproxy port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_http_port( +corenet_tcp_connect_uucpd_port( @@ -9424,20 +9512,20 @@ kernel

-Send and receive TCP traffic on the http port. +Make a TCP connection to the uucpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_imaze_port( +corenet_tcp_connect_vnc_port( @@ -9450,20 +9538,20 @@ kernel

-Send and receive TCP traffic on the imaze port. +Make a TCP connection to the vnc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_inaddr_any_node( +corenet_tcp_connect_xserver_port( @@ -9476,20 +9564,20 @@ kernel

-Send and receive TCP traffic on the inaddr_any node. +Make a TCP connection to the xserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_inetd_child_port( +corenet_tcp_connect_zebra_port( @@ -9502,20 +9590,20 @@ kernel

-Send and receive TCP traffic on the inetd_child port. +Make a TCP connection to the zebra port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_innd_port( +corenet_tcp_connect_zope_port( @@ -9528,20 +9616,20 @@ kernel

-Send and receive TCP traffic on the innd port. +Make a TCP connection to the zope port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ipp_port( +corenet_tcp_sendrecv_afs_bos_port( @@ -9554,20 +9642,20 @@ kernel

-Send and receive TCP traffic on the ipp port. +Send and receive TCP traffic on the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ircd_port( +corenet_tcp_sendrecv_afs_fs_port( @@ -9580,20 +9668,20 @@ kernel

-Send and receive TCP traffic on the ircd port. +Send and receive TCP traffic on the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_isakmp_port( +corenet_tcp_sendrecv_afs_ka_port( @@ -9606,20 +9694,20 @@ kernel

-Send and receive TCP traffic on the isakmp port. +Send and receive TCP traffic on the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_jabber_client_port( +corenet_tcp_sendrecv_afs_pt_port( @@ -9632,20 +9720,20 @@ kernel

-Send and receive TCP traffic on the jabber_client port. +Send and receive TCP traffic on the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_jabber_interserver_port( +corenet_tcp_sendrecv_afs_vl_port( @@ -9658,20 +9746,20 @@ kernel

-Send and receive TCP traffic on the jabber_interserver port. +Send and receive TCP traffic on the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_kerberos_admin_port( +corenet_tcp_sendrecv_all_if( @@ -9684,20 +9772,20 @@ kernel

-Send and receive TCP traffic on the kerberos_admin port. +Send and receive TCP network traffic on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_kerberos_master_port( +corenet_tcp_sendrecv_all_nodes( @@ -9710,20 +9798,20 @@ kernel

-Send and receive TCP traffic on the kerberos_master port. +Send and receive TCP network traffic on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_kerberos_port( +corenet_tcp_sendrecv_all_ports( @@ -9736,20 +9824,20 @@ kernel

-Send and receive TCP traffic on the kerberos port. +Send and receive TCP network traffic on all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ktalkd_port( +corenet_tcp_sendrecv_all_reserved_ports( @@ -9762,20 +9850,20 @@ kernel

-Send and receive TCP traffic on the ktalkd port. +Send and receive TCP network traffic on all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ldap_port( +corenet_tcp_sendrecv_amanda_port( @@ -9788,20 +9876,20 @@ kernel

-Send and receive TCP traffic on the ldap port. +Send and receive TCP traffic on the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_link_local_node( +corenet_tcp_sendrecv_amavisd_recv_port( @@ -9814,20 +9902,20 @@ kernel

-Send and receive TCP traffic on the link_local node. +Send and receive TCP traffic on the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_lo_node( +corenet_tcp_sendrecv_amavisd_send_port( @@ -9840,20 +9928,20 @@ kernel

-Send and receive TCP traffic on the lo node. +Send and receive TCP traffic on the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_mail_port( +corenet_tcp_sendrecv_asterisk_port( @@ -9866,20 +9954,20 @@ kernel

-Send and receive TCP traffic on the mail port. +Send and receive TCP traffic on the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_mapped_ipv4_node( +corenet_tcp_sendrecv_auth_port( @@ -9892,20 +9980,20 @@ kernel

-Send and receive TCP traffic on the mapped_ipv4 node. +Send and receive TCP traffic on the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_monopd_port( +corenet_tcp_sendrecv_clamd_port( @@ -9918,20 +10006,20 @@ kernel

-Send and receive TCP traffic on the monopd port. +Send and receive TCP traffic on the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_multicast_node( +corenet_tcp_sendrecv_clockspeed_port( @@ -9944,20 +10032,20 @@ kernel

-Send and receive TCP traffic on the multicast node. +Send and receive TCP traffic on the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_mysqld_port( +corenet_tcp_sendrecv_compat_ipv4_node( @@ -9970,20 +10058,20 @@ kernel

-Send and receive TCP traffic on the mysqld port. +Send and receive TCP traffic on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_nessus_port( +corenet_tcp_sendrecv_cvs_port( @@ -9996,20 +10084,20 @@ kernel

-Send and receive TCP traffic on the nessus port. +Send and receive TCP traffic on the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_nmbd_port( +corenet_tcp_sendrecv_dbskkd_port( @@ -10022,20 +10110,20 @@ kernel

-Send and receive TCP traffic on the nmbd port. +Send and receive TCP traffic on the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ntp_port( +corenet_tcp_sendrecv_dcc_port( @@ -10048,20 +10136,20 @@ kernel

-Send and receive TCP traffic on the ntp port. +Send and receive TCP traffic on the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_openvpn_port( +corenet_tcp_sendrecv_dhcpc_port( @@ -10074,20 +10162,20 @@ kernel

-Send and receive TCP traffic on the openvpn port. +Send and receive TCP traffic on the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_pop_port( +corenet_tcp_sendrecv_dhcpd_port( @@ -10100,20 +10188,20 @@ kernel

-Send and receive TCP traffic on the pop port. +Send and receive TCP traffic on the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_portmap_port( +corenet_tcp_sendrecv_dict_port( @@ -10126,20 +10214,20 @@ kernel

-Send and receive TCP traffic on the portmap port. +Send and receive TCP traffic on the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_postgresql_port( +corenet_tcp_sendrecv_dns_port( @@ -10152,20 +10240,20 @@ kernel

-Send and receive TCP traffic on the postgresql port. +Send and receive TCP traffic on the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_postgrey_port( +corenet_tcp_sendrecv_fingerd_port( @@ -10178,20 +10266,20 @@ kernel

-Send and receive TCP traffic on the postgrey port. +Send and receive TCP traffic on the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_printer_port( +corenet_tcp_sendrecv_ftp_data_port( @@ -10204,20 +10292,20 @@ kernel

-Send and receive TCP traffic on the printer port. +Send and receive TCP traffic on the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ptal_port( +corenet_tcp_sendrecv_ftp_port( @@ -10230,20 +10318,20 @@ kernel

-Send and receive TCP traffic on the ptal port. +Send and receive TCP traffic on the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_pxe_port( +corenet_tcp_sendrecv_generic_if( @@ -10256,20 +10344,20 @@ kernel

-Send and receive TCP traffic on the pxe port. +Send and receive TCP network traffic on the generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_pyzor_port( +corenet_tcp_sendrecv_generic_node( @@ -10282,20 +10370,20 @@ kernel

-Send and receive TCP traffic on the pyzor port. +Send and receive TCP network traffic on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_radacct_port( +corenet_tcp_sendrecv_generic_port( @@ -10308,20 +10396,20 @@ kernel

-Send and receive TCP traffic on the radacct port. +Send and receive TCP network traffic on generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_radius_port( +corenet_tcp_sendrecv_giftd_port( @@ -10334,20 +10422,20 @@ kernel

-Send and receive TCP traffic on the radius port. +Send and receive TCP traffic on the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_razor_port( +corenet_tcp_sendrecv_gopher_port( @@ -10360,20 +10448,20 @@ kernel

-Send and receive TCP traffic on the razor port. +Send and receive TCP traffic on the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_reserved_port( +corenet_tcp_sendrecv_howl_port( @@ -10386,20 +10474,20 @@ kernel

-Send and receive TCP network traffic on generic reserved ports. +Send and receive TCP traffic on the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_rndc_port( +corenet_tcp_sendrecv_hplip_port( @@ -10412,20 +10500,20 @@ kernel

-Send and receive TCP traffic on the rndc port. +Send and receive TCP traffic on the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_rsh_port( +corenet_tcp_sendrecv_http_cache_port( @@ -10438,20 +10526,20 @@ kernel

-Send and receive TCP traffic on the rsh port. +Send and receive TCP traffic on the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_rsync_port( +corenet_tcp_sendrecv_http_port( @@ -10464,20 +10552,20 @@ kernel

-Send and receive TCP traffic on the rsync port. +Send and receive TCP traffic on the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_site_local_node( +corenet_tcp_sendrecv_imaze_port( @@ -10490,20 +10578,20 @@ kernel

-Send and receive TCP traffic on the site_local node. +Send and receive TCP traffic on the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_smbd_port( +corenet_tcp_sendrecv_inaddr_any_node( @@ -10516,20 +10604,20 @@ kernel

-Send and receive TCP traffic on the smbd port. +Send and receive TCP traffic on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_smtp_port( +corenet_tcp_sendrecv_inetd_child_port( @@ -10542,20 +10630,20 @@ kernel

-Send and receive TCP traffic on the smtp port. +Send and receive TCP traffic on the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_snmp_port( +corenet_tcp_sendrecv_innd_port( @@ -10568,20 +10656,20 @@ kernel

-Send and receive TCP traffic on the snmp port. +Send and receive TCP traffic on the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_soundd_port( +corenet_tcp_sendrecv_ipp_port( @@ -10594,20 +10682,20 @@ kernel

-Send and receive TCP traffic on the soundd port. +Send and receive TCP traffic on the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_spamd_port( +corenet_tcp_sendrecv_ircd_port( @@ -10620,20 +10708,20 @@ kernel

-Send and receive TCP traffic on the spamd port. +Send and receive TCP traffic on the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_ssh_port( +corenet_tcp_sendrecv_isakmp_port( @@ -10646,20 +10734,20 @@ kernel

-Send and receive TCP traffic on the ssh port. +Send and receive TCP traffic on the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_swat_port( +corenet_tcp_sendrecv_jabber_client_port( @@ -10672,20 +10760,20 @@ kernel

-Send and receive TCP traffic on the swat port. +Send and receive TCP traffic on the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_syslogd_port( +corenet_tcp_sendrecv_jabber_interserver_port( @@ -10698,20 +10786,20 @@ kernel

-Send and receive TCP traffic on the syslogd port. +Send and receive TCP traffic on the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_telnetd_port( +corenet_tcp_sendrecv_kerberos_admin_port( @@ -10724,20 +10812,20 @@ kernel

-Send and receive TCP traffic on the telnetd port. +Send and receive TCP traffic on the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_tftp_port( +corenet_tcp_sendrecv_kerberos_master_port( @@ -10750,20 +10838,20 @@ kernel

-Send and receive TCP traffic on the tftp port. +Send and receive TCP traffic on the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_transproxy_port( +corenet_tcp_sendrecv_kerberos_port( @@ -10776,20 +10864,20 @@ kernel

-Send and receive TCP traffic on the transproxy port. +Send and receive TCP traffic on the kerberos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_unspec_node( +corenet_tcp_sendrecv_ktalkd_port( @@ -10802,20 +10890,20 @@ kernel

-Send and receive TCP traffic on the unspec node. +Send and receive TCP traffic on the ktalkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_uucpd_port( +corenet_tcp_sendrecv_ldap_port( @@ -10828,20 +10916,20 @@ kernel

-Send and receive TCP traffic on the uucpd port. +Send and receive TCP traffic on the ldap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_vnc_port( +corenet_tcp_sendrecv_link_local_node( @@ -10854,20 +10942,20 @@ kernel

-Send and receive TCP traffic on the vnc port. +Send and receive TCP traffic on the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_xserver_port( +corenet_tcp_sendrecv_lo_node( @@ -10880,20 +10968,20 @@ kernel

-Send and receive TCP traffic on the xserver port. +Send and receive TCP traffic on the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_zebra_port( +corenet_tcp_sendrecv_mail_port( @@ -10906,20 +10994,20 @@ kernel

-Send and receive TCP traffic on the zebra port. +Send and receive TCP traffic on the mail port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_tcp_sendrecv_zope_port( +corenet_tcp_sendrecv_mapped_ipv4_node( @@ -10932,20 +11020,20 @@ kernel

-Send and receive TCP traffic on the zope port. +Send and receive TCP traffic on the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_afs_bos_port( +corenet_tcp_sendrecv_monopd_port( @@ -10958,20 +11046,20 @@ kernel

-Bind UDP sockets to the afs_bos port. +Send and receive TCP traffic on the monopd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_afs_fs_port( +corenet_tcp_sendrecv_multicast_node( @@ -10984,20 +11072,20 @@ kernel

-Bind UDP sockets to the afs_fs port. +Send and receive TCP traffic on the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_afs_ka_port( +corenet_tcp_sendrecv_mysqld_port( @@ -11010,20 +11098,20 @@ kernel

-Bind UDP sockets to the afs_ka port. +Send and receive TCP traffic on the mysqld port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_afs_pt_port( +corenet_tcp_sendrecv_nessus_port( @@ -11036,20 +11124,20 @@ kernel

-Bind UDP sockets to the afs_pt port. +Send and receive TCP traffic on the nessus port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_afs_vl_port( +corenet_tcp_sendrecv_nmbd_port( @@ -11062,20 +11150,20 @@ kernel

-Bind UDP sockets to the afs_vl port. +Send and receive TCP traffic on the nmbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_all_nodes( +corenet_tcp_sendrecv_ntp_port( @@ -11088,20 +11176,20 @@ kernel

-Bind UDP sockets to all nodes. +Send and receive TCP traffic on the ntp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_all_ports( +corenet_tcp_sendrecv_openvpn_port( @@ -11114,20 +11202,20 @@ kernel

-Bind UDP sockets to all ports. +Send and receive TCP traffic on the openvpn port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_all_reserved_ports( +corenet_tcp_sendrecv_pegasus_http_port( @@ -11140,20 +11228,20 @@ kernel

-Bind UDP sockets to all reserved ports. +Send and receive TCP traffic on the pegasus_http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_amanda_port( +corenet_tcp_sendrecv_pegasus_https_port( @@ -11166,20 +11254,20 @@ kernel

-Bind UDP sockets to the amanda port. +Send and receive TCP traffic on the pegasus_https port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_amavisd_recv_port( +corenet_tcp_sendrecv_pop_port( @@ -11192,20 +11280,20 @@ kernel

-Bind UDP sockets to the amavisd_recv port. +Send and receive TCP traffic on the pop port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_amavisd_send_port( +corenet_tcp_sendrecv_portmap_port( @@ -11218,20 +11306,20 @@ kernel

-Bind UDP sockets to the amavisd_send port. +Send and receive TCP traffic on the portmap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_asterisk_port( +corenet_tcp_sendrecv_postgresql_port( @@ -11244,20 +11332,20 @@ kernel

-Bind UDP sockets to the asterisk port. +Send and receive TCP traffic on the postgresql port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_auth_port( +corenet_tcp_sendrecv_postgrey_port( @@ -11270,20 +11358,20 @@ kernel

-Bind UDP sockets to the auth port. +Send and receive TCP traffic on the postgrey port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_clamd_port( +corenet_tcp_sendrecv_printer_port( @@ -11296,20 +11384,20 @@ kernel

-Bind UDP sockets to the clamd port. +Send and receive TCP traffic on the printer port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_clockspeed_port( +corenet_tcp_sendrecv_ptal_port( @@ -11322,20 +11410,20 @@ kernel

-Bind UDP sockets to the clockspeed port. +Send and receive TCP traffic on the ptal port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_compat_ipv4_node( +corenet_tcp_sendrecv_pxe_port( @@ -11348,20 +11436,20 @@ kernel

-Bind UDP sockets to the compat_ipv4 node. +Send and receive TCP traffic on the pxe port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_cvs_port( +corenet_tcp_sendrecv_pyzor_port( @@ -11374,20 +11462,20 @@ kernel

-Bind UDP sockets to the cvs port. +Send and receive TCP traffic on the pyzor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_dbskkd_port( +corenet_tcp_sendrecv_radacct_port( @@ -11400,20 +11488,20 @@ kernel

-Bind UDP sockets to the dbskkd port. +Send and receive TCP traffic on the radacct port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_dcc_port( +corenet_tcp_sendrecv_radius_port( @@ -11426,20 +11514,20 @@ kernel

-Bind UDP sockets to the dcc port. +Send and receive TCP traffic on the radius port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_dhcpc_port( +corenet_tcp_sendrecv_razor_port( @@ -11452,20 +11540,20 @@ kernel

-Bind UDP sockets to the dhcpc port. +Send and receive TCP traffic on the razor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_dhcpd_port( +corenet_tcp_sendrecv_reserved_port( @@ -11478,20 +11566,20 @@ kernel

-Bind UDP sockets to the dhcpd port. +Send and receive TCP network traffic on generic reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_dict_port( +corenet_tcp_sendrecv_rndc_port( @@ -11504,20 +11592,20 @@ kernel

-Bind UDP sockets to the dict port. +Send and receive TCP traffic on the rndc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_dns_port( +corenet_tcp_sendrecv_rsh_port( @@ -11530,20 +11618,20 @@ kernel

-Bind UDP sockets to the dns port. +Send and receive TCP traffic on the rsh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_fingerd_port( +corenet_tcp_sendrecv_rsync_port( @@ -11556,20 +11644,20 @@ kernel

-Bind UDP sockets to the fingerd port. +Send and receive TCP traffic on the rsync port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ftp_data_port( +corenet_tcp_sendrecv_site_local_node( @@ -11582,20 +11670,20 @@ kernel

-Bind UDP sockets to the ftp_data port. +Send and receive TCP traffic on the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ftp_port( +corenet_tcp_sendrecv_smbd_port( @@ -11608,20 +11696,20 @@ kernel

-Bind UDP sockets to the ftp port. +Send and receive TCP traffic on the smbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_generic_node( +corenet_tcp_sendrecv_smtp_port( @@ -11634,20 +11722,20 @@ kernel

-Bind UDP sockets to generic nodes. +Send and receive TCP traffic on the smtp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_generic_port( +corenet_tcp_sendrecv_snmp_port( @@ -11660,20 +11748,20 @@ kernel

-Bind UDP sockets to generic ports. +Send and receive TCP traffic on the snmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_giftd_port( +corenet_tcp_sendrecv_soundd_port( @@ -11686,20 +11774,20 @@ kernel

-Bind UDP sockets to the giftd port. +Send and receive TCP traffic on the soundd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_gopher_port( +corenet_tcp_sendrecv_spamd_port( @@ -11712,20 +11800,20 @@ kernel

-Bind UDP sockets to the gopher port. +Send and receive TCP traffic on the spamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_howl_port( +corenet_tcp_sendrecv_ssh_port( @@ -11738,20 +11826,20 @@ kernel

-Bind UDP sockets to the howl port. +Send and receive TCP traffic on the ssh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_hplip_port( +corenet_tcp_sendrecv_swat_port( @@ -11764,20 +11852,20 @@ kernel

-Bind UDP sockets to the hplip port. +Send and receive TCP traffic on the swat port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_http_cache_port( +corenet_tcp_sendrecv_syslogd_port( @@ -11790,20 +11878,20 @@ kernel

-Bind UDP sockets to the http_cache port. +Send and receive TCP traffic on the syslogd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_http_port( +corenet_tcp_sendrecv_telnetd_port( @@ -11816,20 +11904,20 @@ kernel

-Bind UDP sockets to the http port. +Send and receive TCP traffic on the telnetd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_imaze_port( +corenet_tcp_sendrecv_tftp_port( @@ -11842,20 +11930,20 @@ kernel

-Bind UDP sockets to the imaze port. +Send and receive TCP traffic on the tftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_inaddr_any_node( +corenet_tcp_sendrecv_transproxy_port( @@ -11868,20 +11956,20 @@ kernel

-Bind UDP sockets to the inaddr_any node. +Send and receive TCP traffic on the transproxy port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_inetd_child_port( +corenet_tcp_sendrecv_unspec_node( @@ -11894,20 +11982,20 @@ kernel

-Bind UDP sockets to the inetd_child port. +Send and receive TCP traffic on the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_innd_port( +corenet_tcp_sendrecv_uucpd_port( @@ -11920,20 +12008,20 @@ kernel

-Bind UDP sockets to the innd port. +Send and receive TCP traffic on the uucpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ipp_port( +corenet_tcp_sendrecv_vnc_port( @@ -11946,20 +12034,20 @@ kernel

-Bind UDP sockets to the ipp port. +Send and receive TCP traffic on the vnc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ircd_port( +corenet_tcp_sendrecv_xserver_port( @@ -11972,20 +12060,20 @@ kernel

-Bind UDP sockets to the ircd port. +Send and receive TCP traffic on the xserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_isakmp_port( +corenet_tcp_sendrecv_zebra_port( @@ -11998,20 +12086,20 @@ kernel

-Bind UDP sockets to the isakmp port. +Send and receive TCP traffic on the zebra port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_jabber_client_port( +corenet_tcp_sendrecv_zope_port( @@ -12024,20 +12112,20 @@ kernel

-Bind UDP sockets to the jabber_client port. +Send and receive TCP traffic on the zope port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_jabber_interserver_port( +corenet_udp_bind_afs_bos_port( @@ -12050,20 +12138,20 @@ kernel

-Bind UDP sockets to the jabber_interserver port. +Bind UDP sockets to the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_kerberos_admin_port( +corenet_udp_bind_afs_fs_port( @@ -12076,20 +12164,20 @@ kernel

-Bind UDP sockets to the kerberos_admin port. +Bind UDP sockets to the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_kerberos_master_port( +corenet_udp_bind_afs_ka_port( @@ -12102,20 +12190,20 @@ kernel

-Bind UDP sockets to the kerberos_master port. +Bind UDP sockets to the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_kerberos_port( +corenet_udp_bind_afs_pt_port( @@ -12128,20 +12216,20 @@ kernel

-Bind UDP sockets to the kerberos port. +Bind UDP sockets to the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ktalkd_port( +corenet_udp_bind_afs_vl_port( @@ -12154,20 +12242,20 @@ kernel

-Bind UDP sockets to the ktalkd port. +Bind UDP sockets to the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ldap_port( +corenet_udp_bind_all_nodes( @@ -12180,20 +12268,20 @@ kernel

-Bind UDP sockets to the ldap port. +Bind UDP sockets to all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_link_local_node( +corenet_udp_bind_all_ports( @@ -12206,20 +12294,20 @@ kernel

-Bind UDP sockets to the link_local node. +Bind UDP sockets to all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_lo_node( +corenet_udp_bind_all_reserved_ports( @@ -12232,20 +12320,20 @@ kernel

-Bind UDP sockets to the lo node. +Bind UDP sockets to all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_mail_port( +corenet_udp_bind_amanda_port( @@ -12258,20 +12346,20 @@ kernel

-Bind UDP sockets to the mail port. +Bind UDP sockets to the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_mapped_ipv4_node( +corenet_udp_bind_amavisd_recv_port( @@ -12284,20 +12372,20 @@ kernel

-Bind UDP sockets to the mapped_ipv4 node. +Bind UDP sockets to the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_monopd_port( +corenet_udp_bind_amavisd_send_port( @@ -12310,20 +12398,20 @@ kernel

-Bind UDP sockets to the monopd port. +Bind UDP sockets to the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_multicast_node( +corenet_udp_bind_asterisk_port( @@ -12336,20 +12424,20 @@ kernel

-Bind UDP sockets to the multicast node. +Bind UDP sockets to the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_mysqld_port( +corenet_udp_bind_auth_port( @@ -12362,20 +12450,20 @@ kernel

-Bind UDP sockets to the mysqld port. +Bind UDP sockets to the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_nessus_port( +corenet_udp_bind_clamd_port( @@ -12388,20 +12476,20 @@ kernel

-Bind UDP sockets to the nessus port. +Bind UDP sockets to the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_nmbd_port( +corenet_udp_bind_clockspeed_port( @@ -12414,20 +12502,20 @@ kernel

-Bind UDP sockets to the nmbd port. +Bind UDP sockets to the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ntp_port( +corenet_udp_bind_compat_ipv4_node( @@ -12440,20 +12528,20 @@ kernel

-Bind UDP sockets to the ntp port. +Bind UDP sockets to the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_openvpn_port( +corenet_udp_bind_cvs_port( @@ -12466,20 +12554,20 @@ kernel

-Bind UDP sockets to the openvpn port. +Bind UDP sockets to the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_pop_port( +corenet_udp_bind_dbskkd_port( @@ -12492,20 +12580,20 @@ kernel

-Bind UDP sockets to the pop port. +Bind UDP sockets to the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_portmap_port( +corenet_udp_bind_dcc_port( @@ -12518,20 +12606,20 @@ kernel

-Bind UDP sockets to the portmap port. +Bind UDP sockets to the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_postgresql_port( +corenet_udp_bind_dhcpc_port( @@ -12544,20 +12632,20 @@ kernel

-Bind UDP sockets to the postgresql port. +Bind UDP sockets to the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_postgrey_port( +corenet_udp_bind_dhcpd_port( @@ -12570,20 +12658,20 @@ kernel

-Bind UDP sockets to the postgrey port. +Bind UDP sockets to the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_printer_port( +corenet_udp_bind_dict_port( @@ -12596,20 +12684,20 @@ kernel

-Bind UDP sockets to the printer port. +Bind UDP sockets to the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ptal_port( +corenet_udp_bind_dns_port( @@ -12622,20 +12710,20 @@ kernel

-Bind UDP sockets to the ptal port. +Bind UDP sockets to the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_pxe_port( +corenet_udp_bind_fingerd_port( @@ -12648,20 +12736,20 @@ kernel

-Bind UDP sockets to the pxe port. +Bind UDP sockets to the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_pyzor_port( +corenet_udp_bind_ftp_data_port( @@ -12674,20 +12762,20 @@ kernel

-Bind UDP sockets to the pyzor port. +Bind UDP sockets to the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_radacct_port( +corenet_udp_bind_ftp_port( @@ -12700,20 +12788,20 @@ kernel

-Bind UDP sockets to the radacct port. +Bind UDP sockets to the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_radius_port( +corenet_udp_bind_generic_node( @@ -12726,20 +12814,20 @@ kernel

-Bind UDP sockets to the radius port. +Bind UDP sockets to generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_razor_port( +corenet_udp_bind_generic_port( @@ -12752,20 +12840,20 @@ kernel

-Bind UDP sockets to the razor port. +Bind UDP sockets to generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_reserved_port( +corenet_udp_bind_giftd_port( @@ -12778,20 +12866,20 @@ kernel

-Bind UDP sockets to generic reserved ports. +Bind UDP sockets to the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_rndc_port( +corenet_udp_bind_gopher_port( @@ -12804,20 +12892,20 @@ kernel

-Bind UDP sockets to the rndc port. +Bind UDP sockets to the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_rsh_port( +corenet_udp_bind_howl_port( @@ -12830,20 +12918,20 @@ kernel

-Bind UDP sockets to the rsh port. +Bind UDP sockets to the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_rsync_port( +corenet_udp_bind_hplip_port( @@ -12856,20 +12944,20 @@ kernel

-Bind UDP sockets to the rsync port. +Bind UDP sockets to the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_site_local_node( +corenet_udp_bind_http_cache_port( @@ -12882,20 +12970,20 @@ kernel

-Bind UDP sockets to the site_local node. +Bind UDP sockets to the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_smbd_port( +corenet_udp_bind_http_port( @@ -12908,20 +12996,20 @@ kernel

-Bind UDP sockets to the smbd port. +Bind UDP sockets to the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_smtp_port( +corenet_udp_bind_imaze_port( @@ -12934,20 +13022,20 @@ kernel

-Bind UDP sockets to the smtp port. +Bind UDP sockets to the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_snmp_port( +corenet_udp_bind_inaddr_any_node( @@ -12960,20 +13048,20 @@ kernel

-Bind UDP sockets to the snmp port. +Bind UDP sockets to the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_soundd_port( +corenet_udp_bind_inetd_child_port( @@ -12986,20 +13074,20 @@ kernel

-Bind UDP sockets to the soundd port. +Bind UDP sockets to the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_spamd_port( +corenet_udp_bind_innd_port( @@ -13012,20 +13100,20 @@ kernel

-Bind UDP sockets to the spamd port. +Bind UDP sockets to the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_ssh_port( +corenet_udp_bind_ipp_port( @@ -13038,20 +13126,20 @@ kernel

-Bind UDP sockets to the ssh port. +Bind UDP sockets to the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_swat_port( +corenet_udp_bind_ircd_port( @@ -13064,20 +13152,20 @@ kernel

-Bind UDP sockets to the swat port. +Bind UDP sockets to the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_syslogd_port( +corenet_udp_bind_isakmp_port( @@ -13090,20 +13178,20 @@ kernel

-Bind UDP sockets to the syslogd port. +Bind UDP sockets to the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_telnetd_port( +corenet_udp_bind_jabber_client_port( @@ -13116,20 +13204,20 @@ kernel

-Bind UDP sockets to the telnetd port. +Bind UDP sockets to the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_tftp_port( +corenet_udp_bind_jabber_interserver_port( @@ -13142,20 +13230,20 @@ kernel

-Bind UDP sockets to the tftp port. +Bind UDP sockets to the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_transproxy_port( +corenet_udp_bind_kerberos_admin_port( @@ -13168,20 +13256,20 @@ kernel

-Bind UDP sockets to the transproxy port. +Bind UDP sockets to the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_unspec_node( +corenet_udp_bind_kerberos_master_port( @@ -13194,20 +13282,20 @@ kernel

-Bind UDP sockets to the unspec node. +Bind UDP sockets to the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_uucpd_port( +corenet_udp_bind_kerberos_port( @@ -13220,20 +13308,20 @@ kernel

-Bind UDP sockets to the uucpd port. +Bind UDP sockets to the kerberos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_vnc_port( +corenet_udp_bind_ktalkd_port( @@ -13246,20 +13334,20 @@ kernel

-Bind UDP sockets to the vnc port. +Bind UDP sockets to the ktalkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_xserver_port( +corenet_udp_bind_ldap_port( @@ -13272,20 +13360,20 @@ kernel

-Bind UDP sockets to the xserver port. +Bind UDP sockets to the ldap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_zebra_port( +corenet_udp_bind_link_local_node( @@ -13298,20 +13386,20 @@ kernel

-Bind UDP sockets to the zebra port. +Bind UDP sockets to the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_bind_zope_port( +corenet_udp_bind_lo_node( @@ -13324,20 +13412,20 @@ kernel

-Bind UDP sockets to the zope port. +Bind UDP sockets to the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_afs_bos_port( +corenet_udp_bind_mail_port( @@ -13350,20 +13438,20 @@ kernel

-Receive UDP traffic on the afs_bos port. +Bind UDP sockets to the mail port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_afs_fs_port( +corenet_udp_bind_mapped_ipv4_node( @@ -13376,20 +13464,20 @@ kernel

-Receive UDP traffic on the afs_fs port. +Bind UDP sockets to the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_afs_ka_port( +corenet_udp_bind_monopd_port( @@ -13402,20 +13490,20 @@ kernel

-Receive UDP traffic on the afs_ka port. +Bind UDP sockets to the monopd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_afs_pt_port( +corenet_udp_bind_multicast_node( @@ -13428,20 +13516,20 @@ kernel

-Receive UDP traffic on the afs_pt port. +Bind UDP sockets to the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_afs_vl_port( +corenet_udp_bind_mysqld_port( @@ -13454,20 +13542,20 @@ kernel

-Receive UDP traffic on the afs_vl port. +Bind UDP sockets to the mysqld port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_all_if( +corenet_udp_bind_nessus_port( @@ -13480,20 +13568,20 @@ kernel

-Receive UDP network traffic on all interfaces. +Bind UDP sockets to the nessus port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_all_nodes( +corenet_udp_bind_nmbd_port( @@ -13506,20 +13594,20 @@ kernel

-Receive UDP network traffic on all nodes. +Bind UDP sockets to the nmbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_all_ports( +corenet_udp_bind_ntp_port( @@ -13532,20 +13620,20 @@ kernel

-Receive UDP network traffic on all ports. +Bind UDP sockets to the ntp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_all_reserved_ports( +corenet_udp_bind_openvpn_port( @@ -13558,20 +13646,20 @@ kernel

-Receive UDP network traffic on all reserved ports. +Bind UDP sockets to the openvpn port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_amanda_port( +corenet_udp_bind_pegasus_http_port( @@ -13584,20 +13672,20 @@ kernel

-Receive UDP traffic on the amanda port. +Bind UDP sockets to the pegasus_http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_amavisd_recv_port( +corenet_udp_bind_pegasus_https_port( @@ -13610,20 +13698,20 @@ kernel

-Receive UDP traffic on the amavisd_recv port. +Bind UDP sockets to the pegasus_https port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_amavisd_send_port( +corenet_udp_bind_pop_port( @@ -13636,20 +13724,20 @@ kernel

-Receive UDP traffic on the amavisd_send port. +Bind UDP sockets to the pop port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_asterisk_port( +corenet_udp_bind_portmap_port( @@ -13662,20 +13750,20 @@ kernel

-Receive UDP traffic on the asterisk port. +Bind UDP sockets to the portmap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_auth_port( +corenet_udp_bind_postgresql_port( @@ -13688,20 +13776,20 @@ kernel

-Receive UDP traffic on the auth port. +Bind UDP sockets to the postgresql port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_clamd_port( +corenet_udp_bind_postgrey_port( @@ -13714,20 +13802,20 @@ kernel

-Receive UDP traffic on the clamd port. +Bind UDP sockets to the postgrey port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_clockspeed_port( +corenet_udp_bind_printer_port( @@ -13740,20 +13828,20 @@ kernel

-Receive UDP traffic on the clockspeed port. +Bind UDP sockets to the printer port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_compat_ipv4_node( +corenet_udp_bind_ptal_port( @@ -13766,20 +13854,20 @@ kernel

-Receive UDP traffic on the compat_ipv4 node. +Bind UDP sockets to the ptal port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_cvs_port( +corenet_udp_bind_pxe_port( @@ -13792,20 +13880,20 @@ kernel

-Receive UDP traffic on the cvs port. +Bind UDP sockets to the pxe port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_dbskkd_port( +corenet_udp_bind_pyzor_port( @@ -13818,20 +13906,20 @@ kernel

-Receive UDP traffic on the dbskkd port. +Bind UDP sockets to the pyzor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_dcc_port( +corenet_udp_bind_radacct_port( @@ -13844,20 +13932,20 @@ kernel

-Receive UDP traffic on the dcc port. +Bind UDP sockets to the radacct port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_dhcpc_port( +corenet_udp_bind_radius_port( @@ -13870,20 +13958,20 @@ kernel

-Receive UDP traffic on the dhcpc port. +Bind UDP sockets to the radius port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_dhcpd_port( +corenet_udp_bind_razor_port( @@ -13896,20 +13984,20 @@ kernel

-Receive UDP traffic on the dhcpd port. +Bind UDP sockets to the razor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_dict_port( +corenet_udp_bind_reserved_port( @@ -13922,20 +14010,20 @@ kernel

-Receive UDP traffic on the dict port. +Bind UDP sockets to generic reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_dns_port( +corenet_udp_bind_rndc_port( @@ -13948,20 +14036,20 @@ kernel

-Receive UDP traffic on the dns port. +Bind UDP sockets to the rndc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_fingerd_port( +corenet_udp_bind_rsh_port( @@ -13974,20 +14062,20 @@ kernel

-Receive UDP traffic on the fingerd port. +Bind UDP sockets to the rsh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ftp_data_port( +corenet_udp_bind_rsync_port( @@ -14000,20 +14088,20 @@ kernel

-Receive UDP traffic on the ftp_data port. +Bind UDP sockets to the rsync port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ftp_port( +corenet_udp_bind_site_local_node( @@ -14026,20 +14114,20 @@ kernel

-Receive UDP traffic on the ftp port. +Bind UDP sockets to the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_generic_if( +corenet_udp_bind_smbd_port( @@ -14052,20 +14140,20 @@ kernel

-Receive UDP network traffic on generic interfaces. +Bind UDP sockets to the smbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_generic_node( +corenet_udp_bind_smtp_port( @@ -14078,20 +14166,20 @@ kernel

-Receive UDP network traffic on generic nodes. +Bind UDP sockets to the smtp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_generic_port( +corenet_udp_bind_snmp_port( @@ -14104,20 +14192,20 @@ kernel

-Receive UDP network traffic on generic ports. +Bind UDP sockets to the snmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_giftd_port( +corenet_udp_bind_soundd_port( @@ -14130,20 +14218,20 @@ kernel

-Receive UDP traffic on the giftd port. +Bind UDP sockets to the soundd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_gopher_port( +corenet_udp_bind_spamd_port( @@ -14156,20 +14244,20 @@ kernel

-Receive UDP traffic on the gopher port. +Bind UDP sockets to the spamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_howl_port( +corenet_udp_bind_ssh_port( @@ -14182,20 +14270,20 @@ kernel

-Receive UDP traffic on the howl port. +Bind UDP sockets to the ssh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_hplip_port( +corenet_udp_bind_swat_port( @@ -14208,20 +14296,20 @@ kernel

-Receive UDP traffic on the hplip port. +Bind UDP sockets to the swat port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_http_cache_port( +corenet_udp_bind_syslogd_port( @@ -14234,20 +14322,20 @@ kernel

-Receive UDP traffic on the http_cache port. +Bind UDP sockets to the syslogd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_http_port( +corenet_udp_bind_telnetd_port( @@ -14260,20 +14348,20 @@ kernel

-Receive UDP traffic on the http port. +Bind UDP sockets to the telnetd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_imaze_port( +corenet_udp_bind_tftp_port( @@ -14286,20 +14374,20 @@ kernel

-Receive UDP traffic on the imaze port. +Bind UDP sockets to the tftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_inaddr_any_node( +corenet_udp_bind_transproxy_port( @@ -14312,20 +14400,20 @@ kernel

-Receive UDP traffic on the inaddr_any node. +Bind UDP sockets to the transproxy port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_inetd_child_port( +corenet_udp_bind_unspec_node( @@ -14338,20 +14426,20 @@ kernel

-Receive UDP traffic on the inetd_child port. +Bind UDP sockets to the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_innd_port( +corenet_udp_bind_uucpd_port( @@ -14364,20 +14452,20 @@ kernel

-Receive UDP traffic on the innd port. +Bind UDP sockets to the uucpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ipp_port( +corenet_udp_bind_vnc_port( @@ -14390,20 +14478,20 @@ kernel

-Receive UDP traffic on the ipp port. +Bind UDP sockets to the vnc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ircd_port( +corenet_udp_bind_xserver_port( @@ -14416,20 +14504,20 @@ kernel

-Receive UDP traffic on the ircd port. +Bind UDP sockets to the xserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_isakmp_port( +corenet_udp_bind_zebra_port( @@ -14442,20 +14530,20 @@ kernel

-Receive UDP traffic on the isakmp port. +Bind UDP sockets to the zebra port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_jabber_client_port( +corenet_udp_bind_zope_port( @@ -14468,20 +14556,20 @@ kernel

-Receive UDP traffic on the jabber_client port. +Bind UDP sockets to the zope port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_jabber_interserver_port( +corenet_udp_receive_afs_bos_port( @@ -14494,20 +14582,20 @@ kernel

-Receive UDP traffic on the jabber_interserver port. +Receive UDP traffic on the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_kerberos_admin_port( +corenet_udp_receive_afs_fs_port( @@ -14520,20 +14608,20 @@ kernel

-Receive UDP traffic on the kerberos_admin port. +Receive UDP traffic on the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_kerberos_master_port( +corenet_udp_receive_afs_ka_port( @@ -14546,20 +14634,20 @@ kernel

-Receive UDP traffic on the kerberos_master port. +Receive UDP traffic on the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_kerberos_port( +corenet_udp_receive_afs_pt_port( @@ -14572,20 +14660,20 @@ kernel

-Receive UDP traffic on the kerberos port. +Receive UDP traffic on the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ktalkd_port( +corenet_udp_receive_afs_vl_port( @@ -14598,20 +14686,20 @@ kernel

-Receive UDP traffic on the ktalkd port. +Receive UDP traffic on the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ldap_port( +corenet_udp_receive_all_if( @@ -14624,20 +14712,20 @@ kernel

-Receive UDP traffic on the ldap port. +Receive UDP network traffic on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_link_local_node( +corenet_udp_receive_all_nodes( @@ -14650,20 +14738,20 @@ kernel

-Receive UDP traffic on the link_local node. +Receive UDP network traffic on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_lo_node( +corenet_udp_receive_all_ports( @@ -14676,20 +14764,20 @@ kernel

-Receive UDP traffic on the lo node. +Receive UDP network traffic on all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_mail_port( +corenet_udp_receive_all_reserved_ports( @@ -14702,20 +14790,20 @@ kernel

-Receive UDP traffic on the mail port. +Receive UDP network traffic on all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_mapped_ipv4_node( +corenet_udp_receive_amanda_port( @@ -14728,20 +14816,20 @@ kernel

-Receive UDP traffic on the mapped_ipv4 node. +Receive UDP traffic on the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_monopd_port( +corenet_udp_receive_amavisd_recv_port( @@ -14754,20 +14842,20 @@ kernel

-Receive UDP traffic on the monopd port. +Receive UDP traffic on the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_multicast_node( +corenet_udp_receive_amavisd_send_port( @@ -14780,20 +14868,20 @@ kernel

-Receive UDP traffic on the multicast node. +Receive UDP traffic on the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_mysqld_port( +corenet_udp_receive_asterisk_port( @@ -14806,20 +14894,20 @@ kernel

-Receive UDP traffic on the mysqld port. +Receive UDP traffic on the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_nessus_port( +corenet_udp_receive_auth_port( @@ -14832,20 +14920,20 @@ kernel

-Receive UDP traffic on the nessus port. +Receive UDP traffic on the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_nmbd_port( +corenet_udp_receive_clamd_port( @@ -14858,20 +14946,20 @@ kernel

-Receive UDP traffic on the nmbd port. +Receive UDP traffic on the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ntp_port( +corenet_udp_receive_clockspeed_port( @@ -14884,20 +14972,20 @@ kernel

-Receive UDP traffic on the ntp port. +Receive UDP traffic on the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_openvpn_port( +corenet_udp_receive_compat_ipv4_node( @@ -14910,20 +14998,20 @@ kernel

-Receive UDP traffic on the openvpn port. +Receive UDP traffic on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_pop_port( +corenet_udp_receive_cvs_port( @@ -14936,20 +15024,20 @@ kernel

-Receive UDP traffic on the pop port. +Receive UDP traffic on the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_portmap_port( +corenet_udp_receive_dbskkd_port( @@ -14962,20 +15050,20 @@ kernel

-Receive UDP traffic on the portmap port. +Receive UDP traffic on the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_postgresql_port( +corenet_udp_receive_dcc_port( @@ -14988,20 +15076,20 @@ kernel

-Receive UDP traffic on the postgresql port. +Receive UDP traffic on the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_postgrey_port( +corenet_udp_receive_dhcpc_port( @@ -15014,20 +15102,20 @@ kernel

-Receive UDP traffic on the postgrey port. +Receive UDP traffic on the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_printer_port( +corenet_udp_receive_dhcpd_port( @@ -15040,20 +15128,20 @@ kernel

-Receive UDP traffic on the printer port. +Receive UDP traffic on the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ptal_port( +corenet_udp_receive_dict_port( @@ -15066,20 +15154,20 @@ kernel

-Receive UDP traffic on the ptal port. +Receive UDP traffic on the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_pxe_port( +corenet_udp_receive_dns_port( @@ -15092,20 +15180,20 @@ kernel

-Receive UDP traffic on the pxe port. +Receive UDP traffic on the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_pyzor_port( +corenet_udp_receive_fingerd_port( @@ -15118,20 +15206,20 @@ kernel

-Receive UDP traffic on the pyzor port. +Receive UDP traffic on the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_radacct_port( +corenet_udp_receive_ftp_data_port( @@ -15144,20 +15232,20 @@ kernel

-Receive UDP traffic on the radacct port. +Receive UDP traffic on the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_radius_port( +corenet_udp_receive_ftp_port( @@ -15170,20 +15258,20 @@ kernel

-Receive UDP traffic on the radius port. +Receive UDP traffic on the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_razor_port( +corenet_udp_receive_generic_if( @@ -15196,20 +15284,20 @@ kernel

-Receive UDP traffic on the razor port. +Receive UDP network traffic on generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_reserved_port( +corenet_udp_receive_generic_node( @@ -15222,20 +15310,20 @@ kernel

-Receive UDP network traffic on generic reserved ports. +Receive UDP network traffic on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_rndc_port( +corenet_udp_receive_generic_port( @@ -15248,20 +15336,20 @@ kernel

-Receive UDP traffic on the rndc port. +Receive UDP network traffic on generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_rsh_port( +corenet_udp_receive_giftd_port( @@ -15274,20 +15362,20 @@ kernel

-Receive UDP traffic on the rsh port. +Receive UDP traffic on the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_rsync_port( +corenet_udp_receive_gopher_port( @@ -15300,20 +15388,20 @@ kernel

-Receive UDP traffic on the rsync port. +Receive UDP traffic on the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_site_local_node( +corenet_udp_receive_howl_port( @@ -15326,20 +15414,20 @@ kernel

-Receive UDP traffic on the site_local node. +Receive UDP traffic on the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_smbd_port( +corenet_udp_receive_hplip_port( @@ -15352,20 +15440,20 @@ kernel

-Receive UDP traffic on the smbd port. +Receive UDP traffic on the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_smtp_port( +corenet_udp_receive_http_cache_port( @@ -15378,20 +15466,20 @@ kernel

-Receive UDP traffic on the smtp port. +Receive UDP traffic on the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_snmp_port( +corenet_udp_receive_http_port( @@ -15404,20 +15492,20 @@ kernel

-Receive UDP traffic on the snmp port. +Receive UDP traffic on the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_soundd_port( +corenet_udp_receive_imaze_port( @@ -15430,20 +15518,20 @@ kernel

-Receive UDP traffic on the soundd port. +Receive UDP traffic on the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_spamd_port( +corenet_udp_receive_inaddr_any_node( @@ -15456,20 +15544,20 @@ kernel

-Receive UDP traffic on the spamd port. +Receive UDP traffic on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_ssh_port( +corenet_udp_receive_inetd_child_port( @@ -15482,20 +15570,20 @@ kernel

-Receive UDP traffic on the ssh port. +Receive UDP traffic on the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_swat_port( +corenet_udp_receive_innd_port( @@ -15508,20 +15596,20 @@ kernel

-Receive UDP traffic on the swat port. +Receive UDP traffic on the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_syslogd_port( +corenet_udp_receive_ipp_port( @@ -15534,20 +15622,20 @@ kernel

-Receive UDP traffic on the syslogd port. +Receive UDP traffic on the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_telnetd_port( +corenet_udp_receive_ircd_port( @@ -15560,20 +15648,20 @@ kernel

-Receive UDP traffic on the telnetd port. +Receive UDP traffic on the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_tftp_port( +corenet_udp_receive_isakmp_port( @@ -15586,20 +15674,20 @@ kernel

-Receive UDP traffic on the tftp port. +Receive UDP traffic on the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_transproxy_port( +corenet_udp_receive_jabber_client_port( @@ -15612,20 +15700,20 @@ kernel

-Receive UDP traffic on the transproxy port. +Receive UDP traffic on the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_unspec_node( +corenet_udp_receive_jabber_interserver_port( @@ -15638,20 +15726,20 @@ kernel

-Receive UDP traffic on the unspec node. +Receive UDP traffic on the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_uucpd_port( +corenet_udp_receive_kerberos_admin_port( @@ -15664,20 +15752,20 @@ kernel

-Receive UDP traffic on the uucpd port. +Receive UDP traffic on the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_vnc_port( +corenet_udp_receive_kerberos_master_port( @@ -15690,20 +15778,20 @@ kernel

-Receive UDP traffic on the vnc port. +Receive UDP traffic on the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_xserver_port( +corenet_udp_receive_kerberos_port( @@ -15716,20 +15804,20 @@ kernel

-Receive UDP traffic on the xserver port. +Receive UDP traffic on the kerberos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_zebra_port( +corenet_udp_receive_ktalkd_port( @@ -15742,20 +15830,20 @@ kernel

-Receive UDP traffic on the zebra port. +Receive UDP traffic on the ktalkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_receive_zope_port( +corenet_udp_receive_ldap_port( @@ -15768,20 +15856,20 @@ kernel

-Receive UDP traffic on the zope port. +Receive UDP traffic on the ldap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_afs_bos_port( +corenet_udp_receive_link_local_node( @@ -15794,20 +15882,20 @@ kernel

-Send UDP traffic on the afs_bos port. +Receive UDP traffic on the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_afs_fs_port( +corenet_udp_receive_lo_node( @@ -15820,20 +15908,20 @@ kernel

-Send UDP traffic on the afs_fs port. +Receive UDP traffic on the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_afs_ka_port( +corenet_udp_receive_mail_port( @@ -15846,20 +15934,20 @@ kernel

-Send UDP traffic on the afs_ka port. +Receive UDP traffic on the mail port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_afs_pt_port( +corenet_udp_receive_mapped_ipv4_node( @@ -15872,20 +15960,20 @@ kernel

-Send UDP traffic on the afs_pt port. +Receive UDP traffic on the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_afs_vl_port( +corenet_udp_receive_monopd_port( @@ -15898,20 +15986,20 @@ kernel

-Send UDP traffic on the afs_vl port. +Receive UDP traffic on the monopd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_all_if( +corenet_udp_receive_multicast_node( @@ -15924,20 +16012,20 @@ kernel

-Send UDP network traffic on all interfaces. +Receive UDP traffic on the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_all_nodes( +corenet_udp_receive_mysqld_port( @@ -15950,20 +16038,20 @@ kernel

-Send UDP network traffic on all nodes. +Receive UDP traffic on the mysqld port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_all_ports( +corenet_udp_receive_nessus_port( @@ -15976,20 +16064,20 @@ kernel

-Send UDP network traffic on all ports. +Receive UDP traffic on the nessus port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_all_reserved_ports( +corenet_udp_receive_nmbd_port( @@ -16002,20 +16090,20 @@ kernel

-Send UDP network traffic on all reserved ports. +Receive UDP traffic on the nmbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_amanda_port( +corenet_udp_receive_ntp_port( @@ -16028,20 +16116,20 @@ kernel

-Send UDP traffic on the amanda port. +Receive UDP traffic on the ntp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_amavisd_recv_port( +corenet_udp_receive_openvpn_port( @@ -16054,20 +16142,20 @@ kernel

-Send UDP traffic on the amavisd_recv port. +Receive UDP traffic on the openvpn port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_amavisd_send_port( +corenet_udp_receive_pegasus_http_port( @@ -16080,20 +16168,20 @@ kernel

-Send UDP traffic on the amavisd_send port. +Receive UDP traffic on the pegasus_http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_asterisk_port( +corenet_udp_receive_pegasus_https_port( @@ -16106,20 +16194,20 @@ kernel

-Send UDP traffic on the asterisk port. +Receive UDP traffic on the pegasus_https port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_auth_port( +corenet_udp_receive_pop_port( @@ -16132,20 +16220,20 @@ kernel

-Send UDP traffic on the auth port. +Receive UDP traffic on the pop port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_clamd_port( +corenet_udp_receive_portmap_port( @@ -16158,20 +16246,20 @@ kernel

-Send UDP traffic on the clamd port. +Receive UDP traffic on the portmap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_clockspeed_port( +corenet_udp_receive_postgresql_port( @@ -16184,20 +16272,20 @@ kernel

-Send UDP traffic on the clockspeed port. +Receive UDP traffic on the postgresql port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_compat_ipv4_node( +corenet_udp_receive_postgrey_port( @@ -16210,20 +16298,20 @@ kernel

-Send UDP traffic on the compat_ipv4 node. +Receive UDP traffic on the postgrey port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_cvs_port( +corenet_udp_receive_printer_port( @@ -16236,20 +16324,20 @@ kernel

-Send UDP traffic on the cvs port. +Receive UDP traffic on the printer port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_dbskkd_port( +corenet_udp_receive_ptal_port( @@ -16262,20 +16350,20 @@ kernel

-Send UDP traffic on the dbskkd port. +Receive UDP traffic on the ptal port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_dcc_port( +corenet_udp_receive_pxe_port( @@ -16288,20 +16376,20 @@ kernel

-Send UDP traffic on the dcc port. +Receive UDP traffic on the pxe port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_dhcpc_port( +corenet_udp_receive_pyzor_port( @@ -16314,20 +16402,20 @@ kernel

-Send UDP traffic on the dhcpc port. +Receive UDP traffic on the pyzor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_dhcpd_port( +corenet_udp_receive_radacct_port( @@ -16340,20 +16428,20 @@ kernel

-Send UDP traffic on the dhcpd port. +Receive UDP traffic on the radacct port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_dict_port( +corenet_udp_receive_radius_port( @@ -16366,20 +16454,20 @@ kernel

-Send UDP traffic on the dict port. +Receive UDP traffic on the radius port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_dns_port( +corenet_udp_receive_razor_port( @@ -16392,20 +16480,20 @@ kernel

-Send UDP traffic on the dns port. +Receive UDP traffic on the razor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_fingerd_port( +corenet_udp_receive_reserved_port( @@ -16418,20 +16506,20 @@ kernel

-Send UDP traffic on the fingerd port. +Receive UDP network traffic on generic reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ftp_data_port( +corenet_udp_receive_rndc_port( @@ -16444,20 +16532,20 @@ kernel

-Send UDP traffic on the ftp_data port. +Receive UDP traffic on the rndc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ftp_port( +corenet_udp_receive_rsh_port( @@ -16470,20 +16558,20 @@ kernel

-Send UDP traffic on the ftp port. +Receive UDP traffic on the rsh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_generic_if( +corenet_udp_receive_rsync_port( @@ -16496,20 +16584,20 @@ kernel

-Send UDP network traffic on generic interfaces. +Receive UDP traffic on the rsync port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_generic_node( +corenet_udp_receive_site_local_node( @@ -16522,20 +16610,20 @@ kernel

-Send UDP network traffic on generic nodes. +Receive UDP traffic on the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_generic_port( +corenet_udp_receive_smbd_port( @@ -16548,20 +16636,20 @@ kernel

-Send UDP network traffic on generic ports. +Receive UDP traffic on the smbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_giftd_port( +corenet_udp_receive_smtp_port( @@ -16574,20 +16662,20 @@ kernel

-Send UDP traffic on the giftd port. +Receive UDP traffic on the smtp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_gopher_port( +corenet_udp_receive_snmp_port( @@ -16600,20 +16688,20 @@ kernel

-Send UDP traffic on the gopher port. +Receive UDP traffic on the snmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_howl_port( +corenet_udp_receive_soundd_port( @@ -16626,20 +16714,20 @@ kernel

-Send UDP traffic on the howl port. +Receive UDP traffic on the soundd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_hplip_port( +corenet_udp_receive_spamd_port( @@ -16652,20 +16740,20 @@ kernel

-Send UDP traffic on the hplip port. +Receive UDP traffic on the spamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_http_cache_port( +corenet_udp_receive_ssh_port( @@ -16678,20 +16766,20 @@ kernel

-Send UDP traffic on the http_cache port. +Receive UDP traffic on the ssh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_http_port( +corenet_udp_receive_swat_port( @@ -16704,20 +16792,20 @@ kernel

-Send UDP traffic on the http port. +Receive UDP traffic on the swat port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_imaze_port( +corenet_udp_receive_syslogd_port( @@ -16730,20 +16818,20 @@ kernel

-Send UDP traffic on the imaze port. +Receive UDP traffic on the syslogd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_inaddr_any_node( +corenet_udp_receive_telnetd_port( @@ -16756,20 +16844,20 @@ kernel

-Send UDP traffic on the inaddr_any node. +Receive UDP traffic on the telnetd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_inetd_child_port( +corenet_udp_receive_tftp_port( @@ -16782,20 +16870,20 @@ kernel

-Send UDP traffic on the inetd_child port. +Receive UDP traffic on the tftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_innd_port( +corenet_udp_receive_transproxy_port( @@ -16808,20 +16896,20 @@ kernel

-Send UDP traffic on the innd port. +Receive UDP traffic on the transproxy port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ipp_port( +corenet_udp_receive_unspec_node( @@ -16834,20 +16922,20 @@ kernel

-Send UDP traffic on the ipp port. +Receive UDP traffic on the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ircd_port( +corenet_udp_receive_uucpd_port( @@ -16860,20 +16948,20 @@ kernel

-Send UDP traffic on the ircd port. +Receive UDP traffic on the uucpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_isakmp_port( +corenet_udp_receive_vnc_port( @@ -16886,20 +16974,20 @@ kernel

-Send UDP traffic on the isakmp port. +Receive UDP traffic on the vnc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_jabber_client_port( +corenet_udp_receive_xserver_port( @@ -16912,20 +17000,20 @@ kernel

-Send UDP traffic on the jabber_client port. +Receive UDP traffic on the xserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_jabber_interserver_port( +corenet_udp_receive_zebra_port( @@ -16938,20 +17026,20 @@ kernel

-Send UDP traffic on the jabber_interserver port. +Receive UDP traffic on the zebra port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_kerberos_admin_port( +corenet_udp_receive_zope_port( @@ -16964,20 +17052,20 @@ kernel

-Send UDP traffic on the kerberos_admin port. +Receive UDP traffic on the zope port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_kerberos_master_port( +corenet_udp_send_afs_bos_port( @@ -16990,20 +17078,20 @@ kernel

-Send UDP traffic on the kerberos_master port. +Send UDP traffic on the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_kerberos_port( +corenet_udp_send_afs_fs_port( @@ -17016,20 +17104,20 @@ kernel

-Send UDP traffic on the kerberos port. +Send UDP traffic on the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ktalkd_port( +corenet_udp_send_afs_ka_port( @@ -17042,20 +17130,20 @@ kernel

-Send UDP traffic on the ktalkd port. +Send UDP traffic on the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ldap_port( +corenet_udp_send_afs_pt_port( @@ -17068,20 +17156,20 @@ kernel

-Send UDP traffic on the ldap port. +Send UDP traffic on the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_link_local_node( +corenet_udp_send_afs_vl_port( @@ -17094,20 +17182,20 @@ kernel

-Send UDP traffic on the link_local node. +Send UDP traffic on the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_lo_node( +corenet_udp_send_all_if( @@ -17120,20 +17208,20 @@ kernel

-Send UDP traffic on the lo node. +Send UDP network traffic on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_mail_port( +corenet_udp_send_all_nodes( @@ -17146,20 +17234,20 @@ kernel

-Send UDP traffic on the mail port. +Send UDP network traffic on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_mapped_ipv4_node( +corenet_udp_send_all_ports( @@ -17172,20 +17260,20 @@ kernel

-Send UDP traffic on the mapped_ipv4 node. +Send UDP network traffic on all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_monopd_port( +corenet_udp_send_all_reserved_ports( @@ -17198,20 +17286,20 @@ kernel

-Send UDP traffic on the monopd port. +Send UDP network traffic on all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_multicast_node( +corenet_udp_send_amanda_port( @@ -17224,20 +17312,20 @@ kernel

-Send UDP traffic on the multicast node. +Send UDP traffic on the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_mysqld_port( +corenet_udp_send_amavisd_recv_port( @@ -17250,20 +17338,20 @@ kernel

-Send UDP traffic on the mysqld port. +Send UDP traffic on the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_nessus_port( +corenet_udp_send_amavisd_send_port( @@ -17276,20 +17364,20 @@ kernel

-Send UDP traffic on the nessus port. +Send UDP traffic on the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_nmbd_port( +corenet_udp_send_asterisk_port( @@ -17302,20 +17390,20 @@ kernel

-Send UDP traffic on the nmbd port. +Send UDP traffic on the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ntp_port( +corenet_udp_send_auth_port( @@ -17328,20 +17416,20 @@ kernel

-Send UDP traffic on the ntp port. +Send UDP traffic on the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_openvpn_port( +corenet_udp_send_clamd_port( @@ -17354,20 +17442,20 @@ kernel

-Send UDP traffic on the openvpn port. +Send UDP traffic on the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_pop_port( +corenet_udp_send_clockspeed_port( @@ -17380,20 +17468,20 @@ kernel

-Send UDP traffic on the pop port. +Send UDP traffic on the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_portmap_port( +corenet_udp_send_compat_ipv4_node( @@ -17406,20 +17494,20 @@ kernel

-Send UDP traffic on the portmap port. +Send UDP traffic on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_postgresql_port( +corenet_udp_send_cvs_port( @@ -17432,20 +17520,20 @@ kernel

-Send UDP traffic on the postgresql port. +Send UDP traffic on the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_postgrey_port( +corenet_udp_send_dbskkd_port( @@ -17458,20 +17546,20 @@ kernel

-Send UDP traffic on the postgrey port. +Send UDP traffic on the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_printer_port( +corenet_udp_send_dcc_port( @@ -17484,20 +17572,20 @@ kernel

-Send UDP traffic on the printer port. +Send UDP traffic on the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ptal_port( +corenet_udp_send_dhcpc_port( @@ -17510,20 +17598,20 @@ kernel

-Send UDP traffic on the ptal port. +Send UDP traffic on the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_pxe_port( +corenet_udp_send_dhcpd_port( @@ -17536,20 +17624,20 @@ kernel

-Send UDP traffic on the pxe port. +Send UDP traffic on the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_pyzor_port( +corenet_udp_send_dict_port( @@ -17562,20 +17650,20 @@ kernel

-Send UDP traffic on the pyzor port. +Send UDP traffic on the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_radacct_port( +corenet_udp_send_dns_port( @@ -17588,20 +17676,20 @@ kernel

-Send UDP traffic on the radacct port. +Send UDP traffic on the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_radius_port( +corenet_udp_send_fingerd_port( @@ -17614,20 +17702,20 @@ kernel

-Send UDP traffic on the radius port. +Send UDP traffic on the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_razor_port( +corenet_udp_send_ftp_data_port( @@ -17640,20 +17728,20 @@ kernel

-Send UDP traffic on the razor port. +Send UDP traffic on the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_reserved_port( +corenet_udp_send_ftp_port( @@ -17666,20 +17754,20 @@ kernel

-Send UDP network traffic on generic reserved ports. +Send UDP traffic on the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_rndc_port( +corenet_udp_send_generic_if( @@ -17692,20 +17780,20 @@ kernel

-Send UDP traffic on the rndc port. +Send UDP network traffic on generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_rsh_port( +corenet_udp_send_generic_node( @@ -17718,20 +17806,20 @@ kernel

-Send UDP traffic on the rsh port. +Send UDP network traffic on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_rsync_port( +corenet_udp_send_generic_port( @@ -17744,20 +17832,20 @@ kernel

-Send UDP traffic on the rsync port. +Send UDP network traffic on generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_site_local_node( +corenet_udp_send_giftd_port( @@ -17770,20 +17858,20 @@ kernel

-Send UDP traffic on the site_local node. +Send UDP traffic on the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_smbd_port( +corenet_udp_send_gopher_port( @@ -17796,20 +17884,20 @@ kernel

-Send UDP traffic on the smbd port. +Send UDP traffic on the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_smtp_port( +corenet_udp_send_howl_port( @@ -17822,20 +17910,20 @@ kernel

-Send UDP traffic on the smtp port. +Send UDP traffic on the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_snmp_port( +corenet_udp_send_hplip_port( @@ -17848,20 +17936,20 @@ kernel

-Send UDP traffic on the snmp port. +Send UDP traffic on the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_soundd_port( +corenet_udp_send_http_cache_port( @@ -17874,20 +17962,20 @@ kernel

-Send UDP traffic on the soundd port. +Send UDP traffic on the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_spamd_port( +corenet_udp_send_http_port( @@ -17900,20 +17988,20 @@ kernel

-Send UDP traffic on the spamd port. +Send UDP traffic on the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_ssh_port( +corenet_udp_send_imaze_port( @@ -17926,20 +18014,20 @@ kernel

-Send UDP traffic on the ssh port. +Send UDP traffic on the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_swat_port( +corenet_udp_send_inaddr_any_node( @@ -17952,20 +18040,20 @@ kernel

-Send UDP traffic on the swat port. +Send UDP traffic on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_syslogd_port( +corenet_udp_send_inetd_child_port( @@ -17978,20 +18066,20 @@ kernel

-Send UDP traffic on the syslogd port. +Send UDP traffic on the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_telnetd_port( +corenet_udp_send_innd_port( @@ -18004,20 +18092,20 @@ kernel

-Send UDP traffic on the telnetd port. +Send UDP traffic on the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_tftp_port( +corenet_udp_send_ipp_port( @@ -18030,20 +18118,20 @@ kernel

-Send UDP traffic on the tftp port. +Send UDP traffic on the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_transproxy_port( +corenet_udp_send_ircd_port( @@ -18056,20 +18144,20 @@ kernel

-Send UDP traffic on the transproxy port. +Send UDP traffic on the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_unspec_node( +corenet_udp_send_isakmp_port( @@ -18082,20 +18170,20 @@ kernel

-Send UDP traffic on the unspec node. +Send UDP traffic on the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_uucpd_port( +corenet_udp_send_jabber_client_port( @@ -18108,20 +18196,20 @@ kernel

-Send UDP traffic on the uucpd port. +Send UDP traffic on the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_vnc_port( +corenet_udp_send_jabber_interserver_port( @@ -18134,20 +18222,20 @@ kernel

-Send UDP traffic on the vnc port. +Send UDP traffic on the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_xserver_port( +corenet_udp_send_kerberos_admin_port( @@ -18160,20 +18248,20 @@ kernel

-Send UDP traffic on the xserver port. +Send UDP traffic on the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_zebra_port( +corenet_udp_send_kerberos_master_port( @@ -18186,20 +18274,20 @@ kernel

-Send UDP traffic on the zebra port. +Send UDP traffic on the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_send_zope_port( +corenet_udp_send_kerberos_port( @@ -18212,20 +18300,20 @@ kernel

-Send UDP traffic on the zope port. +Send UDP traffic on the kerberos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_afs_bos_port( +corenet_udp_send_ktalkd_port( @@ -18238,20 +18326,20 @@ kernel

-Send and receive UDP traffic on the afs_bos port. +Send UDP traffic on the ktalkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_afs_fs_port( +corenet_udp_send_ldap_port( @@ -18264,20 +18352,20 @@ kernel

-Send and receive UDP traffic on the afs_fs port. +Send UDP traffic on the ldap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_afs_ka_port( +corenet_udp_send_link_local_node( @@ -18290,20 +18378,20 @@ kernel

-Send and receive UDP traffic on the afs_ka port. +Send UDP traffic on the link_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_afs_pt_port( +corenet_udp_send_lo_node( @@ -18316,20 +18404,20 @@ kernel

-Send and receive UDP traffic on the afs_pt port. +Send UDP traffic on the lo node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_afs_vl_port( +corenet_udp_send_mail_port( @@ -18342,20 +18430,20 @@ kernel

-Send and receive UDP traffic on the afs_vl port. +Send UDP traffic on the mail port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_all_if( +corenet_udp_send_mapped_ipv4_node( @@ -18368,20 +18456,20 @@ kernel

-Send and receive UDP network traffic on all interfaces. +Send UDP traffic on the mapped_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_all_nodes( +corenet_udp_send_monopd_port( @@ -18394,20 +18482,20 @@ kernel

-Send and receive UDP network traffic on all nodes. +Send UDP traffic on the monopd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_all_ports( +corenet_udp_send_multicast_node( @@ -18420,20 +18508,20 @@ kernel

-Send and receive UDP network traffic on all ports. +Send UDP traffic on the multicast node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_all_reserved_ports( +corenet_udp_send_mysqld_port( @@ -18446,20 +18534,20 @@ kernel

-Send and receive UDP network traffic on all reserved ports. +Send UDP traffic on the mysqld port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_amanda_port( +corenet_udp_send_nessus_port( @@ -18472,20 +18560,20 @@ kernel

-Send and receive UDP traffic on the amanda port. +Send UDP traffic on the nessus port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_amavisd_recv_port( +corenet_udp_send_nmbd_port( @@ -18498,20 +18586,20 @@ kernel

-Send and receive UDP traffic on the amavisd_recv port. +Send UDP traffic on the nmbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_amavisd_send_port( +corenet_udp_send_ntp_port( @@ -18524,20 +18612,20 @@ kernel

-Send and receive UDP traffic on the amavisd_send port. +Send UDP traffic on the ntp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_asterisk_port( +corenet_udp_send_openvpn_port( @@ -18550,20 +18638,20 @@ kernel

-Send and receive UDP traffic on the asterisk port. +Send UDP traffic on the openvpn port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_auth_port( +corenet_udp_send_pegasus_http_port( @@ -18576,20 +18664,20 @@ kernel

-Send and receive UDP traffic on the auth port. +Send UDP traffic on the pegasus_http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_clamd_port( +corenet_udp_send_pegasus_https_port( @@ -18602,20 +18690,20 @@ kernel

-Send and receive UDP traffic on the clamd port. +Send UDP traffic on the pegasus_https port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_clockspeed_port( +corenet_udp_send_pop_port( @@ -18628,20 +18716,20 @@ kernel

-Send and receive UDP traffic on the clockspeed port. +Send UDP traffic on the pop port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_compat_ipv4_node( +corenet_udp_send_portmap_port( @@ -18654,20 +18742,20 @@ kernel

-Send and receive UDP traffic on the compat_ipv4 node. +Send UDP traffic on the portmap port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_cvs_port( +corenet_udp_send_postgresql_port( @@ -18680,20 +18768,20 @@ kernel

-Send and receive UDP traffic on the cvs port. +Send UDP traffic on the postgresql port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_dbskkd_port( +corenet_udp_send_postgrey_port( @@ -18706,20 +18794,20 @@ kernel

-Send and receive UDP traffic on the dbskkd port. +Send UDP traffic on the postgrey port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_dcc_port( +corenet_udp_send_printer_port( @@ -18732,20 +18820,20 @@ kernel

-Send and receive UDP traffic on the dcc port. +Send UDP traffic on the printer port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_dhcpc_port( +corenet_udp_send_ptal_port( @@ -18758,20 +18846,20 @@ kernel

-Send and receive UDP traffic on the dhcpc port. +Send UDP traffic on the ptal port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_dhcpd_port( +corenet_udp_send_pxe_port( @@ -18784,20 +18872,20 @@ kernel

-Send and receive UDP traffic on the dhcpd port. +Send UDP traffic on the pxe port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_dict_port( +corenet_udp_send_pyzor_port( @@ -18810,20 +18898,20 @@ kernel

-Send and receive UDP traffic on the dict port. +Send UDP traffic on the pyzor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_dns_port( +corenet_udp_send_radacct_port( @@ -18836,20 +18924,20 @@ kernel

-Send and receive UDP traffic on the dns port. +Send UDP traffic on the radacct port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_fingerd_port( +corenet_udp_send_radius_port( @@ -18862,20 +18950,20 @@ kernel

-Send and receive UDP traffic on the fingerd port. +Send UDP traffic on the radius port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ftp_data_port( +corenet_udp_send_razor_port( @@ -18888,20 +18976,20 @@ kernel

-Send and receive UDP traffic on the ftp_data port. +Send UDP traffic on the razor port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ftp_port( +corenet_udp_send_reserved_port( @@ -18914,20 +19002,20 @@ kernel

-Send and receive UDP traffic on the ftp port. +Send UDP network traffic on generic reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_generic_if( +corenet_udp_send_rndc_port( @@ -18940,20 +19028,20 @@ kernel

-Send and Receive UDP network traffic on generic interfaces. +Send UDP traffic on the rndc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_generic_node( +corenet_udp_send_rsh_port( @@ -18966,20 +19054,20 @@ kernel

-Send and receive UDP network traffic on generic nodes. +Send UDP traffic on the rsh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_generic_port( +corenet_udp_send_rsync_port( @@ -18992,20 +19080,20 @@ kernel

-Send and receive UDP network traffic on generic ports. +Send UDP traffic on the rsync port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_giftd_port( +corenet_udp_send_site_local_node( @@ -19018,20 +19106,20 @@ kernel

-Send and receive UDP traffic on the giftd port. +Send UDP traffic on the site_local node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_gopher_port( +corenet_udp_send_smbd_port( @@ -19044,20 +19132,20 @@ kernel

-Send and receive UDP traffic on the gopher port. +Send UDP traffic on the smbd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_howl_port( +corenet_udp_send_smtp_port( @@ -19070,20 +19158,20 @@ kernel

-Send and receive UDP traffic on the howl port. +Send UDP traffic on the smtp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_hplip_port( +corenet_udp_send_snmp_port( @@ -19096,20 +19184,20 @@ kernel

-Send and receive UDP traffic on the hplip port. +Send UDP traffic on the snmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_http_cache_port( +corenet_udp_send_soundd_port( @@ -19122,20 +19210,20 @@ kernel

-Send and receive UDP traffic on the http_cache port. +Send UDP traffic on the soundd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_http_port( +corenet_udp_send_spamd_port( @@ -19148,20 +19236,20 @@ kernel

-Send and receive UDP traffic on the http port. +Send UDP traffic on the spamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_imaze_port( +corenet_udp_send_ssh_port( @@ -19174,20 +19262,20 @@ kernel

-Send and receive UDP traffic on the imaze port. +Send UDP traffic on the ssh port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_inaddr_any_node( +corenet_udp_send_swat_port( @@ -19200,20 +19288,20 @@ kernel

-Send and receive UDP traffic on the inaddr_any node. +Send UDP traffic on the swat port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_inetd_child_port( +corenet_udp_send_syslogd_port( @@ -19226,20 +19314,20 @@ kernel

-Send and receive UDP traffic on the inetd_child port. +Send UDP traffic on the syslogd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_innd_port( +corenet_udp_send_telnetd_port( @@ -19252,20 +19340,20 @@ kernel

-Send and receive UDP traffic on the innd port. +Send UDP traffic on the telnetd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ipp_port( +corenet_udp_send_tftp_port( @@ -19278,20 +19366,20 @@ kernel

-Send and receive UDP traffic on the ipp port. +Send UDP traffic on the tftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ircd_port( +corenet_udp_send_transproxy_port( @@ -19304,20 +19392,20 @@ kernel

-Send and receive UDP traffic on the ircd port. +Send UDP traffic on the transproxy port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_isakmp_port( +corenet_udp_send_unspec_node( @@ -19330,20 +19418,20 @@ kernel

-Send and receive UDP traffic on the isakmp port. +Send UDP traffic on the unspec node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_jabber_client_port( +corenet_udp_send_uucpd_port( @@ -19356,20 +19444,20 @@ kernel

-Send and receive UDP traffic on the jabber_client port. +Send UDP traffic on the uucpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_jabber_interserver_port( +corenet_udp_send_vnc_port( @@ -19382,20 +19470,20 @@ kernel

-Send and receive UDP traffic on the jabber_interserver port. +Send UDP traffic on the vnc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_kerberos_admin_port( +corenet_udp_send_xserver_port( @@ -19408,20 +19496,20 @@ kernel

-Send and receive UDP traffic on the kerberos_admin port. +Send UDP traffic on the xserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_kerberos_master_port( +corenet_udp_send_zebra_port( @@ -19434,20 +19522,20 @@ kernel

-Send and receive UDP traffic on the kerberos_master port. +Send UDP traffic on the zebra port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_kerberos_port( +corenet_udp_send_zope_port( @@ -19460,20 +19548,20 @@ kernel

-Send and receive UDP traffic on the kerberos port. +Send UDP traffic on the zope port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ktalkd_port( +corenet_udp_sendrecv_afs_bos_port( @@ -19486,20 +19574,20 @@ kernel

-Send and receive UDP traffic on the ktalkd port. +Send and receive UDP traffic on the afs_bos port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ldap_port( +corenet_udp_sendrecv_afs_fs_port( @@ -19512,20 +19600,20 @@ kernel

-Send and receive UDP traffic on the ldap port. +Send and receive UDP traffic on the afs_fs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_link_local_node( +corenet_udp_sendrecv_afs_ka_port( @@ -19538,20 +19626,20 @@ kernel

-Send and receive UDP traffic on the link_local node. +Send and receive UDP traffic on the afs_ka port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_lo_node( +corenet_udp_sendrecv_afs_pt_port( @@ -19564,20 +19652,20 @@ kernel

-Send and receive UDP traffic on the lo node. +Send and receive UDP traffic on the afs_pt port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_mail_port( +corenet_udp_sendrecv_afs_vl_port( @@ -19590,20 +19678,20 @@ kernel

-Send and receive UDP traffic on the mail port. +Send and receive UDP traffic on the afs_vl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_mapped_ipv4_node( +corenet_udp_sendrecv_all_if( @@ -19616,20 +19704,20 @@ kernel

-Send and receive UDP traffic on the mapped_ipv4 node. +Send and receive UDP network traffic on all interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_monopd_port( +corenet_udp_sendrecv_all_nodes( @@ -19642,20 +19730,20 @@ kernel

-Send and receive UDP traffic on the monopd port. +Send and receive UDP network traffic on all nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_multicast_node( +corenet_udp_sendrecv_all_ports( @@ -19668,20 +19756,20 @@ kernel

-Send and receive UDP traffic on the multicast node. +Send and receive UDP network traffic on all ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_mysqld_port( +corenet_udp_sendrecv_all_reserved_ports( @@ -19694,20 +19782,20 @@ kernel

-Send and receive UDP traffic on the mysqld port. +Send and receive UDP network traffic on all reserved ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_nessus_port( +corenet_udp_sendrecv_amanda_port( @@ -19720,20 +19808,20 @@ kernel

-Send and receive UDP traffic on the nessus port. +Send and receive UDP traffic on the amanda port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_nmbd_port( +corenet_udp_sendrecv_amavisd_recv_port( @@ -19746,20 +19834,20 @@ kernel

-Send and receive UDP traffic on the nmbd port. +Send and receive UDP traffic on the amavisd_recv port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ntp_port( +corenet_udp_sendrecv_amavisd_send_port( @@ -19772,20 +19860,20 @@ kernel

-Send and receive UDP traffic on the ntp port. +Send and receive UDP traffic on the amavisd_send port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_openvpn_port( +corenet_udp_sendrecv_asterisk_port( @@ -19798,20 +19886,20 @@ kernel

-Send and receive UDP traffic on the openvpn port. +Send and receive UDP traffic on the asterisk port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_pop_port( +corenet_udp_sendrecv_auth_port( @@ -19824,20 +19912,20 @@ kernel

-Send and receive UDP traffic on the pop port. +Send and receive UDP traffic on the auth port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_portmap_port( +corenet_udp_sendrecv_clamd_port( @@ -19850,20 +19938,20 @@ kernel

-Send and receive UDP traffic on the portmap port. +Send and receive UDP traffic on the clamd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_postgresql_port( +corenet_udp_sendrecv_clockspeed_port( @@ -19876,20 +19964,20 @@ kernel

-Send and receive UDP traffic on the postgresql port. +Send and receive UDP traffic on the clockspeed port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_postgrey_port( +corenet_udp_sendrecv_compat_ipv4_node( @@ -19902,20 +19990,20 @@ kernel

-Send and receive UDP traffic on the postgrey port. +Send and receive UDP traffic on the compat_ipv4 node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_printer_port( +corenet_udp_sendrecv_cvs_port( @@ -19928,20 +20016,20 @@ kernel

-Send and receive UDP traffic on the printer port. +Send and receive UDP traffic on the cvs port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ptal_port( +corenet_udp_sendrecv_dbskkd_port( @@ -19954,20 +20042,20 @@ kernel

-Send and receive UDP traffic on the ptal port. +Send and receive UDP traffic on the dbskkd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_pxe_port( +corenet_udp_sendrecv_dcc_port( @@ -19980,20 +20068,20 @@ kernel

-Send and receive UDP traffic on the pxe port. +Send and receive UDP traffic on the dcc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_pyzor_port( +corenet_udp_sendrecv_dhcpc_port( @@ -20006,20 +20094,20 @@ kernel

-Send and receive UDP traffic on the pyzor port. +Send and receive UDP traffic on the dhcpc port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_radacct_port( +corenet_udp_sendrecv_dhcpd_port( @@ -20032,20 +20120,20 @@ kernel

-Send and receive UDP traffic on the radacct port. +Send and receive UDP traffic on the dhcpd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_radius_port( +corenet_udp_sendrecv_dict_port( @@ -20058,20 +20146,20 @@ kernel

-Send and receive UDP traffic on the radius port. +Send and receive UDP traffic on the dict port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_razor_port( +corenet_udp_sendrecv_dns_port( @@ -20084,20 +20172,20 @@ kernel

-Send and receive UDP traffic on the razor port. +Send and receive UDP traffic on the dns port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_reserved_port( +corenet_udp_sendrecv_fingerd_port( @@ -20110,20 +20198,20 @@ kernel

-Send and receive UDP network traffic on generic reserved ports. +Send and receive UDP traffic on the fingerd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_rndc_port( +corenet_udp_sendrecv_ftp_data_port( @@ -20136,20 +20224,20 @@ kernel

-Send and receive UDP traffic on the rndc port. +Send and receive UDP traffic on the ftp_data port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_rsh_port( +corenet_udp_sendrecv_ftp_port( @@ -20162,20 +20250,20 @@ kernel

-Send and receive UDP traffic on the rsh port. +Send and receive UDP traffic on the ftp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_rsync_port( +corenet_udp_sendrecv_generic_if( @@ -20188,20 +20276,20 @@ kernel

-Send and receive UDP traffic on the rsync port. +Send and Receive UDP network traffic on generic interfaces.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_site_local_node( +corenet_udp_sendrecv_generic_node( @@ -20214,20 +20302,20 @@ kernel

-Send and receive UDP traffic on the site_local node. +Send and receive UDP network traffic on generic nodes.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_smbd_port( +corenet_udp_sendrecv_generic_port( @@ -20240,20 +20328,20 @@ kernel

-Send and receive UDP traffic on the smbd port. +Send and receive UDP network traffic on generic ports.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_smtp_port( +corenet_udp_sendrecv_giftd_port( @@ -20266,20 +20354,20 @@ kernel

-Send and receive UDP traffic on the smtp port. +Send and receive UDP traffic on the giftd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_snmp_port( +corenet_udp_sendrecv_gopher_port( @@ -20292,20 +20380,20 @@ kernel

-Send and receive UDP traffic on the snmp port. +Send and receive UDP traffic on the gopher port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_soundd_port( +corenet_udp_sendrecv_howl_port( @@ -20318,20 +20406,20 @@ kernel

-Send and receive UDP traffic on the soundd port. +Send and receive UDP traffic on the howl port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_spamd_port( +corenet_udp_sendrecv_hplip_port( @@ -20344,20 +20432,20 @@ kernel

-Send and receive UDP traffic on the spamd port. +Send and receive UDP traffic on the hplip port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_ssh_port( +corenet_udp_sendrecv_http_cache_port( @@ -20370,20 +20458,20 @@ kernel

-Send and receive UDP traffic on the ssh port. +Send and receive UDP traffic on the http_cache port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_swat_port( +corenet_udp_sendrecv_http_port( @@ -20396,20 +20484,20 @@ kernel

-Send and receive UDP traffic on the swat port. +Send and receive UDP traffic on the http port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_syslogd_port( +corenet_udp_sendrecv_imaze_port( @@ -20422,20 +20510,20 @@ kernel

-Send and receive UDP traffic on the syslogd port. +Send and receive UDP traffic on the imaze port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_telnetd_port( +corenet_udp_sendrecv_inaddr_any_node( @@ -20448,20 +20536,20 @@ kernel

-Send and receive UDP traffic on the telnetd port. +Send and receive UDP traffic on the inaddr_any node.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_tftp_port( +corenet_udp_sendrecv_inetd_child_port( @@ -20474,20 +20562,20 @@ kernel

-Send and receive UDP traffic on the tftp port. +Send and receive UDP traffic on the inetd_child port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_transproxy_port( +corenet_udp_sendrecv_innd_port( @@ -20500,20 +20588,20 @@ kernel

-Send and receive UDP traffic on the transproxy port. +Send and receive UDP traffic on the innd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_unspec_node( +corenet_udp_sendrecv_ipp_port( @@ -20526,20 +20614,20 @@ kernel

-Send and receive UDP traffic on the unspec node. +Send and receive UDP traffic on the ipp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_uucpd_port( +corenet_udp_sendrecv_ircd_port( @@ -20552,20 +20640,20 @@ kernel

-Send and receive UDP traffic on the uucpd port. +Send and receive UDP traffic on the ircd port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_vnc_port( +corenet_udp_sendrecv_isakmp_port( @@ -20578,20 +20666,20 @@ kernel

-Send and receive UDP traffic on the vnc port. +Send and receive UDP traffic on the isakmp port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_xserver_port( +corenet_udp_sendrecv_jabber_client_port( @@ -20604,20 +20692,20 @@ kernel

-Send and receive UDP traffic on the xserver port. +Send and receive UDP traffic on the jabber_client port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_zebra_port( +corenet_udp_sendrecv_jabber_interserver_port( @@ -20630,20 +20718,20 @@ kernel

-Send and receive UDP traffic on the zebra port. +Send and receive UDP traffic on the jabber_interserver port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_udp_sendrecv_zope_port( +corenet_udp_sendrecv_kerberos_admin_port( @@ -20656,20 +20744,20 @@ kernel

-Send and receive UDP traffic on the zope port. +Send and receive UDP traffic on the kerberos_admin port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_unconfined( +corenet_udp_sendrecv_kerberos_master_port( @@ -20682,20 +20770,20 @@ kernel

-Unconfined access to network objects. +Send and receive UDP traffic on the kerberos_master port.

-Module: +Module: corenetwork

Layer: kernel

-corenet_use_tun_tap_device( +corenet_udp_sendrecv_kerberos_port( @@ -20708,50 +20796,46 @@ kernel

-Read and write the TUN/TAP virtual network device. +Send and receive UDP traffic on the kerberos port.

-Module: -cpucontrol

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cpucontrol_stub( +corenet_udp_sendrecv_ktalkd_port( - [ - domain - ] - )

-CPUcontrol stub interface. No access allowed. +Send and receive UDP traffic on the ktalkd port.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_read_pipe( +corenet_udp_sendrecv_ldap_port( @@ -20764,20 +20848,20 @@ services

-Read a cron daemon unnamed pipe. +Send and receive UDP traffic on the ldap port.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_read_system_job_tmp_files( +corenet_udp_sendrecv_link_local_node( @@ -20790,20 +20874,20 @@ services

-Read temporary files from the system cron jobs. +Send and receive UDP traffic on the link_local node.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_rw_pipe( +corenet_udp_sendrecv_lo_node( @@ -20816,20 +20900,20 @@ services

-Read and write a cron daemon unnamed pipe. +Send and receive UDP traffic on the lo node.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_search_spool( +corenet_udp_sendrecv_mail_port( @@ -20842,20 +20926,20 @@ services

-Search the directory containing user cron tables. +Send and receive UDP traffic on the mail port.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_sigchld( +corenet_udp_sendrecv_mapped_ipv4_node( @@ -20868,20 +20952,20 @@ services

-Send a SIGCHLD signal to the cron daemon. +Send and receive UDP traffic on the mapped_ipv4 node.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_system_entry( +corenet_udp_sendrecv_monopd_port( @@ -20889,34 +20973,25 @@ services

domain - - , - - - - entrypoint - - )

-Make the specified program domain accessable -from the system cron jobs. +Send and receive UDP traffic on the monopd port.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_use_fd( +corenet_udp_sendrecv_multicast_node( @@ -20929,21 +21004,20 @@ services

-Inherit and use a file descriptor -from the cron daemon. +Send and receive UDP traffic on the multicast node.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_use_system_job_fd( +corenet_udp_sendrecv_mysqld_port( @@ -20956,21 +21030,20 @@ services

-Inherit and use a file descriptor -from system cron jobs. +Send and receive UDP traffic on the mysqld port.

-Module: -cron

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cron_write_system_job_pipe( +corenet_udp_sendrecv_nessus_port( @@ -20983,20 +21056,20 @@ services

-Wrate a system cron job unnamed pipe. +Send and receive UDP traffic on the nessus port.

-Module: -cvs

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-cvs_read_data( +corenet_udp_sendrecv_nmbd_port( @@ -21009,20 +21082,20 @@ services

-Read the CVS data and metadata. +Send and receive UDP traffic on the nmbd port.

-Module: -dbus

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-dbus_connect_system_bus( +corenet_udp_sendrecv_ntp_port( @@ -21035,21 +21108,20 @@ services

-Connect to the the system DBUS -for service (acquire_svc). +Send and receive UDP traffic on the ntp port.

-Module: -dbus

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-dbus_send_system_bus_msg( +corenet_udp_sendrecv_openvpn_port( @@ -21062,20 +21134,20 @@ services

-Send a message on the system DBUS. +Send and receive UDP traffic on the openvpn port.

-Module: -dbus

-Layer: -services

+Module: +corenetwork

+Layer: +kernel

-dbus_system_bus_unconfined( +corenet_udp_sendrecv_pegasus_http_port( @@ -21088,20 +21160,20 @@ services

-Allow unconfined access to the system DBUS. +Send and receive UDP traffic on the pegasus_http port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_create_dev_node( +corenet_udp_sendrecv_pegasus_https_port( @@ -21109,42 +21181,25 @@ kernel

domain - - , - - - - file - - - - , - - - - objectclass(es) - - )

-Create, read, and write device nodes. The node -will be transitioned to the type provided. +Send and receive UDP traffic on the pegasus_https port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_create_dir( +corenet_udp_sendrecv_pop_port( @@ -21157,20 +21212,20 @@ kernel

-Create a directory in the device directory. +Send and receive UDP traffic on the pop port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_create_generic_chr_file( +corenet_udp_sendrecv_portmap_port( @@ -21183,20 +21238,20 @@ kernel

-Allow read, write, and create for generic character device files. +Send and receive UDP traffic on the portmap port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_del_generic_symlinks( +corenet_udp_sendrecv_postgresql_port( @@ -21209,20 +21264,20 @@ kernel

-Delete symbolic links in device directories. +Send and receive UDP traffic on the postgresql port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_delete_generic_file( +corenet_udp_sendrecv_postgrey_port( @@ -21235,20 +21290,20 @@ kernel

-Delete generic files in /dev. +Send and receive UDP traffic on the postgrey port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_delete_lvm_control( +corenet_udp_sendrecv_printer_port( @@ -21261,20 +21316,20 @@ kernel

-Delete the lvm control device. +Send and receive UDP traffic on the printer port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_all_blk_files( +corenet_udp_sendrecv_ptal_port( @@ -21287,20 +21342,20 @@ kernel

-Dontaudit getattr on all block file device nodes. +Send and receive UDP traffic on the ptal port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_all_chr_files( +corenet_udp_sendrecv_pxe_port( @@ -21313,20 +21368,20 @@ kernel

-Dontaudit getattr on all character file device nodes. +Send and receive UDP traffic on the pxe port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_apm_bios( +corenet_udp_sendrecv_pyzor_port( @@ -21339,21 +21394,20 @@ kernel

-Do not audit attempts to get the attributes of -the apm bios device node. +Send and receive UDP traffic on the pyzor port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_generic_blk_file( +corenet_udp_sendrecv_radacct_port( @@ -21366,20 +21420,20 @@ kernel

-Dontaudit getattr on generic block devices. +Send and receive UDP traffic on the radacct port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_generic_chr_file( +corenet_udp_sendrecv_radius_port( @@ -21392,20 +21446,20 @@ kernel

-Dontaudit getattr for generic character device files. +Send and receive UDP traffic on the radius port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_generic_pipe( +corenet_udp_sendrecv_razor_port( @@ -21418,20 +21472,20 @@ kernel

-Dontaudit getattr on generic pipes. +Send and receive UDP traffic on the razor port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_misc( +corenet_udp_sendrecv_reserved_port( @@ -21444,21 +21498,20 @@ kernel

-Do not audit attempts to get the attributes -of miscellaneous devices. +Send and receive UDP network traffic on generic reserved ports.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_scanner( +corenet_udp_sendrecv_rndc_port( @@ -21471,21 +21524,20 @@ kernel

-Do not audit attempts to get the attributes of -the scanner device. +Send and receive UDP traffic on the rndc port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_video_dev( +corenet_udp_sendrecv_rsh_port( @@ -21498,21 +21550,20 @@ kernel

-Do not audit attempts to get the attributes -of video4linux device nodes. +Send and receive UDP traffic on the rsh port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_list_all_dev_nodes( +corenet_udp_sendrecv_rsync_port( @@ -21525,20 +21576,20 @@ kernel

-Dontaudit attempts to list all device nodes. +Send and receive UDP traffic on the rsync port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_read_all_blk_files( +corenet_udp_sendrecv_site_local_node( @@ -21551,20 +21602,20 @@ kernel

-Dontaudit read on all block file device nodes. +Send and receive UDP traffic on the site_local node.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_read_all_chr_files( +corenet_udp_sendrecv_smbd_port( @@ -21577,20 +21628,20 @@ kernel

-Dontaudit read on all character file device nodes. +Send and receive UDP traffic on the smbd port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_read_framebuffer( +corenet_udp_sendrecv_smtp_port( @@ -21603,20 +21654,20 @@ kernel

-Do not audit attempts to read the framebuffer. +Send and receive UDP traffic on the smtp port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_rw_cardmgr( +corenet_udp_sendrecv_snmp_port( @@ -21629,21 +21680,20 @@ kernel

-Do not audit attempts to read and -write the PCMCIA card manager device. +Send and receive UDP traffic on the snmp port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_rw_dri_dev( +corenet_udp_sendrecv_soundd_port( @@ -21656,20 +21706,20 @@ kernel

-Dontaudit read and write on the dri devices. +Send and receive UDP traffic on the soundd port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_rw_generic_dev_nodes( +corenet_udp_sendrecv_spamd_port( @@ -21682,20 +21732,20 @@ kernel

-Dontaudit getattr for generic device files. +Send and receive UDP traffic on the spamd port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_search_sysfs( +corenet_udp_sendrecv_ssh_port( @@ -21708,20 +21758,20 @@ kernel

-Do not audit attempts to search sysfs. +Send and receive UDP traffic on the ssh port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_apm_bios( +corenet_udp_sendrecv_swat_port( @@ -21734,21 +21784,20 @@ kernel

-Do not audit attempts to set the attributes of -the apm bios device node. +Send and receive UDP traffic on the swat port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_framebuffer( +corenet_udp_sendrecv_syslogd_port( @@ -21761,21 +21810,20 @@ kernel

-Dot not audit attempts to set the attributes -of the framebuffer device node. +Send and receive UDP traffic on the syslogd port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_generic_blk_file( +corenet_udp_sendrecv_telnetd_port( @@ -21788,20 +21836,20 @@ kernel

-Dontaudit setattr on generic block devices. +Send and receive UDP traffic on the telnetd port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_generic_chr_file( +corenet_udp_sendrecv_tftp_port( @@ -21814,20 +21862,20 @@ kernel

-Dontaudit setattr for generic character device files. +Send and receive UDP traffic on the tftp port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_generic_symlink( +corenet_udp_sendrecv_transproxy_port( @@ -21840,21 +21888,20 @@ kernel

-Do not audit attempts to set the attributes -of symbolic links in device directories (/dev). +Send and receive UDP traffic on the transproxy port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_misc( +corenet_udp_sendrecv_unspec_node( @@ -21867,21 +21914,20 @@ kernel

-Do not audit attempts to set the attributes -of miscellaneous devices. +Send and receive UDP traffic on the unspec node.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_scanner( +corenet_udp_sendrecv_uucpd_port( @@ -21894,21 +21940,20 @@ kernel

-Do not audit attempts to set the attributes of -the scanner device. +Send and receive UDP traffic on the uucpd port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_setattr_video_dev( +corenet_udp_sendrecv_vnc_port( @@ -21921,21 +21966,20 @@ kernel

-Do not audit attempts to set the attributes -of video4linux device nodes. +Send and receive UDP traffic on the vnc port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_agp_dev( +corenet_udp_sendrecv_xserver_port( @@ -21948,20 +21992,20 @@ kernel

-Getattr the agp devices. +Send and receive UDP traffic on the xserver port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_all_blk_files( +corenet_udp_sendrecv_zebra_port( @@ -21974,20 +22018,20 @@ kernel

-Getattr on all block file device nodes. +Send and receive UDP traffic on the zebra port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_all_chr_files( +corenet_udp_sendrecv_zope_port( @@ -22000,20 +22044,20 @@ kernel

-Getattr on all character file device nodes. +Send and receive UDP traffic on the zope port.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_apm_bios( +corenet_unconfined( @@ -22026,20 +22070,20 @@ kernel

-Get the attributes of the apm bios device node. +Unconfined access to network objects.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_cpu( +corenet_use_ppp_device( @@ -22052,21 +22096,20 @@ kernel

-Get the attributes of the CPU -microcode and id interfaces. +Read and write the point-to-point device.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_framebuffer( +corenet_use_tun_tap_device( @@ -22079,46 +22122,50 @@ kernel

-Get the attributes of the framebuffer device node. +Read and write the TUN/TAP virtual network device.

-Module: -devices

-Layer: -kernel

+Module: +cpucontrol

+Layer: +services

-dev_getattr_generic_blk_file( +cpucontrol_stub( + [ + domain + ] + )

-Allow getattr on generic block devices. +CPUcontrol stub interface. No access allowed.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_generic_chr_file( +cron_read_pipe( @@ -22131,20 +22178,20 @@ kernel

-Allow getattr for generic character device files. +Read a cron daemon unnamed pipe.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_misc( +cron_read_system_job_tmp_files( @@ -22157,20 +22204,20 @@ kernel

-Get the attributes of miscellaneous devices. +Read temporary files from the system cron jobs.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_mouse( +cron_rw_pipe( @@ -22183,20 +22230,20 @@ kernel

-Get the attributes of the mouse devices. +Read and write a cron daemon unnamed pipe.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_power_management( +cron_search_spool( @@ -22209,20 +22256,20 @@ kernel

-Get the attributes of the the power management device. +Search the directory containing user cron tables.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_scanner( +cron_sigchld( @@ -22235,20 +22282,20 @@ kernel

-Get the attributes of the scanner device. +Send a SIGCHLD signal to the cron daemon.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_snd_dev( +cron_system_entry( @@ -22256,25 +22303,34 @@ kernel

domain + + , + + + + entrypoint + + )

-Get the attributes of the sound devices. +Make the specified program domain accessable +from the system cron jobs.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_sysfs_dir( +cron_use_fd( @@ -22287,20 +22343,21 @@ kernel

-Get the attributes of sysfs directories. +Inherit and use a file descriptor +from the cron daemon.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_usbfs_dir( +cron_use_system_job_fd( @@ -22313,20 +22370,21 @@ kernel

-Get the attributes of a directory in the usb filesystem. +Inherit and use a file descriptor +from system cron jobs.

-Module: -devices

-Layer: -kernel

+Module: +cron

+Layer: +services

-dev_getattr_video_dev( +cron_write_system_job_pipe( @@ -22339,20 +22397,20 @@ kernel

-Get the attributes of video4linux devices. +Wrate a system cron job unnamed pipe.

-Module: -devices

-Layer: -kernel

+Module: +cvs

+Layer: +services

-dev_getattr_xserver_misc_dev( +cvs_read_data( @@ -22365,20 +22423,20 @@ kernel

-Get the attributes of X server miscellaneous devices. +Read the CVS data and metadata.

-Module: -devices

-Layer: -kernel

+Module: +dbus

+Layer: +services

-dev_list_all_dev_nodes( +dbus_connect_system_bus( @@ -22391,20 +22449,21 @@ kernel

-List all of the device nodes in a device directory. +Connect to the the system DBUS +for service (acquire_svc).

-Module: -devices

-Layer: -kernel

+Module: +dbus

+Layer: +services

-dev_list_sysfs( +dbus_send_system_bus_msg( @@ -22417,20 +22476,20 @@ kernel

-List the contents of the sysfs directories. +Send a message on the system DBUS.

-Module: -devices

-Layer: -kernel

+Module: +dbus

+Layer: +services

-dev_list_usbfs( +dbus_system_bus_unconfined( @@ -22443,20 +22502,20 @@ kernel

-Allow caller to get a list of usb hardware. +Allow unconfined access to the system DBUS.

-Module: +Module: devices

Layer: kernel

-dev_manage_all_blk_files( +dev_create_dev_node( @@ -22464,25 +22523,42 @@ kernel

domain + + , + + + + file + + + + , + + + + objectclass(es) + + )

-Read, write, create, and delete all block device files. +Create, read, and write device nodes. The node +will be transitioned to the type provided.

-Module: +Module: devices

Layer: kernel

-dev_manage_all_chr_files( +dev_create_dir( @@ -22495,20 +22571,20 @@ kernel

-Read, write, create, and delete all character device files. +Create a directory in the device directory.

-Module: +Module: devices

Layer: kernel

-dev_manage_dev_nodes( +dev_create_generic_chr_file( @@ -22521,20 +22597,20 @@ kernel

-Create, delete, read, and write device nodes in device directories. +Allow read, write, and create for generic character device files.

-Module: +Module: devices

Layer: kernel

-dev_manage_generic_blk_file( +dev_del_generic_symlinks( @@ -22547,21 +22623,20 @@ kernel

-Allow read, write, create, and delete for generic -block files. +Delete symbolic links in device directories.

-Module: +Module: devices

Layer: kernel

-dev_manage_generic_blk_file( +dev_delete_generic_file( @@ -22574,20 +22649,20 @@ kernel

-Create, delete, read, and write block device files. +Delete generic files in /dev.

-Module: +Module: devices

Layer: kernel

-dev_manage_generic_chr_file( +dev_delete_lvm_control( @@ -22600,20 +22675,20 @@ kernel

-Create, delete, read, and write character device files. +Delete the lvm control device.

-Module: +Module: devices

Layer: kernel

-dev_manage_generic_symlinks( +dev_dontaudit_getattr_all_blk_files( @@ -22626,20 +22701,20 @@ kernel

-Create, delete, read, and write symbolic links in device directories. +Dontaudit getattr on all block file device nodes.

-Module: +Module: devices

Layer: kernel

-dev_mount_usbfs( +dev_dontaudit_getattr_all_chr_files( @@ -22652,25 +22727,25 @@ kernel

-Mount a usbfs filesystem. +Dontaudit getattr on all character file device nodes.

-Module: +Module: devices

Layer: kernel

-dev_node( +dev_dontaudit_getattr_apm_bios( - object_type + domain )
@@ -22678,21 +22753,21 @@ kernel

-Make the passed in type a type appropriate for -use on device nodes (usually files in /dev). +Do not audit attempts to get the attributes of +the apm bios device node.

-Module: +Module: devices

Layer: kernel

-dev_read_cpuid( +dev_dontaudit_getattr_generic_blk_file( @@ -22705,20 +22780,20 @@ kernel

-Read the CPU identity. +Dontaudit getattr on generic block devices.

-Module: +Module: devices

Layer: kernel

-dev_read_framebuffer( +dev_dontaudit_getattr_generic_chr_file( @@ -22731,20 +22806,20 @@ kernel

-Read the framebuffer. +Dontaudit getattr for generic character device files.

-Module: +Module: devices

Layer: kernel

-dev_read_input( +dev_dontaudit_getattr_generic_pipe( @@ -22757,20 +22832,20 @@ kernel

-Read input event devices (/dev/input). +Dontaudit getattr on generic pipes.

-Module: +Module: devices

Layer: kernel

-dev_read_lvm_control( +dev_dontaudit_getattr_misc( @@ -22783,20 +22858,21 @@ kernel

-Read the lvm comtrol device. +Do not audit attempts to get the attributes +of miscellaneous devices.

-Module: +Module: devices

Layer: kernel

-dev_read_misc( +dev_dontaudit_getattr_scanner( @@ -22809,20 +22885,21 @@ kernel

-Read miscellaneous devices. +Do not audit attempts to get the attributes of +the scanner device.

-Module: +Module: devices

Layer: kernel

-dev_read_mouse( +dev_dontaudit_getattr_video_dev( @@ -22835,20 +22912,21 @@ kernel

-Read the mouse devices. +Do not audit attempts to get the attributes +of video4linux device nodes.

-Module: +Module: devices

Layer: kernel

-dev_read_mtrr( +dev_dontaudit_list_all_dev_nodes( @@ -22861,20 +22939,20 @@ kernel

-Read the mtrr device. +Dontaudit attempts to list all device nodes.

-Module: +Module: devices

Layer: kernel

-dev_read_rand( +dev_dontaudit_read_all_blk_files( @@ -22887,20 +22965,20 @@ kernel

-Read from random devices (e.g., /dev/random) +Dontaudit read on all block file device nodes.

-Module: +Module: devices

Layer: kernel

-dev_read_raw_memory( +dev_dontaudit_read_all_chr_files( @@ -22913,20 +22991,20 @@ kernel

-Read raw memory devices (e.g. /dev/mem). +Dontaudit read on all character file device nodes.

-Module: +Module: devices

Layer: kernel

-dev_read_realtime_clock( +dev_dontaudit_read_framebuffer( @@ -22939,20 +23017,20 @@ kernel

-Read the realtime clock (/dev/rtc). +Do not audit attempts to read the framebuffer.

-Module: +Module: devices

Layer: kernel

-dev_read_snd_dev( +dev_dontaudit_rw_cardmgr( @@ -22965,20 +23043,21 @@ kernel

-Read the sound devices. +Do not audit attempts to read and +write the PCMCIA card manager device.

-Module: +Module: devices

Layer: kernel

-dev_read_snd_mixer_dev( +dev_dontaudit_rw_dri_dev( @@ -22991,20 +23070,20 @@ kernel

-Read the sound mixer devices. +Dontaudit read and write on the dri devices.

-Module: +Module: devices

Layer: kernel

-dev_read_sysfs( +dev_dontaudit_rw_generic_dev_nodes( @@ -23017,20 +23096,20 @@ kernel

-Allow caller to read hardware state information. +Dontaudit getattr for generic device files.

-Module: +Module: devices

Layer: kernel

-dev_read_urand( +dev_dontaudit_search_sysfs( @@ -23043,20 +23122,20 @@ kernel

-Read from pseudo random devices (e.g., /dev/urandom) +Do not audit attempts to search sysfs.

-Module: +Module: devices

Layer: kernel

-dev_read_usbfs( +dev_dontaudit_setattr_apm_bios( @@ -23069,21 +23148,21 @@ kernel

-Read USB hardware information using -the usbfs filesystem interface. +Do not audit attempts to set the attributes of +the apm bios device node.

-Module: +Module: devices

Layer: kernel

-dev_relabel_all_dev_nodes( +dev_dontaudit_setattr_framebuffer( @@ -23096,20 +23175,21 @@ kernel

-Allow full relabeling (to and from) of all device nodes. +Dot not audit attempts to set the attributes +of the framebuffer device node.

-Module: +Module: devices

Layer: kernel

-dev_relabel_dev_dirs( +dev_dontaudit_setattr_generic_blk_file( @@ -23122,20 +23202,20 @@ kernel

-Allow full relabeling (to and from) of directories in /dev. +Dontaudit setattr on generic block devices.

-Module: +Module: devices

Layer: kernel

-dev_relabel_generic_symlinks( +dev_dontaudit_setattr_generic_chr_file( @@ -23148,20 +23228,20 @@ kernel

-Relabel symbolic links in device directories. +Dontaudit setattr for generic character device files.

-Module: +Module: devices

Layer: kernel

-dev_rw_agp_dev( +dev_dontaudit_setattr_generic_symlink( @@ -23174,20 +23254,21 @@ kernel

-Read and write the agp devices. +Do not audit attempts to set the attributes +of symbolic links in device directories (/dev).

-Module: +Module: devices

Layer: kernel

-dev_rw_apm_bios( +dev_dontaudit_setattr_misc( @@ -23200,20 +23281,21 @@ kernel

-Read and write the apm bios. +Do not audit attempts to set the attributes +of miscellaneous devices.

-Module: +Module: devices

Layer: kernel

-dev_rw_cpu_microcode( +dev_dontaudit_setattr_scanner( @@ -23226,21 +23308,21 @@ kernel

-Read and write the the CPU microcode device. This -is required to load CPU microcode. +Do not audit attempts to set the attributes of +the scanner device.

-Module: +Module: devices

Layer: kernel

-dev_rw_dri_dev( +dev_dontaudit_setattr_video_dev( @@ -23253,20 +23335,21 @@ kernel

-Read and write the dri devices. +Do not audit attempts to set the attributes +of video4linux device nodes.

-Module: +Module: devices

Layer: kernel

-dev_rw_generic_file( +dev_getattr_agp_dev( @@ -23279,20 +23362,20 @@ kernel

-Read and write generic files in /dev. +Getattr the agp devices.

-Module: +Module: devices

Layer: kernel

-dev_rw_lvm_control( +dev_getattr_all_blk_files( @@ -23305,20 +23388,20 @@ kernel

-Read and write the lvm control device. +Getattr on all block file device nodes.

-Module: +Module: devices

Layer: kernel

-dev_rw_null_dev( +dev_getattr_all_chr_files( @@ -23331,20 +23414,20 @@ kernel

-Read and write to the null device (/dev/null). +Getattr on all character file device nodes.

-Module: +Module: devices

Layer: kernel

-dev_rw_power_management( +dev_getattr_apm_bios( @@ -23357,20 +23440,20 @@ kernel

-Read and write the the power management device. +Get the attributes of the apm bios device node.

-Module: +Module: devices

Layer: kernel

-dev_rw_printer( +dev_getattr_cpu( @@ -23383,20 +23466,21 @@ kernel

-Read and write the printer device. +Get the attributes of the CPU +microcode and id interfaces.

-Module: +Module: devices

Layer: kernel

-dev_rw_realtime_clock( +dev_getattr_framebuffer( @@ -23409,20 +23493,20 @@ kernel

-Read and set the realtime clock (/dev/rtc). +Get the attributes of the framebuffer device node.

-Module: +Module: devices

Layer: kernel

-dev_rw_scanner( +dev_getattr_generic_blk_file( @@ -23435,20 +23519,20 @@ kernel

-Read and write the scanner device. +Allow getattr on generic block devices.

-Module: +Module: devices

Layer: kernel

-dev_rw_sysfs( +dev_getattr_generic_chr_file( @@ -23461,20 +23545,20 @@ kernel

-Allow caller to modify hardware state information. +Allow getattr for generic character device files.

-Module: +Module: devices

Layer: kernel

-dev_rw_usbfs( +dev_getattr_misc( @@ -23487,20 +23571,20 @@ kernel

-Allow caller to modify usb hardware configuration files. +Get the attributes of miscellaneous devices.

-Module: +Module: devices

Layer: kernel

-dev_rw_zero_dev( +dev_getattr_mouse( @@ -23513,20 +23597,20 @@ kernel

-Read and write to the zero device (/dev/zero). +Get the attributes of the mouse devices.

-Module: +Module: devices

Layer: kernel

-dev_rwx_zero_dev( +dev_getattr_power_management( @@ -23539,20 +23623,20 @@ kernel

-Read, write, and execute the zero device (/dev/zero). +Get the attributes of the the power management device.

-Module: +Module: devices

Layer: kernel

-dev_rx_raw_memory( +dev_getattr_scanner( @@ -23565,20 +23649,20 @@ kernel

-Read and execute raw memory devices (e.g. /dev/mem). +Get the attributes of the scanner device.

-Module: +Module: devices

Layer: kernel

-dev_search_sysfs( +dev_getattr_snd_dev( @@ -23591,20 +23675,20 @@ kernel

-Search the sysfs directories. +Get the attributes of the sound devices.

-Module: +Module: devices

Layer: kernel

-dev_search_usbfs( +dev_getattr_sysfs_dir( @@ -23617,20 +23701,20 @@ kernel

-Search the directory containing USB hardware information. +Get the attributes of sysfs directories.

-Module: +Module: devices

Layer: kernel

-dev_setattr_all_blk_files( +dev_getattr_usbfs_dir( @@ -23643,20 +23727,20 @@ kernel

-Setattr on all block file device nodes. +Get the attributes of a directory in the usb filesystem.

-Module: +Module: devices

Layer: kernel

-dev_setattr_all_chr_files( +dev_getattr_video_dev( @@ -23669,20 +23753,20 @@ kernel

-Setattr on all character file device nodes. +Get the attributes of video4linux devices.

-Module: +Module: devices

Layer: kernel

-dev_setattr_apm_bios( +dev_getattr_xserver_misc_dev( @@ -23695,20 +23779,20 @@ kernel

-Set the attributes of the apm bios device node. +Get the attributes of X server miscellaneous devices.

-Module: +Module: devices

Layer: kernel

-dev_setattr_dev_dir( +dev_list_all_dev_nodes( @@ -23721,20 +23805,20 @@ kernel

-Set the attributes of /dev directories. +List all of the device nodes in a device directory.

-Module: +Module: devices

Layer: kernel

-dev_setattr_framebuffer( +dev_list_sysfs( @@ -23747,20 +23831,20 @@ kernel

-Set the attributes of the framebuffer device node. +List the contents of the sysfs directories.

-Module: +Module: devices

Layer: kernel

-dev_setattr_misc( +dev_list_usbfs( @@ -23773,20 +23857,20 @@ kernel

-Set the attributes of miscellaneous devices. +Allow caller to get a list of usb hardware.

-Module: +Module: devices

Layer: kernel

-dev_setattr_mouse( +dev_manage_all_blk_files( @@ -23799,20 +23883,20 @@ kernel

-Set the attributes of the mouse devices. +Read, write, create, and delete all block device files.

-Module: +Module: devices

Layer: kernel

-dev_setattr_power_management( +dev_manage_all_chr_files( @@ -23825,20 +23909,20 @@ kernel

-Set the attributes of the the power management device. +Read, write, create, and delete all character device files.

-Module: +Module: devices

Layer: kernel

-dev_setattr_printer( +dev_manage_dev_nodes( @@ -23851,20 +23935,20 @@ kernel

-Set the attributes of the printer device nodes. +Create, delete, read, and write device nodes in device directories.

-Module: +Module: devices

Layer: kernel

-dev_setattr_scanner( +dev_manage_generic_blk_file( @@ -23877,20 +23961,21 @@ kernel

-Set the attributes of the scanner device. +Allow read, write, create, and delete for generic +block files.

-Module: +Module: devices

Layer: kernel

-dev_setattr_snd_dev( +dev_manage_generic_blk_file( @@ -23903,20 +23988,20 @@ kernel

-Set the attributes of the sound devices. +Create, delete, read, and write block device files.

-Module: +Module: devices

Layer: kernel

-dev_setattr_video_dev( +dev_manage_generic_chr_file( @@ -23929,20 +24014,20 @@ kernel

-Set the attributes of video4linux device nodes. +Create, delete, read, and write character device files.

-Module: +Module: devices

Layer: kernel

-dev_setattr_xserver_misc_dev( +dev_manage_generic_symlinks( @@ -23955,20 +24040,20 @@ kernel

-Set the attributes of X server miscellaneous devices. +Create, delete, read, and write symbolic links in device directories.

-Module: +Module: devices

Layer: kernel

-dev_unconfined( +dev_mount_usbfs( @@ -23981,20 +24066,47 @@ kernel

-Unconfined access to devices. +Mount a usbfs filesystem.

-Module: +Module: devices

Layer: kernel

-dev_write_framebuffer( +dev_node( + + + + + object_type + + + )
+
+ +
+

+Make the passed in type a type appropriate for +use on device nodes (usually files in /dev). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_cpuid( @@ -24007,20 +24119,20 @@ kernel

-Write the framebuffer. +Read the CPU identity.

-Module: +Module: devices

Layer: kernel

-dev_write_misc( +dev_read_framebuffer( @@ -24033,20 +24145,20 @@ kernel

-Write miscellaneous devices. +Read the framebuffer.

-Module: +Module: devices

Layer: kernel

-dev_write_mtrr( +dev_read_input( @@ -24059,20 +24171,20 @@ kernel

-Write the mtrr device. +Read input event devices (/dev/input).

-Module: +Module: devices

Layer: kernel

-dev_write_rand( +dev_read_lvm_control( @@ -24085,22 +24197,20 @@ kernel

-Write to the random device (e.g., /dev/random). This adds -entropy used to generate the random data read from the -random device. +Read the lvm comtrol device.

-Module: +Module: devices

Layer: kernel

-dev_write_raw_memory( +dev_read_misc( @@ -24113,20 +24223,20 @@ kernel

-Write raw memory devices (e.g. /dev/mem). +Read miscellaneous devices.

-Module: +Module: devices

Layer: kernel

-dev_write_realtime_clock( +dev_read_mouse( @@ -24139,20 +24249,20 @@ kernel

-Set the realtime clock (/dev/rtc). +Read the mouse devices.

-Module: +Module: devices

Layer: kernel

-dev_write_snd_dev( +dev_read_mtrr( @@ -24165,20 +24275,20 @@ kernel

-Write the sound devices. +Read the mtrr device.

-Module: +Module: devices

Layer: kernel

-dev_write_snd_mixer_dev( +dev_read_rand( @@ -24191,25 +24301,3328 @@ kernel

-Write the sound mixer devices. +Read from random devices (e.g., /dev/random) +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_raw_memory( + + + + + domain + + + )
+
+ +
+

+Read raw memory devices (e.g. /dev/mem). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_realtime_clock( + + + + + domain + + + )
+
+ +
+

+Read the realtime clock (/dev/rtc). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_snd_dev( + + + + + domain + + + )
+
+ +
+

+Read the sound devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_snd_mixer_dev( + + + + + domain + + + )
+
+ +
+

+Read the sound mixer devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_sysfs( + + + + + domain + + + )
+
+ +
+

+Allow caller to read hardware state information. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_urand( + + + + + domain + + + )
+
+ +
+

+Read from pseudo random devices (e.g., /dev/urandom) +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_read_usbfs( + + + + + domain + + + )
+
+ +
+

+Read USB hardware information using +the usbfs filesystem interface. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_relabel_all_dev_nodes( + + + + + domain + + + )
+
+ +
+

+Allow full relabeling (to and from) of all device nodes. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_relabel_dev_dirs( + + + + + domain + + + )
+
+ +
+

+Allow full relabeling (to and from) of directories in /dev. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_relabel_generic_symlinks( + + + + + domain + + + )
+
+ +
+

+Relabel symbolic links in device directories. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_agp_dev( + + + + + domain + + + )
+
+ +
+

+Read and write the agp devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_apm_bios( + + + + + domain + + + )
+
+ +
+

+Read and write the apm bios. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_cpu_microcode( + + + + + domain + + + )
+
+ +
+

+Read and write the the CPU microcode device. This +is required to load CPU microcode. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_crypto( + + + + + domain + + + )
+
+ +
+

+Read and write the the hardware SSL accelerator. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_dri_dev( + + + + + domain + + + )
+
+ +
+

+Read and write the dri devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_generic_file( + + + + + domain + + + )
+
+ +
+

+Read and write generic files in /dev. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_lvm_control( + + + + + domain + + + )
+
+ +
+

+Read and write the lvm control device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_mouse( + + + + + domain + + + )
+
+ +
+

+Read and write to mouse devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_null_dev( + + + + + domain + + + )
+
+ +
+

+Read and write to the null device (/dev/null). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_power_management( + + + + + domain + + + )
+
+ +
+

+Read and write the the power management device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_printer( + + + + + domain + + + )
+
+ +
+

+Read and write the printer device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_realtime_clock( + + + + + domain + + + )
+
+ +
+

+Read and set the realtime clock (/dev/rtc). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_scanner( + + + + + domain + + + )
+
+ +
+

+Read and write the scanner device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_sysfs( + + + + + domain + + + )
+
+ +
+

+Allow caller to modify hardware state information. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_usbfs( + + + + + domain + + + )
+
+ +
+

+Allow caller to modify usb hardware configuration files. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rw_zero_dev( + + + + + domain + + + )
+
+ +
+

+Read and write to the zero device (/dev/zero). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rwx_zero_dev( + + + + + domain + + + )
+
+ +
+

+Read, write, and execute the zero device (/dev/zero). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_rx_raw_memory( + + + + + domain + + + )
+
+ +
+

+Read and execute raw memory devices (e.g. /dev/mem). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_search_sysfs( + + + + + domain + + + )
+
+ +
+

+Search the sysfs directories. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_search_usbfs( + + + + + domain + + + )
+
+ +
+

+Search the directory containing USB hardware information. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_all_blk_files( + + + + + domain + + + )
+
+ +
+

+Setattr on all block file device nodes. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_all_chr_files( + + + + + domain + + + )
+
+ +
+

+Setattr on all character file device nodes. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_apm_bios( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the apm bios device node. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_dev_dir( + + + + + domain + + + )
+
+ +
+

+Set the attributes of /dev directories. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_framebuffer( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the framebuffer device node. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_misc( + + + + + domain + + + )
+
+ +
+

+Set the attributes of miscellaneous devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_mouse( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the mouse devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_power_management( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the the power management device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_printer( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the printer device nodes. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_scanner( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the scanner device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_snd_dev( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the sound devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_video_dev( + + + + + domain + + + )
+
+ +
+

+Set the attributes of video4linux device nodes. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_setattr_xserver_misc_dev( + + + + + domain + + + )
+
+ +
+

+Set the attributes of X server miscellaneous devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_unconfined( + + + + + domain + + + )
+
+ +
+

+Unconfined access to devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_framebuffer( + + + + + domain + + + )
+
+ +
+

+Write the framebuffer. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_misc( + + + + + domain + + + )
+
+ +
+

+Write miscellaneous devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_mtrr( + + + + + domain + + + )
+
+ +
+

+Write the mtrr device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_rand( + + + + + domain + + + )
+
+ +
+

+Write to the random device (e.g., /dev/random). This adds +entropy used to generate the random data read from the +random device. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_raw_memory( + + + + + domain + + + )
+
+ +
+

+Write raw memory devices (e.g. /dev/mem). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_realtime_clock( + + + + + domain + + + )
+
+ +
+

+Set the realtime clock (/dev/rtc). +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_snd_dev( + + + + + domain + + + )
+
+ +
+

+Write the sound devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_snd_mixer_dev( + + + + + domain + + + )
+
+ +
+

+Write the sound mixer devices. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_write_urand( + + + + + domain + + + )
+
+ +
+

+Write to the pseudo random device (e.g., /dev/urandom). This +sets the random number generator seed. +

+
+ +
+ +
+Module: +devices

+Layer: +kernel

+

+ +dev_wx_raw_memory( + + + + + domain + + + )
+
+ +
+

+Write and execute raw memory devices (e.g. /dev/mem). +

+
+ +
+ +
+Module: +dhcp

+Layer: +services

+

+ +dhcpd_setattr_state_files( + + + + + domain + + + )
+
+ +
+

+Set the attributes of the DCHP +server state files. +

+
+ +
+ +
+Module: +dictd

+Layer: +services

+

+ +dictd_use( + + + + + domain + + + )
+
+ +
+

+Use dictionary services by connecting +over TCP. +

+
+ +
+ +
+Module: +dmesg

+Layer: +admin

+

+ +dmesg_domtrans( + + + + + domain + + + )
+
+ +
+

+Execute dmesg in the dmesg domain. +

+
+ +
+ +
+Module: +dmesg

+Layer: +admin

+

+ +dmesg_exec( + + + + + domain + + + )
+
+ +
+

+Execute dmesg in the caller domain. +

+
+ +
+ +
+Module: +dmidecode

+Layer: +admin

+

+ +dmidecode_domtrans( + + + + + domain + + + )
+
+ +
+

+Execute dmidecode in the dmidecode domain. +

+
+ +
+ +
+Module: +dmidecode

+Layer: +admin

+

+ +dmidecode_run( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Execute dmidecode in the dmidecode domain, and +allow the specified role the dmidecode domain. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_base_type( + + + + + type + + + )
+
+ +
+

+Make the specified type usable as a basic domain. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_cron_exemption_source( + + + + + domain + + + )
+
+ +
+

+Make the specified domain the source of +the cron domain exception of the +SELinux role and identity change +constraints. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_cron_exemption_target( + + + + + domain + + + )
+
+ +
+

+Make the specified domain the target of +the cron domain exception of the +SELinux role and identity change +constraints. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getattr_all_key_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get attribues of +all domains IPSEC key management sockets. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getattr_all_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get the attributes +of all domains sockets, for all socket types. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getattr_all_tcp_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get the attributes +of all domains TCP sockets. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getattr_all_udp_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get the attributes +of all domains UDP sockets. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getattr_all_unix_dgram_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get the attributes +of all domains unix datagram sockets. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getattr_all_unnamed_pipes( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get the attributes +of all domains unnamed pipes. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_getsession_all_domains( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to get the +session ID of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_list_all_domains_proc( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to read the process state +directories of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_ptrace_all_domains( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to ptrace all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_ptrace_confined_domains( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to ptrace confined domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_read_all_domains_state( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to read the process +state (/proc/pid) of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_rw_all_key_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to read or write +all domains key sockets. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_rw_all_udp_sockets( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to read or write +all domains UDP sockets. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dontaudit_use_wide_inherit_fd( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_dyntrans_type( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_entry_file( + + + + + domain + + + + , + + + + type + + + )
+
+ +
+

+Make the specified type usable as +an entry point for the domain. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_exec_all_entry_files( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_getattr_all_domains( + + + + + domain + + + )
+
+ +
+

+Get the attributes of all domains of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_getattr_all_entry_files( + + + + + domain + + + )
+
+ +
+

+Get the attributes of entry point +files for all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_getattr_all_sockets( + + + + + domain + + + )
+
+ +
+

+Get the attributes of all domains +sockets, for all socket types. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_getattr_confined_domains( + + + + + domain + + + )
+
+ +
+

+Get the attributes of all confined domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_getsession_all_domains( + + + + + domain + + + )
+
+ +
+

+Get the session ID of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_kill_all_domains( + + + + + domain + + + )
+
+ +
+

+Send a kill signal to all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_obj_id_change_exempt( + + + + + domain + + + )
+
+ +
+

+Makes caller an exception to the constraint preventing +changing the user identity in object contexts. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_ptrace_all_domains( + + + + + domain + + + )
+
+ +
+

+Ptrace all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_read_all_domains_state( + + + + + domain + + + )
+
+ +
+

+Read the process state (/proc/pid) of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_read_all_entry_files( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_read_confined_domains_state( + + + + + domain + + + )
+
+ +
+

+Read the process state (/proc/pid) of all confined domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_role_change_exempt( + + + + + domain + + + )
+
+ +
+

+Makes caller an exception to the constraint preventing +changing of role. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_search_all_domains_state( + + + + + domain + + + )
+
+ +
+

+Search the process state directory (/proc/pid) of all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_setpriority_all_domains( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_sigchld_all_domains( + + + + + domain + + + )
+
+ +
+

+Send a child terminated signal to all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_sigchld_wide_inherit_fd( + + + + + domain + + + )
+
+ +
+

+Send a SIGCHLD signal to domains whose file +discriptors are widely inheritable. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_signal_all_domains( + + + + + domain + + + )
+
+ +
+

+Send general signals to all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_signull_all_domains( + + + + + domain + + + )
+
+ +
+

+Send a null signal to all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_sigstop_all_domains( + + + + + domain + + + )
+
+ +
+

+Send a stop signal to all domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_subj_id_change_exempt( + + + + + domain + + + )
+
+ +
+

+Makes caller an exception to the constraint preventing +changing of user identity. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_system_change_exempt( + + + + + domain + + + )
+
+ +
+

+Makes caller and execption to the constraint +preventing changing to the system user +identity and system role. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_type( + + + + + type + + + )
+
+ +
+

+Make the specified type usable as a domain. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_unconfined( + + + + + domain + + + )
+
+ +
+

+Unconfined access to domains. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_use_wide_inherit_fd( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_user_exemption_target( + + + + + domain + + + )
+
+ +
+

+Make the specified domain the target of +the user domain exception of the +SELinux role and identity change +constraints. +

+
+ +
+ +
+Module: +domain

+Layer: +system

+

+ +domain_wide_inherit_fd( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_associate_tmp( + + + + + file_type + + + )
+
+ +
+

+Allow the specified type to associate +to a filesystem with the type of the +temporary directory (/tmp). +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_boot_flag( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_etc_config( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_home_dirs( + + + + + domain + + + + , + + + + home_type + + + )
+
+ +
+

+Create home directories +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_lock( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_pid( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_root( + + + + + domain + + + + , + + + + [ + + private type + + ] + + + + , + + + + [ + + object + + ] + + + )
+
+ +
+

+Create an object in the root directory, with a private +type. If no object class is specified, the +default is file. +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_tmp_files( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_usr( + + + + + domain + + + + , + + + + file_type + + + + , + + + + [ + + object_class + + ] + + + )
+
+ +
+

+Create objects in the /usr directory +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_var( + + + + + domain + + + + , + + + + file_type + + + + , + + + + [ + + object_class + + ] + + + )
+
+ +
+

+Create objects in the /var directory +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_create_var_lib( + + + + + domain + + + + , + + + + file_type + + + + , + + + + [ + + object_class + + ] + + + )
+
+ +
+

+Create objects in the /var/lib directory +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_delete_all_locks( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_delete_all_pid_dirs( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_delete_all_pids( + + + + + ? + + + )
+
+ +
+

+Summary is missing! +

+
+ +
+ +
+Module: +files

+Layer: +system

+

+ +files_delete_etc_files( + + + + + domain + + + )
+
+ +
+

+Delete system configuration files in /etc.

-Module: -devices

-Layer: -kernel

+Module: +files

+Layer: +system

-dev_write_urand( +files_delete_root_dir_entry( - domain + ? )
@@ -24217,21 +27630,20 @@ kernel

-Write to the pseudo random device (e.g., /dev/urandom). This -sets the random number generator seed. +Summary is missing!

-Module: -devices

-Layer: -kernel

+Module: +files

+Layer: +system

-dev_wx_raw_memory( +files_dontaudit_getattr_all_dirs( @@ -24244,20 +27656,21 @@ kernel

-Write and execute raw memory devices (e.g. /dev/mem). +Do not audit attempts to get the attributes +of all directories.

-Module: -dhcp

-Layer: -services

+Module: +files

+Layer: +system

-dhcpd_setattr_state_files( +files_dontaudit_getattr_all_files( @@ -24270,21 +27683,21 @@ services

-Set the attributes of the DCHP -server state files. +Do not audit attempts to get the attributes +of all files.

-Module: -dictd

-Layer: -services

+Module: +files

+Layer: +system

-dictd_use( +files_dontaudit_getattr_all_pipes( @@ -24297,21 +27710,21 @@ services

-Use dictionary services by connecting -over TCP. +Do not audit attempts to get the attributes +of all named pipes.

-Module: -dmesg

-Layer: -admin

+Module: +files

+Layer: +system

-dmesg_domtrans( +files_dontaudit_getattr_all_sockets( @@ -24324,20 +27737,21 @@ admin

-Execute dmesg in the dmesg domain. +Do not audit attempts to get the attributes +of all named sockets.

-Module: -dmesg

-Layer: -admin

+Module: +files

+Layer: +system

-dmesg_exec( +files_dontaudit_getattr_all_symlinks( @@ -24350,25 +27764,26 @@ admin

-Execute dmesg in the caller domain. +Do not audit attempts to get the attributes +of all symbolic links.

-Module: -domain

+Module: +files

Layer: system

-domain_base_type( +files_dontaudit_getattr_default_dir( - type + domain )
@@ -24376,20 +27791,21 @@ system

-Make the specified type usable as a basic domain. +Do not audit attempts to get the attributes of +directories with the default file type.

-Module: -domain

+Module: +files

Layer: system

-domain_cron_exemption_source( +files_dontaudit_getattr_default_files( @@ -24402,23 +27818,21 @@ system

-Make the specified domain the source of -the cron domain exception of the -SELinux role and identity change -constraints. +Do not audit attempts to get the attributes of +files with the default file type.

-Module: -domain

+Module: +files

Layer: system

-domain_cron_exemption_target( +files_dontaudit_getattr_home_dir( @@ -24431,23 +27845,22 @@ system

-Make the specified domain the target of -the cron domain exception of the -SELinux role and identity change -constraints. +Do not audit attempts to get the +attributes of the home directories root +(/home).

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_getattr_all_sockets( +files_dontaudit_getattr_non_security_blk_dev( @@ -24461,20 +27874,20 @@ system

Do not audit attempts to get the attributes -of all domains sockets, for all socket types. +of non security block devices.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_getattr_all_tcp_sockets( +files_dontaudit_getattr_non_security_chr_dev( @@ -24488,20 +27901,20 @@ system

Do not audit attempts to get the attributes -of all domains TCP sockets. +of non security character devices.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_getattr_all_udp_sockets( +files_dontaudit_getattr_non_security_files( @@ -24515,20 +27928,20 @@ system

Do not audit attempts to get the attributes -of all domains UDP sockets. +of non security files.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_getattr_all_unix_dgram_sockets( +files_dontaudit_getattr_non_security_pipes( @@ -24542,20 +27955,20 @@ system

Do not audit attempts to get the attributes -of all domains unix datagram sockets. +of non security named pipes.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_getattr_all_unnamed_pipes( +files_dontaudit_getattr_non_security_sockets( @@ -24569,20 +27982,20 @@ system

Do not audit attempts to get the attributes -of all domains unnamed pipes. +of non security named sockets.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_getsession_all_domains( +files_dontaudit_getattr_non_security_symlinks( @@ -24595,21 +28008,21 @@ system

-Do not audit attempts to get the -session ID of all domains. +Do not audit attempts to get the attributes +of non security symbolic links.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_list_all_domains_proc( +files_dontaudit_getattr_pid_dir( @@ -24622,21 +28035,21 @@ system

-Do not audit attempts to read the process state -directories of all domains. +Do not audit attempts to get the attributes +of the /var/run directory.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_ptrace_all_domains( +files_dontaudit_getattr_tmp_dir( @@ -24649,20 +28062,21 @@ system

-Do not audit attempts to ptrace all domains. +Do not audit attempts to get the +attributes of the tmp directory (/tmp).

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_ptrace_confined_domains( +files_dontaudit_ioctl_all_pids( @@ -24675,20 +28089,20 @@ system

-Do not audit attempts to ptrace confined domains. +Do not audit attempts to ioctl daemon runtime data files.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_read_all_domains_state( +files_dontaudit_list_default( @@ -24701,21 +28115,21 @@ system

-Do not audit attempts to read the process -state (/proc/pid) of all domains. +Do not audit attempts to list contents of +directories with the default file type.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_rw_all_key_sockets( +files_dontaudit_list_non_security( @@ -24728,21 +28142,21 @@ system

-Do not audit attempts to read or write -all domains key sockets. +Do not audit attempts to list all +non security directories.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_rw_all_udp_sockets( +files_dontaudit_read_default_files( @@ -24755,26 +28169,26 @@ system

-Do not audit attempts to read or write -all domains UDP sockets. +Do not audit attempts to read files +with the default file type.

-Module: -domain

+Module: +files

Layer: system

-domain_dontaudit_use_wide_inherit_fd( +files_dontaudit_read_etc_runtime_files( - ? + domain )
@@ -24782,20 +28196,22 @@ system

-Summary is missing! +Do not audit attempts to read files +in /etc that are dynamically +created on boot, such as mtab.

-Module: -domain

+Module: +files

Layer: system

-domain_dyntrans_type( +files_dontaudit_read_root_file( @@ -24815,26 +28231,18 @@ Summary is missing!
-Module: -domain

+Module: +files

Layer: system

-domain_entry_file( - - - - - domain - +files_dontaudit_rw_root_chr_dev( - , - - type + ? )
@@ -24842,21 +28250,20 @@ system

-Make the specified type usable as -an entry point for the domain. +Summary is missing!

-Module: -domain

+Module: +files

Layer: system

-domain_exec_all_entry_files( +files_dontaudit_rw_root_file( @@ -24876,18 +28283,18 @@ Summary is missing!
-Module: -domain

+Module: +files

Layer: system

-domain_getattr_all_domains( +files_dontaudit_search_all_dirs( - domain + ? )
@@ -24895,20 +28302,20 @@ system

-Get the attributes of all domains of all domains. +Summary is missing!

-Module: -domain

+Module: +files

Layer: system

-domain_getattr_all_entry_files( +files_dontaudit_search_home( @@ -24921,21 +28328,21 @@ system

-Get the attributes of entry point -files for all domains. +Do not audit attempts to search +home directories root (/home).

-Module: -domain

+Module: +files

Layer: system

-domain_getattr_all_sockets( +files_dontaudit_search_isid_type_dir( @@ -24948,21 +28355,21 @@ system

-Get the attributes of all domains -sockets, for all socket types. +Do not audit attempts to search directories on new filesystems +that have not yet been labeled.

-Module: -domain

+Module: +files

Layer: system

-domain_getattr_confined_domains( +files_dontaudit_search_locks( @@ -24975,20 +28382,21 @@ system

-Get the attributes of all confined domains. +Do not audit attempts to search the +locks directory (/var/lock).

-Module: -domain

+Module: +files

Layer: system

-domain_getsession_all_domains( +files_dontaudit_search_pids( @@ -25001,25 +28409,26 @@ system

-Get the session ID of all domains. +Do not audit attempts to search +the /var/run directory.

-Module: -domain

+Module: +files

Layer: system

-domain_kill_all_domains( +files_dontaudit_search_src( - domain + ? )
@@ -25027,20 +28436,20 @@ system

-Send a kill signal to all domains. +Summary is missing!

-Module: -domain

+Module: +files

Layer: system

-domain_obj_id_change_exempt( +files_dontaudit_search_var( @@ -25053,21 +28462,21 @@ system

-Makes caller an exception to the constraint preventing -changing the user identity in object contexts. +Do not audit attempts to search +the contents of /var.

-Module: -domain

+Module: +files

Layer: system

-domain_read_all_domains_state( +files_dontaudit_write_all_pids( @@ -25080,20 +28489,20 @@ system

-Read the process state (/proc/pid) of all domains. +Do not audit attempts to write to daemon runtime data files.

-Module: -domain

+Module: +files

Layer: system

-domain_read_all_entry_files( +files_exec_etc_files( @@ -25113,13 +28522,13 @@ Summary is missing!
-Module: -domain

+Module: +files

Layer: system

-domain_read_confined_domains_state( +files_exec_usr_files( @@ -25132,20 +28541,20 @@ system

-Read the process state (/proc/pid) of all confined domains. +Execute generic programs in /usr in the caller domain.

-Module: -domain

+Module: +files

Layer: system

-domain_role_change_exempt( +files_exec_usr_src_files( @@ -25158,21 +28567,20 @@ system

-Makes caller an exception to the constraint preventing -changing of role. +Execute programs in /usr/src in the caller domain.

-Module: -domain

+Module: +files

Layer: system

-domain_search_all_domains_state( +files_getattr_all_dirs( @@ -25185,25 +28593,25 @@ system

-Search the process state directory (/proc/pid) of all domains. +Get the attributes of all directories.

-Module: -domain

+Module: +files

Layer: system

-domain_setpriority_all_domains( +files_getattr_all_files( - ? + domain )
@@ -25211,20 +28619,20 @@ system

-Summary is missing! +Get the attributes of all files.

-Module: -domain

+Module: +files

Layer: system

-domain_sigchld_all_domains( +files_getattr_all_pipes( @@ -25237,20 +28645,20 @@ system

-Send a child terminated signal to all domains. +Get the attributes of all named pipes.

-Module: -domain

+Module: +files

Layer: system

-domain_sigchld_wide_inherit_fd( +files_getattr_all_sockets( @@ -25263,21 +28671,20 @@ system

-Send a SIGCHLD signal to domains whose file -discriptors are widely inheritable. +Get the attributes of all named sockets.

-Module: -domain

+Module: +files

Layer: system

-domain_signal_all_domains( +files_getattr_all_symlinks( @@ -25290,25 +28697,25 @@ system

-Send general signals to all domains. +Get the attributes of all symbolic links.

-Module: -domain

+Module: +files

Layer: system

-domain_signull_all_domains( +files_getattr_generic_locks( - domain + ? )
@@ -25316,20 +28723,20 @@ system

-Send a null signal to all domains. +Summary is missing!

-Module: -domain

+Module: +files

Layer: system

-domain_sigstop_all_domains( +files_getattr_home_dir( @@ -25342,20 +28749,21 @@ system

-Send a stop signal to all domains. +Get the attributes of the home directories root +(/home).

-Module: -domain

+Module: +files

Layer: system

-domain_subj_id_change_exempt( +files_getattr_usr_files( @@ -25368,21 +28776,20 @@ system

-Makes caller an exception to the constraint preventing -changing of user identity. +Get the attributes of files in /usr.

-Module: -domain

+Module: +files

Layer: system

-domain_system_change_exempt( +files_getattr_var_lib_dir( @@ -25395,27 +28802,25 @@ system

-Makes caller and execption to the constraint -preventing changing to the system user -identity and system role. +Get the attributes of the /var/lib directory.

-Module: -domain

+Module: +files

Layer: system

-domain_type( +files_list_all_dirs( - type + domain )
@@ -25423,25 +28828,25 @@ system

-Make the specified type usable as a domain. +List the contents of all directories.

-Module: -domain

+Module: +files

Layer: system

-domain_unconfined( +files_list_all_dirs( - domain + ? )
@@ -25449,25 +28854,25 @@ system

-Unconfined access to domains. +Summary is missing!

-Module: -domain

+Module: +files

Layer: system

-domain_use_wide_inherit_fd( +files_list_default( - ? + domain )
@@ -25475,25 +28880,25 @@ system

-Summary is missing! +List contents of directories with the default file type.

-Module: -domain

+Module: +files

Layer: system

-domain_user_exemption_target( +files_list_etc( - domain + ? )
@@ -25501,28 +28906,25 @@ system

-Make the specified domain the target of -the user domain exception of the -SELinux role and identity change -constraints. +Summary is missing!

-Module: -domain

+Module: +files

Layer: system

-domain_wide_inherit_fd( +files_list_home( - ? + domain )
@@ -25530,25 +28932,25 @@ system

-Summary is missing! +Get listing of home directories.

-Module: +Module: files

Layer: system

-files_associate_tmp( +files_list_isid_type_dir( - file_type + domain )
@@ -25556,22 +28958,21 @@ system

-Allow the specified type to associate -to a filesystem with the type of the -temporary directory (/tmp). +List the contents of directories on new filesystems +that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_create_boot_flag( +files_list_mnt( @@ -25591,13 +28992,13 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_create_etc_config( +files_list_pids( @@ -25617,26 +29018,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_create_home_dirs( - - - - - domain - +files_list_root( - , - - home_type + ? )
@@ -25644,20 +29037,20 @@ system

-Create home directories +Summary is missing!

-Module: +Module: files

Layer: system

-files_create_lock( +files_list_spool( @@ -25677,18 +29070,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_create_pid( +files_list_usr( - ? + domain )
@@ -25696,20 +29089,21 @@ system

-Summary is missing! +List the contents of generic +directories in /usr.

-Module: +Module: files

Layer: system

-files_create_root( +files_list_var( @@ -25717,56 +29111,30 @@ system

domain - - , - - - - [ - - private type - - ] - - - - , - - - - [ - - object - - ] - - )

-Create an object in the root directory, with a private -type. If no object class is specified, the -default is file. +List the contents of /var.

-Module: +Module: files

Layer: system

-files_create_tmp_files( +files_list_var_lib( - ? + domain )
@@ -25774,20 +29142,20 @@ system

-Summary is missing! +List the contents of the /var/lib directory.

-Module: +Module: files

Layer: system

-files_create_usr( +files_list_world_readable( @@ -25795,70 +29163,30 @@ system

domain - - , - - - - file_type - - - - , - - - - [ - - object_class - - ] - - )

-Create objects in the /usr directory +List world-readable directories.

-Module: +Module: files

Layer: system

-files_create_var( - - - - - domain - - - - , - - - - file_type - +files_lock_file( - , - - [ - - object_class - - ] + ? )
@@ -25866,20 +29194,20 @@ system

-Create objects in the /var directory +Summary is missing!

-Module: +Module: files

Layer: system

-files_create_var_lib( +files_manage_all_files( @@ -25892,17 +29220,9 @@ system

- file_type - - - - , - - - [ - object_class + exception_types ] @@ -25912,20 +29232,21 @@ system

-Create objects in the /var/lib directory +Manage all files on the filesystem, except +the listed exceptions.

-Module: +Module: files

Layer: system

-files_delete_all_locks( +files_manage_etc_files( @@ -25945,18 +29266,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_delete_all_pid_dirs( +files_manage_etc_runtime_files( - ? + domain )
@@ -25964,20 +29285,22 @@ system

-Summary is missing! +Create, read, write, and delete files in +/etc that are dynamically created on boot, +such as mtab.

-Module: +Module: files

Layer: system

-files_delete_all_pids( +files_manage_generic_locks( @@ -25997,18 +29320,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_delete_etc_files( +files_manage_generic_spool_dirs( - domain + ? )
@@ -26016,20 +29339,20 @@ system

-Delete system configuration files in /etc. +Summary is missing!

-Module: +Module: files

Layer: system

-files_delete_root_dir_entry( +files_manage_generic_spools( @@ -26049,13 +29372,13 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_dontaudit_getattr_all_dirs( +files_manage_isid_type_blk_node( @@ -26068,21 +29391,21 @@ system

-Do not audit attempts to get the attributes -of all directories. +Create, read, write, and delete block device nodes +on new filesystems that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_all_files( +files_manage_isid_type_chr_node( @@ -26095,21 +29418,21 @@ system

-Do not audit attempts to get the attributes -of all files. +Create, read, write, and delete character device nodes +on new filesystems that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_all_pipes( +files_manage_isid_type_dir( @@ -26122,21 +29445,21 @@ system

-Do not audit attempts to get the attributes -of all named pipes. +Create, read, write, and delete directories +on new filesystems that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_all_sockets( +files_manage_isid_type_file( @@ -26149,21 +29472,21 @@ system

-Do not audit attempts to get the attributes -of all named sockets. +Create, read, write, and delete files +on new filesystems that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_all_symlinks( +files_manage_isid_type_symlink( @@ -26176,21 +29499,21 @@ system

-Do not audit attempts to get the attributes -of all symbolic links. +Create, read, write, and delete symbolic links +on new filesystems that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_default_dir( +files_manage_lost_found( @@ -26203,21 +29526,21 @@ system

-Do not audit attempts to get the attributes of -directories with the default file type. +Create, read, write, and delete objects in +lost+found directories.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_default_files( +files_manage_mnt_dirs( @@ -26230,21 +29553,20 @@ system

-Do not audit attempts to get the attributes of -files with the default file type. +Create, read, write, and delete directories in /mnt.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_pid_dir( +files_manage_mnt_files( @@ -26257,21 +29579,20 @@ system

-Do not audit attempts to get the attributes -of the /var/run directory. +Create, read, write, and delete files in /mnt.

-Module: +Module: files

Layer: system

-files_dontaudit_getattr_tmp_dir( +files_manage_mnt_symlinks( @@ -26284,26 +29605,25 @@ system

-Do not audit attempts to get the -attributes of the tmp directory (/tmp). +Create, read, write, and delete symbolic links in /mnt.

-Module: +Module: files

Layer: system

-files_dontaudit_ioctl_all_pids( +files_manage_urandom_seed( - domain + ? )
@@ -26311,20 +29631,20 @@ system

-Do not audit attempts to ioctl daemon runtime data files. +Summary is missing!

-Module: +Module: files

Layer: system

-files_dontaudit_list_default( +files_manage_var_dirs( @@ -26337,21 +29657,21 @@ system

-Do not audit attempts to list contents of -directories with the default file type. +Create, read, write, and delete directories +in the /var directory.

-Module: +Module: files

Layer: system

-files_dontaudit_read_default_files( +files_manage_var_files( @@ -26364,21 +29684,20 @@ system

-Do not audit attempts to read files -with the default file type. +Create, read, write, and delete files in the /var directory.

-Module: +Module: files

Layer: system

-files_dontaudit_read_etc_runtime_files( +files_manage_var_symlinks( @@ -26391,22 +29710,21 @@ system

-Do not audit attempts to read files -in /etc that are dynamically -created on boot, such as mtab. +Create, read, write, and delete symbolic +links in the /var directory.

-Module: +Module: files

Layer: system

-files_dontaudit_read_root_file( +files_mount_all_file_type_fs( @@ -26426,13 +29744,13 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_dontaudit_rw_root_chr_dev( +files_mounton_all_mountpoints( @@ -26452,18 +29770,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_dontaudit_rw_root_file( +files_mounton_default( - ? + domain )
@@ -26471,25 +29789,25 @@ system

-Summary is missing! +Mount a filesystem on a directory with the default file type.

-Module: +Module: files

Layer: system

-files_dontaudit_search_all_dirs( +files_mounton_isid_type_dir( - ? + domain )
@@ -26497,20 +29815,21 @@ system

-Summary is missing! +Mount a filesystem on a directory on new filesystems +that has not yet been labeled.

-Module: +Module: files

Layer: system

-files_dontaudit_search_home( +files_mounton_mnt( @@ -26523,26 +29842,25 @@ system

-Do not audit attempts to search -home directories root (/home). +Mount a filesystem on /mnt.

-Module: +Module: files

Layer: system

-files_dontaudit_search_isid_type_dir( +files_mountpoint( - domain + ? )
@@ -26550,26 +29868,25 @@ system

-Do not audit attempts to search directories on new filesystems -that have not yet been labeled. +Summary is missing!

-Module: +Module: files

Layer: system

-files_dontaudit_search_locks( +files_pid_file( - domain + ? )
@@ -26577,26 +29894,25 @@ system

-Do not audit attempts to search the -locks directory (/var/lock). +Summary is missing!

-Module: +Module: files

Layer: system

-files_dontaudit_search_pids( +files_poly( - ? + file_type )
@@ -26604,25 +29920,26 @@ system

-Summary is missing! +Make the specified type a +polyinstantiated directory.

-Module: +Module: files

Layer: system

-files_dontaudit_search_var( +files_poly_member( - ? + file_type )
@@ -26630,20 +29947,21 @@ system

-Summary is missing! +Make the specified type a +polyinstantiation member directory.

-Module: +Module: files

Layer: system

-files_dontaudit_write_all_pids( +files_poly_member_tmp( @@ -26651,30 +29969,12 @@ system

domain - )
-

- -
-

-Do not audit attempts to write to daemon runtime data files. -

-
- -
- -
-Module: -files

-Layer: -system

-

- -files_exec_etc_files( - + , - ? + + file_type )
@@ -26682,25 +29982,26 @@ system

-Summary is missing! +Make the domain use the specified +type of polyinstantiated directory.

-Module: +Module: files

Layer: system

-files_exec_usr_files( +files_poly_parent( - domain + file_type )
@@ -26708,25 +30009,26 @@ system

-Execute programs in /usr/src in the caller domain. +Make the specified type a parent +of a polyinstantiated directory.

-Module: +Module: files

Layer: system

-files_getattr_all_dirs( +files_purge_tmp( - domain + ? )
@@ -26734,20 +30036,20 @@ system

-Get the attributes of all directories. +Summary is missing!

-Module: +Module: files

Layer: system

-files_getattr_all_files( +files_read_all_files( @@ -26760,25 +30062,25 @@ system

-Get the attributes of all files. +Read all files.

-Module: +Module: files

Layer: system

-files_getattr_all_pipes( +files_read_all_pids( - domain + ? )
@@ -26786,20 +30088,20 @@ system

-Get the attributes of all named pipes. +Summary is missing!

-Module: +Module: files

Layer: system

-files_getattr_all_sockets( +files_read_all_symlinks( @@ -26812,20 +30114,20 @@ system

-Get the attributes of all named sockets. +Read all symbolic links.

-Module: +Module: files

Layer: system

-files_getattr_all_symlinks( +files_read_default_files( @@ -26838,25 +30140,25 @@ system

-Get the attributes of all symbolic links. +Read files with the default file type.

-Module: +Module: files

Layer: system

-files_getattr_generic_locks( +files_read_default_pipes( - ? + domain )
@@ -26864,20 +30166,20 @@ system

-Summary is missing! +Read named pipes with the default file type.

-Module: +Module: files

Layer: system

-files_getattr_home_dir( +files_read_default_sockets( @@ -26890,22 +30192,20 @@ system

-Do not audit attempts to get the -attributes of the home directories root -(/home). +Read sockets with the default file type.

-Module: +Module: files

Layer: system

-files_getattr_usr_files( +files_read_default_symlinks( @@ -26918,25 +30218,25 @@ system

-Get the attributes of files in /usr. +Read symbolic links with the default file type.

-Module: +Module: files

Layer: system

-files_getattr_var_lib_dir( +files_read_etc_files( - domain + ? )
@@ -26944,20 +30244,20 @@ system

-Get the attributes of the /var/lib directory. +Summary is missing!

-Module: +Module: files

Layer: system

-files_list_all_dirs( +files_read_etc_runtime_files( @@ -26970,20 +30270,21 @@ system

-List the contents of all directories. +Read files in /etc that are dynamically +created on boot, such as mtab.

-Module: +Module: files

Layer: system

-files_list_all_dirs( +files_read_generic_spools( @@ -27003,13 +30304,13 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_list_default( +files_read_isid_type_file( @@ -27022,20 +30323,21 @@ system

-List contents of directories with the default file type. +Read files on new filesystems +that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_list_etc( +files_read_usr_files( @@ -27055,18 +30357,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_list_home( +files_read_usr_src_files( - domain + ? )
@@ -27074,20 +30376,20 @@ system

-Get listing of home directories. +Summary is missing!

-Module: +Module: files

Layer: system

-files_list_isid_type_dir( +files_read_usr_symlinks( @@ -27100,26 +30402,25 @@ system

-List the contents of directories on new filesystems -that have not yet been labeled. +Read symbolic links in /usr.

-Module: +Module: files

Layer: system

-files_list_mnt( +files_read_var_files( - ? + domain )
@@ -27127,25 +30428,25 @@ system

-Summary is missing! +Read files in the /var directory.

-Module: +Module: files

Layer: system

-files_list_pids( +files_read_var_lib_files( - ? + domain )
@@ -27153,25 +30454,25 @@ system

-Summary is missing! +Read generic files in /var/lib.

-Module: +Module: files

Layer: system

-files_list_root( +files_read_var_lib_symlinks( - ? + domain )
@@ -27179,25 +30480,25 @@ system

-Summary is missing! +Read generic symbolic links in /var/lib

-Module: +Module: files

Layer: system

-files_list_spool( +files_read_var_symlink( - ? + domain )
@@ -27205,20 +30506,20 @@ system

-Summary is missing! +Read symbolic links in the /var directory.

-Module: +Module: files

Layer: system

-files_list_usr( +files_read_world_readable_files( @@ -27231,21 +30532,20 @@ system

-List the contents of generic -directories in /usr. +Read world-readable files.

-Module: +Module: files

Layer: system

-files_list_var_lib( +files_read_world_readable_pipes( @@ -27258,20 +30558,20 @@ system

-List the contents of the /var/lib directory. +Read world-readable named pipes.

-Module: +Module: files

Layer: system

-files_list_world_readable( +files_read_world_readable_sockets( @@ -27284,25 +30584,25 @@ system

-List world-readable directories. +Read world-readable sockets.

-Module: +Module: files

Layer: system

-files_lock_file( +files_read_world_readable_symlinks( - ? + domain )
@@ -27310,20 +30610,20 @@ system

-Summary is missing! +Read world-readable symbolic links.

-Module: +Module: files

Layer: system

-files_manage_all_files( +files_relabel_all_files( @@ -27348,7 +30648,7 @@ system

-Manage all files on the filesystem, except +Relabel all files on the filesystem, except the listed exceptions.

@@ -27356,13 +30656,13 @@ the listed exceptions.
-Module: +Module: files

Layer: system

-files_manage_etc_files( +files_relabelto_all_file_type_fs( @@ -27382,13 +30682,13 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_manage_etc_runtime_files( +files_relabelto_usr_files( @@ -27401,22 +30701,20 @@ system

-Create, read, write, and delete files in -/etc that are dynamically created on boot, -such as mtab. +Relabel a file to the type used in /usr.

-Module: +Module: files

Layer: system

-files_manage_generic_locks( +files_rw_etc_files( @@ -27436,18 +30734,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_manage_generic_spool_dirs( +files_rw_etc_runtime_files( - ? + domain )
@@ -27455,20 +30753,21 @@ system

-Summary is missing! +Read and write files in /etc that are dynamically +created on boot, such as mtab.

-Module: +Module: files

Layer: system

-files_manage_generic_spools( +files_rw_generic_pids( @@ -27488,13 +30787,13 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_manage_isid_type_blk_node( +files_rw_isid_type_blk_node( @@ -27507,21 +30806,21 @@ system

-Create, read, write, and delete block device nodes -on new filesystems that have not yet been labeled. +Read and write block device nodes on new filesystems +that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_manage_isid_type_chr_node( +files_rw_isid_type_dir( @@ -27534,21 +30833,21 @@ system

-Create, read, write, and delete character device nodes -on new filesystems that have not yet been labeled. +Read and write directories on new filesystems +that have not yet been labeled.

-Module: +Module: files

Layer: system

-files_manage_isid_type_dir( +files_rw_locks_dir( @@ -27561,21 +30860,21 @@ system

-Create, read, write, and delete directories -on new filesystems that have not yet been labeled. +Add and remove entries in the /var/lock +directories.

-Module: +Module: files

Layer: system

-files_manage_isid_type_file( +files_search_all( @@ -27588,26 +30887,25 @@ system

-Create, read, write, and delete files -on new filesystems that have not yet been labeled. +Search all directories.

-Module: +Module: files

Layer: system

-files_manage_isid_type_symlink( +files_search_all_dirs( - domain + ? )
@@ -27615,21 +30913,20 @@ system

-Create, read, write, and delete symbolic links -on new filesystems that have not yet been labeled. +Summary is missing!

-Module: +Module: files

Layer: system

-files_manage_lost_found( +files_search_default( @@ -27642,26 +30939,25 @@ system

-Create, read, write, and delete objects in -lost+found directories. +Search the contents of directories with the default file type.

-Module: +Module: files

Layer: system

-files_manage_mnt_dirs( +files_search_etc( - domain + ? )
@@ -27669,20 +30965,20 @@ system

-Create, read, write, and delete directories in /mnt. +Summary is missing!

-Module: +Module: files

Layer: system

-files_manage_mnt_files( +files_search_home( @@ -27695,25 +30991,25 @@ system

-Create, read, write, and delete files in /mnt. +Search home directories root (/home).

-Module: +Module: files

Layer: system

-files_manage_mnt_symlinks( +files_search_locks( - domain + ? )
@@ -27721,20 +31017,20 @@ system

-Create, read, write, and delete symbolic links in /mnt. +Summary is missing!

-Module: +Module: files

Layer: system

-files_manage_urandom_seed( +files_search_mnt( @@ -27754,18 +31050,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_manage_var_dirs( +files_search_pids( - domain + ? )
@@ -27773,26 +31069,25 @@ system

-Create, read, write, and delete directories -in the /var directory. +Summary is missing!

-Module: +Module: files

Layer: system

-files_manage_var_files( +files_search_spool( - domain + ? )
@@ -27800,20 +31095,20 @@ system

-Create, read, write, and delete files in the /var directory. +Summary is missing!

-Module: +Module: files

Layer: system

-files_manage_var_symlinks( +files_search_tmp( @@ -27826,21 +31121,20 @@ system

-Create, read, write, and delete symbolic -links in the /var directory. +Search the tmp directory (/tmp).

-Module: +Module: files

Layer: system

-files_mount_all_file_type_fs( +files_search_usr( @@ -27860,18 +31154,18 @@ Summary is missing!
-Module: +Module: files

Layer: system

-files_mounton_all_mountpoints( +files_search_var( - ? + domain )
@@ -27879,20 +31173,20 @@ system

-Summary is missing! +Search the contents of /var.

-Module: +Module: files

Layer: system

-files_mounton_default( +files_search_var_lib( @@ -27905,25 +31199,25 @@ system

-Mount a filesystem on a directory with the default file type. +Search the /var/lib directory.

-Module: +Module: files

Layer: system

-files_mounton_isid_type_dir( +files_security_file( - domain + file_type )
@@ -27931,21 +31225,22 @@ system

-Mount a filesystem on a directory on new filesystems -that has not yet been labeled. +Make the specified type a file that +should not be dontaudited from +browsing from user domains.

-Module: +Module: files

Layer: system

-files_mounton_mnt( +files_setattr_all_tmp_dirs( @@ -27958,25 +31253,25 @@ system

-Mount a filesystem on /mnt. +Set the attributes of all tmp directories.

-Module: +Module: files

Layer: system

-files_mountpoint( +files_setattr_etc_dir( - ? + domain )
@@ -27984,25 +31279,25 @@ system

-Summary is missing! +Set the attributes of the /etc directories.

-Module: +Module: files

Layer: system

-files_pid_file( +files_tmp_file( - ? + file_type )
@@ -28010,25 +31305,26 @@ system

-Summary is missing! +Make the specified type a file +used for temporary files.

-Module: +Module: files

Layer: system

-files_poly( +files_tmpfs_file( - file_type + type )
@@ -28036,26 +31332,26 @@ system

-Make the specified type a -polyinstantiated directory. +Transform the type into a file, for use on a +virtual memory filesystem (tmpfs).

-Module: +Module: files

Layer: system

-files_poly_member( +files_type( - file_type + type )
@@ -28063,21 +31359,21 @@ system

-Make the specified type a -polyinstantiation member directory. +Make the specified type usable for files +in a filesystem.

-Module: +Module: files

Layer: system

-files_poly_member_tmp( +files_unconfined( @@ -28085,39 +31381,30 @@ system

domain - - , - - - - file_type - - )

-Make the domain use the specified -type of polyinstantiated directory. +Unconfined access to files.

-Module: +Module: files

Layer: system

-files_poly_parent( +files_unmount_all_file_type_fs( - file_type + ? )
@@ -28125,21 +31412,20 @@ system

-Make the specified type a parent -of a polyinstantiated directory. +Summary is missing!

-Module: +Module: files

Layer: system

-files_purge_tmp( +files_unmount_rootfs( @@ -28159,13 +31445,13 @@ Summary is missing!
-Module: -files

-Layer: -system

+Module: +finger

+Layer: +services

-files_read_all_files( +finger_domtrans( @@ -28178,25 +31464,25 @@ system

-Read all files. +Execute fingerd in the fingerd domain.

-Module: -files

-Layer: -system

+Module: +finger

+Layer: +services

-files_read_all_pids( +finger_tcp_connect( - ? + domain )
@@ -28204,20 +31490,20 @@ system

-Summary is missing! +Allow the specified domain to connect to fingerd with a tcp socket.

-Module: -files

-Layer: -system

+Module: +firstboot

+Layer: +admin

-files_read_all_symlinks( +firstboot_domtrans( @@ -28230,20 +31516,20 @@ system

-Read all symbolic links. +Execute firstboot in the firstboot domain.

-Module: -files

-Layer: -system

+Module: +firstboot

+Layer: +admin

-files_read_default_files( +firstboot_dontaudit_use_fd( @@ -28256,20 +31542,21 @@ system

-Read files with the default file type. +Do not audit attempts to inherit a +file descriptor from firstboot.

-Module: -files

-Layer: -system

+Module: +firstboot

+Layer: +admin

-files_read_default_pipes( +firstboot_run( @@ -28277,30 +31564,20 @@ system

domain - )
-

- -
-

-Read named pipes with the default file type. -

-
- -
- -
-Module: -files

-Layer: -system

-

- -files_read_default_sockets( + + , + + + + role + + , - domain + + terminal )
@@ -28308,20 +31585,21 @@ system

-Read sockets with the default file type. +Execute firstboot in the firstboot domain, and +allow the specified role the firstboot domain.

-Module: -files

-Layer: -system

+Module: +firstboot

+Layer: +admin

-files_read_default_symlinks( +firstboot_use_fd( @@ -28334,25 +31612,25 @@ system

-Read symbolic links with the default file type. +Inherit and use a file descriptor from firstboot.

-
- -
-Module: -files

-Layer: -system

+

+ +
+Module: +firstboot

+Layer: +admin

-files_read_etc_files( +firstboot_write_pipe( - ? + domain )
@@ -28360,25 +31638,25 @@ system

-Summary is missing! +Write to a firstboot unnamed pipe.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_etc_runtime_files( +fs_associate( - domain + file_type )
@@ -28386,26 +31664,28 @@ system

-Read files in /etc that are dynamically -created on boot, such as mtab. +Associate the specified file type to persistent +filesystems with extended attributes. This +allows a file of this type to be created on +a filesystem such as ext3, JFS, and XFS.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_generic_spools( +fs_associate_noxattr( - ? + file_type )
@@ -28413,25 +31693,29 @@ system

-Summary is missing! +Associate the specified file type to +filesystems which lack extended attributes +support. This allows a file of this type +to be created on a filesystem such as +FAT32, and NFS.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_isid_type_file( +fs_associate_tmpfs( - domain + type )
@@ -28439,26 +31723,33 @@ system

-Read files on new filesystems -that have not yet been labeled. +Allow the type to associate to tmpfs filesystems.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_usr_files( +fs_cifs_domtrans( - ? + domain + + + + , + + + + target_domain )
@@ -28466,20 +31757,21 @@ system

-Summary is missing! +Execute a file on a CIFS or SMB filesystem +in the specified domain.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_usr_src_files( +fs_create_tmpfs_data( @@ -28499,13 +31791,13 @@ Summary is missing!
-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_usr_symlinks( +fs_dontaudit_getattr_all_files( @@ -28518,20 +31810,21 @@ system

-Read symbolic links in /usr. +Do not audit attempts to get the attributes +of all files with a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_var_files( +fs_dontaudit_getattr_all_fs( @@ -28544,20 +31837,21 @@ system

-Read files in the /var directory. +Do not audit attempts to get the attributes +all filesystems.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_var_lib_files( +fs_dontaudit_getattr_all_pipes( @@ -28570,20 +31864,21 @@ system

-Read generic files in /var/lib +Do not audit attempts to get the attributes +of all named pipes with a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_var_symlink( +fs_dontaudit_getattr_all_sockets( @@ -28596,20 +31891,21 @@ system

-Read symbolic links in the /var directory. +Do not audit attempts to get the attributes +of all named sockets with a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_world_readable_files( +fs_dontaudit_getattr_all_symlinks( @@ -28622,20 +31918,21 @@ system

-Read world-readable files. +Do not audit attempts to get the attributes +of all symbolic links with a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_world_readable_pipes( +fs_dontaudit_getattr_xattr_fs( @@ -28648,20 +31945,23 @@ system

-Read world-readable named pipes. +Do not audit attempts to +get the attributes of a persistent +filesystem which has extended +attributes, such as ext3, JFS, or XFS.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_world_readable_sockets( +fs_dontaudit_list_cifs( @@ -28674,20 +31974,21 @@ system

-Read world-readable sockets. +Do not audit attempts to list the contents +of directories on a CIFS or SMB filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_read_world_readable_symlinks( +fs_dontaudit_list_nfs( @@ -28700,20 +32001,21 @@ system

-Read world-readable symbolic links. +Do not audit attempts to list the contents +of directories on a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_relabel_all_files( +fs_dontaudit_list_tmpfs( @@ -28721,43 +32023,31 @@ system

domain - - , - - - - [ - - exception_types - - ] - - )

-Relabel all files on the filesystem, except -the listed exceptions. +Do not audit attempts to list the +contents of generic tmpfs directories.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_relabelto_all_file_type_fs( +fs_dontaudit_manage_cifs_dirs( - ? + domain )
@@ -28765,20 +32055,22 @@ system

-Summary is missing! +Do not audit attempts to create, read, +write, and delete directories +on a CIFS or SMB network filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_relabelto_usr_files( +fs_dontaudit_manage_cifs_files( @@ -28791,25 +32083,27 @@ system

-Relabel a file to the type used in /usr. +Do not audit attempts to create, read, +write, and delete files +on a CIFS or SMB network filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_rw_etc_files( +fs_dontaudit_manage_nfs_dirs( - ? + domain )
@@ -28817,20 +32111,22 @@ system

-Summary is missing! +Do not audit attempts to create, read, +write, and delete directories +on a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_rw_etc_runtime_files( +fs_dontaudit_manage_nfs_files( @@ -28843,26 +32139,27 @@ system

-Read and write files in /etc that are dynamically -created on boot, such as mtab. +Do not audit attempts to create, +read, write, and delete files +on a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_rw_generic_pids( +fs_dontaudit_read_cifs_files( - ? + domain )
@@ -28870,20 +32167,21 @@ system

-Summary is missing! +Do not audit attempts to read +files on a CIFS or SMB filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_rw_isid_type_blk_node( +fs_dontaudit_read_nfs_files( @@ -28896,21 +32194,21 @@ system

-Read and write block device nodes on new filesystems -that have not yet been labeled. +Do not audit attempts to read +files on a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_rw_isid_type_dir( +fs_dontaudit_rw_cifs_files( @@ -28923,26 +32221,26 @@ system

-Read and write directories on new filesystems -that have not yet been labeled. +Do not audit attempts to read or +write files on a CIFS or SMB filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_all_dirs( +fs_dontaudit_rw_nfs_files( - ? + domain )
@@ -28950,20 +32248,21 @@ system

-Summary is missing! +Do not audit attempts to read or +write files on a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_default( +fs_exec_noxattr( @@ -28976,25 +32275,26 @@ system

-Search the contents of directories with the default file type. +Execute files on a filesystem that does +not support extended attributes.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_etc( +fs_execute_cifs_files( - ? + domain )
@@ -29002,20 +32302,22 @@ system

-Summary is missing! +Execute files on a CIFS or SMB +network filesystem, in the caller +domain.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_home( +fs_execute_nfs_files( @@ -29028,25 +32330,25 @@ system

-Search home directories root (/home). +Execute files on a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_locks( +fs_get_all_fs_quotas( - ? + domain )
@@ -29054,25 +32356,25 @@ system

-Summary is missing! +Get the quotas of all filesystems.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_mnt( +fs_get_xattr_fs_quota( - ? + domain )
@@ -29080,25 +32382,26 @@ system

-Summary is missing! +Get the filesystem quotas of a filesystem +with extended attributes.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_pids( +fs_get_xattr_fs_quotas( - ? + domain )
@@ -29106,25 +32409,27 @@ system

-Summary is missing! +Get the quotas of a persistent +filesystem which has extended +attributes, such as ext3, JFS, or XFS.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_spool( +fs_getattr_all_files( - ? + domain )
@@ -29132,20 +32437,21 @@ system

-Summary is missing! +Get the attributes of all files with +a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_tmp( +fs_getattr_all_fs( @@ -29158,25 +32464,26 @@ system

-Search the tmp directory (/tmp). +Get the attributes of all persistent +filesystems.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_usr( +fs_getattr_all_pipes( - ? + domain )
@@ -29184,25 +32491,26 @@ system

-Summary is missing! +Get the attributes of all named pipes with +a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_var( +fs_getattr_all_sockets( - ? + domain )
@@ -29210,20 +32518,21 @@ system

-Summary is missing! +Get the attributes of all named sockets with +a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_search_var_lib( +fs_getattr_all_symlinks( @@ -29236,20 +32545,21 @@ system

-Search the /var/lib directory. +Get the attributes of all symbolic links with +a filesystem type.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_setattr_all_tmp_dirs( +fs_getattr_autofs( @@ -29262,20 +32572,21 @@ system

-Set the attributes of all tmp directories. +Get the attributes of an automount +pseudo filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_setattr_etc_dir( +fs_getattr_cifs( @@ -29288,25 +32599,26 @@ system

-Set the attributes of the /etc directories. +Get the attributes of a CIFS or +SMB network filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_tmp_file( +fs_getattr_dos_fs( - file_type + domain )
@@ -29314,26 +32626,26 @@ system

-Make the specified type a file -used for temporary files. +Get the attributes of a DOS +filesystem, such as FAT32 or NTFS.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_tmpfs_file( +fs_getattr_iso9660_fs( - type + domain )
@@ -29341,26 +32653,26 @@ system

-Transform the type into a file, for use on a -virtual memory filesystem (tmpfs). +Get the attributes of an iso9660 +filesystem, which is usually used on CDs.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_type( +fs_getattr_nfs( - ? + domain )
@@ -29368,20 +32680,20 @@ system

-Summary is missing! +Get the attributes of a NFS filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_unconfined( +fs_getattr_nfsd_fs( @@ -29394,25 +32706,26 @@ system

-Unconfined access to files. +Get the attributes of a NFS server +pseudo filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_unmount_all_file_type_fs( +fs_getattr_ramfs( - ? + domain )
@@ -29420,25 +32733,25 @@ system

-Summary is missing! +Get the attributes of a RAM filesystem.

-Module: -files

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-files_unmount_rootfs( +fs_getattr_romfs( - ? + domain )
@@ -29446,20 +32759,21 @@ system

-Summary is missing! +Get the attributes of a ROM +filesystem.

-Module: -firstboot

-Layer: -admin

+Module: +filesystem

+Layer: +kernel

-firstboot_domtrans( +fs_getattr_rpc_pipefs( @@ -29472,20 +32786,21 @@ admin

-Execute firstboot in the firstboot domain. +Get the attributes of a RPC pipe +filesystem.

-Module: -firstboot

-Layer: -admin

+Module: +filesystem

+Layer: +kernel

-firstboot_dontaudit_use_fd( +fs_getattr_tmpfs( @@ -29498,21 +32813,21 @@ admin

-Do not audit attempts to inherit a -file descriptor from firstboot. +Get the attributes of a tmpfs +filesystem.

-Module: -firstboot

-Layer: -admin

+Module: +filesystem

+Layer: +kernel

-firstboot_run( +fs_getattr_tmpfs_dir( @@ -29520,42 +32835,25 @@ admin

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute firstboot in the firstboot domain, and -allow the specified role the firstboot domain. +Get the attributes of tmpfs directories.

-Module: -firstboot

-Layer: -admin

+Module: +filesystem

+Layer: +kernel

-firstboot_use_fd( +fs_getattr_xattr_fs( @@ -29568,20 +32866,22 @@ admin

-Inherit and use a file descriptor from firstboot. +Get the attributes of a persistent +filesystem which has extended +attributes, such as ext3, JFS, or XFS.

-Module: -firstboot

-Layer: -admin

+Module: +filesystem

+Layer: +kernel

-firstboot_write_pipe( +fs_list_all( @@ -29594,25 +32894,25 @@ admin

-Write to a firstboot unnamed pipe. +List all directories with a filesystem type.

-Module: +Module: filesystem

Layer: kernel

-fs_associate( +fs_list_cifs( - file_type + domain )
@@ -29620,28 +32920,26 @@ kernel

-Associate the specified file type to persistent -filesystems with extended attributes. This -allows a file of this type to be created on -a filesystem such as ext3, JFS, and XFS. +List the contents of directories on a +CIFS or SMB filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_associate_noxattr( +fs_list_tmpfs( - file_type + domain )
@@ -29649,29 +32947,25 @@ kernel

-Associate the specified file type to -filesystems which lack extended attributes -support. This allows a file of this type -to be created on a filesystem such as -FAT32, and NFS. +List the contents of generic tmpfs directories.

-Module: +Module: filesystem

Layer: kernel

-fs_associate_tmpfs( +fs_make_noxattr_fs( - type + domain )
@@ -29679,20 +32973,22 @@ kernel

-Allow the type to associate to tmpfs filesystems. +Transform specified type into a filesystem +type which does not have extended attribute +support.

-Module: +Module: filesystem

Layer: kernel

-fs_cifs_domtrans( +fs_manage_cifs_dirs( @@ -29700,39 +32996,31 @@ kernel

domain - - , - - - - target_domain - - )

-Execute a file on a CIFS or SMB filesystem -in the specified domain. +Create, read, write, and delete directories +on a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_create_tmpfs_data( +fs_manage_cifs_files( - ? + domain )
@@ -29740,20 +33028,21 @@ kernel

-Summary is missing! +Create, read, write, and delete files +on a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_getattr_all_fs( +fs_manage_cifs_named_pipes( @@ -29766,21 +33055,21 @@ kernel

-Do not audit attempts to get the attributes -all filesystems. +Create, read, write, and delete named pipes +on a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_getattr_xattr_fs( +fs_manage_cifs_named_sockets( @@ -29793,23 +33082,21 @@ kernel

-Do not audit attempts to -get the attributes of a persistent -filesystem which has extended -attributes, such as ext3, JFS, or XFS. +Create, read, write, and delete named sockets +on a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_list_cifs( +fs_manage_cifs_symlinks( @@ -29822,21 +33109,21 @@ kernel

-Do not audit attempts to list the contents -of directories on a CIFS or SMB filesystem. +Create, read, write, and delete symbolic links +on a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_list_nfs( +fs_manage_nfs_dirs( @@ -29849,21 +33136,21 @@ kernel

-Do not audit attempts to list the contents -of directories on a NFS filesystem. +Create, read, write, and delete directories +on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_list_tmpfs( +fs_manage_nfs_files( @@ -29876,21 +33163,21 @@ kernel

-Do not audit attempts to list the -contents of generic tmpfs directories. +Create, read, write, and delete files +on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_manage_cifs_dirs( +fs_manage_nfs_named_pipes( @@ -29903,22 +33190,21 @@ kernel

-Do not audit attempts to create, read, -write, and delete directories -on a CIFS or SMB network filesystem. +Create, read, write, and delete named pipes +on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_manage_cifs_files( +fs_manage_nfs_named_sockets( @@ -29931,22 +33217,21 @@ kernel

-Do not audit attempts to create, read, -write, and delete files -on a CIFS or SMB network filesystem. +Create, read, write, and delete named sockets +on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_manage_nfs_dirs( +fs_manage_nfs_symlinks( @@ -29959,22 +33244,21 @@ kernel

-Do not audit attempts to create, read, -write, and delete directories -on a NFS filesystem. +Create, read, write, and delete symbolic links +on a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_manage_nfs_files( +fs_manage_tmpfs_blk_dev( @@ -29987,22 +33271,21 @@ kernel

-Do not audit attempts to create, -read, write, and delete files -on a NFS filesystem. +Read and write, create and delete block nodes +on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_read_cifs_files( +fs_manage_tmpfs_chr_dev( @@ -30015,21 +33298,21 @@ kernel

-Do not audit attempts to read -files on a CIFS or SMB filesystem. +Read and write, create and delete character +nodes on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_read_nfs_files( +fs_manage_tmpfs_dirs( @@ -30042,21 +33325,21 @@ kernel

-Do not audit attempts to read -files on a NFS filesystem. +Create, read, write, and delete +tmpfs directories

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_rw_cifs_files( +fs_manage_tmpfs_files( @@ -30069,21 +33352,21 @@ kernel

-Do not audit attempts to read or -write files on a CIFS or SMB filesystem. +Read and write, create and delete generic +files on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_dontaudit_rw_nfs_files( +fs_manage_tmpfs_sockets( @@ -30096,21 +33379,21 @@ kernel

-Do not audit attempts to read or -write files on a NFS filesystem. +Read and write, create and delete socket +files on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_exec_noxattr( +fs_manage_tmpfs_symlinks( @@ -30123,21 +33406,21 @@ kernel

-Execute files on a filesystem that does -not support extended attributes. +Read and write, create and delete symbolic +links on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_execute_cifs_files( +fs_mount_all_fs( @@ -30150,22 +33433,20 @@ kernel

-Execute files on a CIFS or SMB -network filesystem, in the caller -domain. +Mount all filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_execute_nfs_files( +fs_mount_autofs( @@ -30178,20 +33459,20 @@ kernel

-Execute files on a NFS filesystem. +Mount an automount pseudo filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_get_all_fs_quotas( +fs_mount_cifs( @@ -30204,20 +33485,20 @@ kernel

-Get the quotas of all filesystems. +Mount a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_get_xattr_fs_quota( +fs_mount_dos_fs( @@ -30230,26 +33511,26 @@ kernel

-Get the filesystem quotas of a filesystem -with extended attributes. +Mount a DOS filesystem, such as +FAT32 or NTFS.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_all_files( +fs_mount_iso9660_fs( - ? + domain )
@@ -30257,20 +33538,21 @@ kernel

-Summary is missing! +Mount an iso9660 filesystem, which +is usually used on CDs.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_all_fs( +fs_mount_nfs( @@ -30283,21 +33565,20 @@ kernel

-Get the attributes of all persistent -filesystems. +Mount a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_autofs( +fs_mount_nfsd_fs( @@ -30310,21 +33591,20 @@ kernel

-Get the attributes of an automount -pseudo filesystem. +Mount a NFS server pseudo filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_cifs( +fs_mount_ramfs( @@ -30337,21 +33617,20 @@ kernel

-Get the attributes of a CIFS or -SMB network filesystem. +Mount a RAM filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_dos_fs( +fs_mount_romfs( @@ -30364,21 +33643,20 @@ kernel

-Get the attributes of a DOS -filesystem, such as FAT32 or NTFS. +Mount a ROM filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_iso9660_fs( +fs_mount_rpc_pipefs( @@ -30391,21 +33669,20 @@ kernel

-Get the attributes of an iso9660 -filesystem, which is usually used on CDs. +Mount a RPC pipe filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_nfs( +fs_mount_tmpfs( @@ -30418,20 +33695,20 @@ kernel

-Get the attributes of a NFS filesystem. +Mount a tmpfs filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_nfsd_fs( +fs_mount_xattr_fs( @@ -30444,21 +33721,22 @@ kernel

-Get the attributes of a NFS server -pseudo filesystem. +Mount a persistent filesystem which +has extended attributes, such as +ext3, JFS, or XFS.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_ramfs( +fs_nfs_domtrans( @@ -30466,25 +33744,34 @@ kernel

domain + + , + + + + target_domain + + )

-Get the attributes of a RAM filesystem. +Execute a file on a NFS filesystem +in the specified domain.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_romfs( +fs_read_cifs_files( @@ -30497,21 +33784,20 @@ kernel

-Get the attributes of a ROM -filesystem. +Read files on a CIFS or SMB filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_rpc_pipefs( +fs_read_cifs_files( @@ -30524,21 +33810,21 @@ kernel

-Get the attributes of a RPC pipe -filesystem. +Do not audit attempts to read or +write files on a CIFS or SMB filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_tmpfs( +fs_read_cifs_symlinks( @@ -30551,21 +33837,20 @@ kernel

-Get the attributes of a tmpfs -filesystem. +Read symbolic links on a CIFS or SMB filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_tmpfs_dir( +fs_read_nfs_files( @@ -30578,20 +33863,20 @@ kernel

-Get the attributes of tmpfs directories. +Read files on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_getattr_xattr_fs( +fs_read_nfs_symlinks( @@ -30604,22 +33889,20 @@ kernel

-Get the attributes of a persistent -filesystem which has extended -attributes, such as ext3, JFS, or XFS. +Read symbolic links on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_list_all( +fs_register_binary_executable_type( @@ -30632,20 +33915,26 @@ kernel

-List all directories with a filesystem type. +Register an interpreter for new binary +file types, using the kernel binfmt_misc +support. A common use for this is to +register a JVM as an interpreter for +Java byte code. Registered binaries +can be directly executed on a command line +without specifying the interpreter.

-Module: +Module: filesystem

Layer: kernel

-fs_list_cifs( +fs_relabel_tmpfs_blk_dev( @@ -30658,21 +33947,20 @@ kernel

-List the contents of directories on a -CIFS or SMB filesystem. +Relabel block nodes on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_list_tmpfs( +fs_relabel_tmpfs_chr_dev( @@ -30685,20 +33973,20 @@ kernel

-List the contents of generic tmpfs directories. +Relabel character nodes on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_make_noxattr_fs( +fs_relabelfrom_all_fs( @@ -30711,22 +33999,20 @@ kernel

-Transform specified type into a filesystem -type which does not have extended attribute -support. +Relabelfrom all filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_cifs_dirs( +fs_relabelfrom_dos_fs( @@ -30739,21 +34025,21 @@ kernel

-Create, read, write, and delete directories -on a CIFS or SMB network filesystem. +Allow changing of the label of a +DOS filesystem using the context= mount option.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_cifs_files( +fs_relabelfrom_xattr_fs( @@ -30766,21 +34052,22 @@ kernel

-Create, read, write, and delete files -on a CIFS or SMB network filesystem. +Allow changing of the label of a +filesystem with extended attributes +using the context= mount option.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_cifs_named_pipes( +fs_remount_all_fs( @@ -30793,21 +34080,21 @@ kernel

-Create, read, write, and delete named pipes -on a CIFS or SMB network filesystem. +Remount all filesystems. This +allows some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_cifs_named_sockets( +fs_remount_autofs( @@ -30820,21 +34107,21 @@ kernel

-Create, read, write, and delete named sockets -on a CIFS or SMB network filesystem. +Remount an automount pseudo filesystem +This allows some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_cifs_symlinks( +fs_remount_cifs( @@ -30847,21 +34134,21 @@ kernel

-Create, read, write, and delete symbolic links -on a CIFS or SMB network filesystem. +Remount a CIFS or SMB network filesystem. +This allows some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_nfs_dirs( +fs_remount_dos_fs( @@ -30874,21 +34161,22 @@ kernel

-Create, read, write, and delete directories -on a NFS filesystem. +Remount a DOS filesystem, such as +FAT32 or NTFS. This allows +some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_nfs_files( +fs_remount_iso9660_fs( @@ -30901,21 +34189,22 @@ kernel

-Create, read, write, and delete files -on a NFS filesystem. +Remount an iso9660 filesystem, which +is usually used on CDs. This allows +some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_nfs_named_pipes( +fs_remount_nfs( @@ -30928,21 +34217,21 @@ kernel

-Create, read, write, and delete named pipes -on a NFS filesystem. +Remount a NFS filesystem. This allows +some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_nfs_named_sockets( +fs_remount_nfsd_fs( @@ -30955,21 +34244,21 @@ kernel

-Create, read, write, and delete named sockets -on a NFS filesystem. +Mount a NFS server pseudo filesystem. +This allows some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_nfs_symlinks( +fs_remount_ramfs( @@ -30982,21 +34271,21 @@ kernel

-Create, read, write, and delete symbolic links -on a CIFS or SMB network filesystem. +Remount a RAM filesystem. This allows +some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_tmpfs_blk_dev( +fs_remount_romfs( @@ -31009,21 +34298,21 @@ kernel

-Read and write, create and delete block nodes -on tmpfs filesystems. +Remount a ROM filesystem. This allows +some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_tmpfs_chr_dev( +fs_remount_rpc_pipefs( @@ -31036,21 +34325,21 @@ kernel

-Read and write, create and delete character -nodes on tmpfs filesystems. +Remount a RPC pipe filesystem. This +allows some mount option to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_tmpfs_dirs( +fs_remount_tmpfs( @@ -31063,21 +34352,20 @@ kernel

-Create, read, write, and delete -tmpfs directories +Remount a tmpfs filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_tmpfs_files( +fs_remount_xattr_fs( @@ -31090,21 +34378,23 @@ kernel

-Read and write, create and delete generic -files on tmpfs filesystems. +Remount a persistent filesystem which +has extended attributes, such as +ext3, JFS, or XFS. This allows +some mount options to be changed.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_tmpfs_sockets( +fs_search_all( @@ -31117,21 +34407,20 @@ kernel

-Read and write, create and delete socket -files on tmpfs filesystems. +Search all directories with a filesystem type.

-Module: +Module: filesystem

Layer: kernel

-fs_manage_tmpfs_symlinks( +fs_search_auto_mountpoints( @@ -31144,21 +34433,21 @@ kernel

-Read and write, create and delete symbolic -links on tmpfs filesystems. +Search automount filesystem to use automatically +mounted filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_all_fs( +fs_search_cifs( @@ -31171,20 +34460,20 @@ kernel

-Mount all filesystems. +Search directories on a CIFS or SMB filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_autofs( +fs_search_nfs( @@ -31197,20 +34486,20 @@ kernel

-Mount an automount pseudo filesystem. +Search directories on a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_cifs( +fs_search_ramfs( @@ -31223,20 +34512,20 @@ kernel

-Mount a CIFS or SMB network filesystem. +Search directories on a ramfs

-Module: +Module: filesystem

Layer: kernel

-fs_mount_dos_fs( +fs_search_tmpfs( @@ -31249,21 +34538,20 @@ kernel

-Mount a DOS filesystem, such as -FAT32 or NTFS. +Search tmpfs directories.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_iso9660_fs( +fs_set_all_quotas( @@ -31276,21 +34564,20 @@ kernel

-Mount an iso9660 filesystem, which -is usually used on CDs. +Set the quotas of all filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_nfs( +fs_set_xattr_fs_quota( @@ -31303,20 +34590,21 @@ kernel

-Mount a NFS filesystem. +Set the filesystem quotas of a filesystem +with extended attributes.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_nfsd_fs( +fs_setattr_tmpfs_dir( @@ -31329,20 +34617,20 @@ kernel

-Mount a NFS server pseudo filesystem. +Set the attributes of tmpfs directories.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_ramfs( +fs_type( @@ -31355,20 +34643,20 @@ kernel

-Mount a RAM filesystem. +Transform specified type into a filesystem type.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_romfs( +fs_unconfined( @@ -31381,20 +34669,20 @@ kernel

-Mount a ROM filesystem. +Unconfined access to filesystems

-Module: +Module: filesystem

Layer: kernel

-fs_mount_rpc_pipefs( +fs_unmount_all_fs( @@ -31407,20 +34695,20 @@ kernel

-Mount a RPC pipe filesystem. +Unmount all filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_tmpfs( +fs_unmount_autofs( @@ -31433,20 +34721,20 @@ kernel

-Mount a tmpfs filesystem. +Unmount an automount pseudo filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_mount_xattr_fs( +fs_unmount_cifs( @@ -31459,22 +34747,20 @@ kernel

-Mount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. +Unmount a CIFS or SMB network filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_nfs_domtrans( +fs_unmount_dos_fs( @@ -31482,34 +34768,26 @@ kernel

domain - - , - - - - target_domain - - )

-Execute a file on a NFS filesystem -in the specified domain. +Unmount a DOS filesystem, such as +FAT32 or NTFS.

-Module: +Module: filesystem

Layer: kernel

-fs_read_cifs_files( +fs_unmount_iso9660_fs( @@ -31522,20 +34800,21 @@ kernel

-Read files on a CIFS or SMB filesystem. +Unmount an iso9660 filesystem, which +is usually used on CDs.

-Module: +Module: filesystem

Layer: kernel

-fs_read_cifs_files( +fs_unmount_nfs( @@ -31548,21 +34827,20 @@ kernel

-Do not audit attempts to read or -write files on a CIFS or SMB filesystems. +Unmount a NFS filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_read_cifs_symlinks( +fs_unmount_nfsd_fs( @@ -31575,20 +34853,20 @@ kernel

-Read symbolic links on a CIFS or SMB filesystem. +Unmount a NFS server pseudo filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_read_nfs_files( +fs_unmount_ramfs( @@ -31601,20 +34879,20 @@ kernel

-Read files on a NFS filesystem. +Unmount a RAM filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_read_nfs_symlinks( +fs_unmount_romfs( @@ -31627,20 +34905,20 @@ kernel

-Read symbolic links on a NFS filesystem. +Unmount a ROM filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_register_binary_executable_type( +fs_unmount_rpc_pipefs( @@ -31653,26 +34931,20 @@ kernel

-Register an interpreter for new binary -file types, using the kernel binfmt_misc -support. A common use for this is to -register a JVM as an interpreter for -Java byte code. Registered binaries -can be directly executed on a command line -without specifying the interpreter. +Unmount a RPC pipe filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_relabel_tmpfs_blk_dev( +fs_unmount_tmpfs( @@ -31685,20 +34957,20 @@ kernel

-Relabel block nodes on tmpfs filesystems. +Unmount a tmpfs filesystem.

-Module: +Module: filesystem

Layer: kernel

-fs_relabel_tmpfs_chr_dev( +fs_unmount_xattr_fs( @@ -31711,20 +34983,22 @@ kernel

-Relabel character nodes on tmpfs filesystems. +Unmount a persistent filesystem which +has extended attributes, such as +ext3, JFS, or XFS.

-Module: +Module: filesystem

Layer: kernel

-fs_relabelfrom_all_fs( +fs_use_tmpfs_blk_dev( @@ -31737,20 +35011,20 @@ kernel

-Relabelfrom all filesystems. +Read and write block nodes on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_relabelfrom_dos_fs( +fs_use_tmpfs_chr_dev( @@ -31763,21 +35037,20 @@ kernel

-Allow changing of the label of a -DOS filesystem using the context= mount option. +Read and write character nodes on tmpfs filesystems.

-Module: +Module: filesystem

Layer: kernel

-fs_relabelfrom_xattr_fs( +fs_write_ramfs_socket( @@ -31790,22 +35063,20 @@ kernel

-Allow changing of the label of a -filesystem with extended attributes -using the context= mount option. +Write to named socket on a ramfs filesystem.

-Module: -filesystem

-Layer: -kernel

+Module: +fstools

+Layer: +system

-fs_remount_all_fs( +fstools_domtrans( @@ -31818,21 +35089,20 @@ kernel

-Remount all filesystems. This -allows some mount options to be changed. +Execute fs tools in the fstools domain.

-Module: -filesystem

-Layer: -kernel

+Module: +fstools

+Layer: +system

-fs_remount_autofs( +fstools_exec( @@ -31845,21 +35115,20 @@ kernel

-Remount an automount pseudo filesystem -This allows some mount options to be changed. +Execute fsadm in the caller domain.

-Module: -filesystem

-Layer: -kernel

+Module: +fstools

+Layer: +system

-fs_remount_cifs( +fstools_manage_entry_files( @@ -31872,21 +35141,21 @@ kernel

-Remount a CIFS or SMB network filesystem. -This allows some mount options to be changed. +Create, read, write, and delete a file used by the +filesystem tools programs.

-Module: -filesystem

-Layer: -kernel

+Module: +fstools

+Layer: +system

-fs_remount_dos_fs( +fstools_relabelto_entry_files( @@ -31899,22 +35168,21 @@ kernel

-Remount a DOS filesystem, such as -FAT32 or NTFS. This allows -some mount options to be changed. +Relabel a file to the type used by the +filesystem tools programs.

-Module: -filesystem

-Layer: -kernel

+Module: +fstools

+Layer: +system

-fs_remount_iso9660_fs( +fstools_run( @@ -31922,27 +35190,42 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Remount an iso9660 filesystem, which -is usually used on CDs. This allows -some mount options to be changed. +Execute fs tools in the fstools domain, and +allow the specified role the fs tools domain.

-Module: -filesystem

-Layer: -kernel

+Module: +ftp

+Layer: +services

-fs_remount_nfs( +ftp_check_exec( @@ -31955,21 +35238,20 @@ kernel

-Remount a NFS filesystem. This allows -some mount options to be changed. +Execute FTP daemon entry point programs.

-Module: -filesystem

-Layer: -kernel

+Module: +ftp

+Layer: +services

-fs_remount_nfsd_fs( +ftp_read_config( @@ -31982,21 +35264,20 @@ kernel

-Mount a NFS server pseudo filesystem. -This allows some mount options to be changed. +Read ftpd etc files

-Module: -filesystem

-Layer: -kernel

+Module: +ftp

+Layer: +services

-fs_remount_ramfs( +ftp_read_log( @@ -32009,21 +35290,20 @@ kernel

-Remount a RAM filesystem. This allows -some mount options to be changed. +Read FTP transfer logs

-Module: -filesystem

-Layer: -kernel

+Module: +ftp

+Layer: +services

-fs_remount_romfs( +ftp_tcp_connect( @@ -32036,21 +35316,20 @@ kernel

-Remount a ROM filesystem. This allows -some mount options to be changed. +Use ftp by connecting over TCP.

-Module: -filesystem

-Layer: -kernel

+Module: +getty

+Layer: +system

-fs_remount_rpc_pipefs( +getty_domtrans( @@ -32063,21 +35342,20 @@ kernel

-Remount a RPC pipe filesystem. This -allows some mount option to be changed. +Execute gettys in the getty domain.

-Module: -filesystem

-Layer: -kernel

+Module: +getty

+Layer: +system

-fs_remount_tmpfs( +getty_modify_config( @@ -32090,20 +35368,20 @@ kernel

-Remount a tmpfs filesystem. +Allow process to edit getty config file.

-Module: -filesystem

-Layer: -kernel

+Module: +getty

+Layer: +system

-fs_remount_xattr_fs( +getty_read_config( @@ -32116,23 +35394,20 @@ kernel

-Remount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. This allows -some mount options to be changed. +Allow process to read getty config file.

-Module: -filesystem

-Layer: -kernel

+Module: +getty

+Layer: +system

-fs_search_all( +getty_read_log( @@ -32145,20 +35420,20 @@ kernel

-Search all directories with a filesystem type. +Allow process to read getty log file.

-Module: -filesystem

-Layer: -kernel

+Module: +gpm

+Layer: +services

-fs_search_auto_mountpoints( +gpm_dontaudit_getattr_gpmctl( @@ -32171,21 +35446,22 @@ kernel

-Search automount filesystem to use automatically -mounted filesystems. +Do not audit attempts to get the +attributes of the GPM control channel +named socket.

-Module: -filesystem

-Layer: -kernel

+Module: +gpm

+Layer: +services

-fs_search_cifs( +gpm_getattr_gpmctl( @@ -32198,20 +35474,21 @@ kernel

-Search directories on a CIFS or SMB filesystem. +Get the attributes of the GPM +control channel named socket.

-Module: -filesystem

-Layer: -kernel

+Module: +gpm

+Layer: +services

-fs_search_nfs( +gpm_setattr_gpmctl( @@ -32224,20 +35501,21 @@ kernel

-Search directories on a NFS filesystem. +Set the attributes of the GPM +control channel named socket.

-Module: -filesystem

-Layer: -kernel

+Module: +hostname

+Layer: +system

-fs_search_tmpfs( +hostname_domtrans( @@ -32250,20 +35528,20 @@ kernel

-Search tmpfs directories. +Execute hostname in the hostname domain.

-Module: -filesystem

-Layer: -kernel

+Module: +hostname

+Layer: +system

-fs_set_all_quotas( +hostname_exec( @@ -32276,20 +35554,20 @@ kernel

-Set the quotas of all filesystems. +Execute hostname in the caller domain.

-Module: -filesystem

-Layer: -kernel

+Module: +hostname

+Layer: +system

-fs_set_xattr_fs_quota( +hostname_run( @@ -32297,31 +35575,47 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Set the filesystem quotas of a filesystem -with extended attributes. +Execute hostname in the hostname domain, and +allow the specified role the hostname domain.

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_setattr_tmpfs_dir( +hotplug_domtrans( - domain + ? )
@@ -32329,25 +35623,25 @@ kernel

-Set the attributes of tmpfs directories. +Summary is missing!

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_type( +hotplug_dontaudit_search_config( - domain + ? )
@@ -32355,25 +35649,25 @@ kernel

-Transform specified type into a filesystem type. +Summary is missing!

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_unconfined( +hotplug_dontaudit_use_fd( - domain + ? )
@@ -32381,25 +35675,25 @@ kernel

-Unconfined access to filesystems +Summary is missing!

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_unmount_all_fs( +hotplug_exec( - domain + ? )
@@ -32407,20 +35701,20 @@ kernel

-Unmount all filesystems. +Summary is missing!

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_unmount_autofs( +hotplug_getattr_config_dir( @@ -32433,20 +35727,20 @@ kernel

-Unmount an automount pseudo filesystem. +Get the attributes of the hotplug configuration directory.

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_unmount_cifs( +hotplug_read_config( @@ -32459,20 +35753,20 @@ kernel

-Unmount a CIFS or SMB network filesystem. +Read the configuration files for hotplug.

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_unmount_dos_fs( +hotplug_search_config( @@ -32485,26 +35779,25 @@ kernel

-Unmount a DOS filesystem, such as -FAT32 or NTFS. +Search the hotplug configuration directory.

-Module: -filesystem

-Layer: -kernel

+Module: +hotplug

+Layer: +system

-fs_unmount_iso9660_fs( +hotplug_use_fd( - domain + ? )
@@ -32512,21 +35805,20 @@ kernel

-Unmount an iso9660 filesystem, which -is usually used on CDs. +Summary is missing!

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_nfs( +inetd_core_service_domain( @@ -32534,25 +35826,33 @@ kernel

domain + + , + + + + entrypoint + + )

-Unmount a NFS filesystem. +Define the specified domain as a inetd service.

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_nfsd_fs( +inetd_domtrans_child( @@ -32565,20 +35865,20 @@ kernel

-Unmount a NFS server pseudo filesystem. +Run inetd child process in the inet child domain

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_ramfs( +inetd_service_domain( @@ -32586,25 +35886,33 @@ kernel

domain + + , + + + + entrypoint + + )

-Unmount a RAM filesystem. +Define the specified domain as a TCP and UDP inetd service.

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_romfs( +inetd_tcp_connect( @@ -32617,20 +35925,20 @@ kernel

-Unmount a ROM filesystem. +Connect to the inetd service using a TCP connection.

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_rpc_pipefs( +inetd_tcp_service_domain( @@ -32638,25 +35946,33 @@ kernel

domain + + , + + + + entrypoint + + )

-Unmount a RPC pipe filesystem. +Define the specified domain as a TCP inetd service.

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_tmpfs( +inetd_udp_sendto( @@ -32669,20 +35985,20 @@ kernel

-Unmount a tmpfs filesystem. +Send UDP network traffic to inetd.

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_unmount_xattr_fs( +inetd_udp_service_domain( @@ -32690,27 +36006,33 @@ kernel

domain + + , + + + + entrypoint + + )

-Unmount a persistent filesystem which -has extended attributes, such as -ext3, JFS, or XFS. +Define the specified domain as a UDP inetd service.

-Module: -filesystem

-Layer: -kernel

+Module: +inetd

+Layer: +services

-fs_use_tmpfs_blk_dev( +inetd_use_fd( @@ -32723,20 +36045,20 @@ kernel

-Read and write block nodes on tmpfs filesystems. +Inherit and use file descriptors from inetd.

-Module: -filesystem

-Layer: -kernel

+Module: +init

+Layer: +system

-fs_use_tmpfs_chr_dev( +init_daemon_domain( @@ -32744,25 +36066,34 @@ kernel

domain + + , + + + + entry_point + + )

-Read and write character nodes on tmpfs filesystems. +Create a domain for long running processes +(daemons) which can be started by init scripts.

-Module: -fstools

+Module: +init

Layer: system

-fstools_domtrans( +init_domain( @@ -32770,30 +36101,38 @@ system

domain + + , + + + + entry_point + + )

-Execute fs tools in the fstools domain. +Create a domain which can be started by init.

-Module: -fstools

+Module: +init

Layer: system

-fstools_exec( +init_domtrans( - domain + ? )
@@ -32801,25 +36140,25 @@ system

-Execute fsadm in the caller domain. +Summary is missing!

-Module: -fstools

+Module: +init

Layer: system

-fstools_manage_entry_files( +init_domtrans_script( - domain + ? )
@@ -32827,26 +36166,25 @@ system

-Create, read, write, and delete a file used by the -filesystem tools programs. +Summary is missing!

-Module: -fstools

+Module: +init

Layer: system

-fstools_relabelto_entry_files( +init_dontaudit_getattr_initctl( - domain + ? )
@@ -32854,42 +36192,25 @@ system

-Relabel a file to the type used by the -filesystem tools programs. +Summary is missing!

-Module: -fstools

+Module: +init

Layer: system

-fstools_run( - - - - - domain - - - - , - - - - role - +init_dontaudit_rw_script_pid( - , - - terminal + ? )
@@ -32897,21 +36218,20 @@ system

-Execute fs tools in the fstools domain, and -allow the specified role the fs tools domain. +Summary is missing!

-Module: -getty

+Module: +init

Layer: system

-getty_domtrans( +init_dontaudit_unix_connect_script( @@ -32924,25 +36244,26 @@ system

-Execute gettys in the getty domain. +Dont audit the specified domain connecting to +init scripts with a unix domain stream socket.

-Module: -getty

+Module: +init

Layer: system

-getty_modify_config( +init_dontaudit_use_fd( - domain + ? )
@@ -32950,25 +36271,25 @@ system

-Allow process to edit getty config file. +Summary is missing!

-Module: -getty

+Module: +init

Layer: system

-getty_read_config( +init_dontaudit_use_initctl( - domain + ? )
@@ -32976,25 +36297,25 @@ system

-Allow process to read getty config file. +Summary is missing!

-Module: -getty

+Module: +init

Layer: system

-getty_read_log( +init_dontaudit_use_script_fd( - domain + ? )
@@ -33002,25 +36323,25 @@ system

-Allow process to read getty log file. +Summary is missing!

-Module: -gpm

-Layer: -services

+Module: +init

+Layer: +system

-gpm_dontaudit_getattr_gpmctl( +init_dontaudit_use_script_pty( - domain + ? )
@@ -33028,27 +36349,25 @@ services

-Do not audit attempts to get the -attributes of the GPM control channel -named socket. +Summary is missing!

-Module: -gpm

-Layer: -services

+Module: +init

+Layer: +system

-gpm_getattr_gpmctl( +init_dontaudit_write_script_pid( - domain + ? )
@@ -33056,21 +36375,20 @@ services

-Get the attributes of the GPM -control channel named socket. +Summary is missing!

-Module: -gpm

-Layer: -services

+Module: +init

+Layer: +system

-gpm_setattr_gpmctl( +init_exec( @@ -33083,26 +36401,25 @@ services

-Set the attributes of the GPM -control channel named socket. +Execute the init program in the caller domain.

-Module: -hostname

+Module: +init

Layer: system

-hostname_domtrans( +init_exec_script( - domain + ? )
@@ -33110,25 +36427,25 @@ system

-Execute hostname in the hostname domain. +Summary is missing!

-Module: -hostname

+Module: +init

Layer: system

-hostname_exec( +init_get_process_group( - domain + ? )
@@ -33136,41 +36453,25 @@ system

- Execute hostname in the caller domain. -

+Summary is missing! +

-Module: -hostname

+Module: +init

Layer: system

-hostname_run( - - - - - domain - - - - , - - - - role - +init_get_script_process_group( - , - - terminal + ? )
@@ -33178,21 +36479,20 @@ system

-Execute hostname in the hostname domain, and -allow the specified role the hostname domain. +Summary is missing!

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_domtrans( +init_getattr_initctl( @@ -33212,18 +36512,18 @@ Summary is missing!
-Module: -hotplug

+Module: +init

Layer: system

-hotplug_dontaudit_search_config( +init_list_script_pids( - ? + domain )
@@ -33231,25 +36531,26 @@ system

-Summary is missing! +List the contents of an init script +process id directory.

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_dontaudit_use_fd( +init_read_script( - ? + domain )
@@ -33257,25 +36558,25 @@ system

-Summary is missing! +Read init scripts.

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_exec( +init_read_script_file( - ? + domain )
@@ -33283,25 +36584,25 @@ system

-Summary is missing! +Read init scripts.

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_getattr_config_dir( +init_read_script_pid( - domain + ? )
@@ -33309,20 +36610,20 @@ system

-Get the attributes of the hotplug configuration directory. +Summary is missing!

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_read_config( +init_read_script_process_state( @@ -33335,20 +36636,20 @@ system

-Read the configuration files for hotplug. +Read the process state (/proc/pid) of the init scripts.

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_search_config( +init_run_daemon( @@ -33356,25 +36657,41 @@ system

domain + + , + + + + role + + + + , + + + + terminal + + )

-Search the hotplug configuration directory. +Start and stop daemon programs directly.

-Module: -hotplug

+Module: +init

Layer: system

-hotplug_use_fd( +init_rw_script_pid( @@ -33394,13 +36711,13 @@ Summary is missing!
-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_core_service_domain( +init_rw_script_pipe( @@ -33408,33 +36725,25 @@ services

domain - - , - - - - entrypoint - - )

-Define the specified domain as a inetd service. +Read and write init script unnamed pipes.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_domtrans_child( +init_rw_script_tmp_files( @@ -33447,20 +36756,20 @@ services

-Run inetd child process in the inet child domain +Read and write init script temporary data.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_service_domain( +init_sigchld( @@ -33468,33 +36777,25 @@ services

domain - - , - - - - entrypoint - - )

-Define the specified domain as a TCP and UDP inetd service. +Send init a SIGCHLD signal.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_tcp_connect( +init_signull( @@ -33507,20 +36808,20 @@ services

-Connect to the inetd service using a TCP connection. +Send init a null signal.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_tcp_service_domain( +init_system_domain( @@ -33533,7 +36834,7 @@ services

- entrypoint + entry_point )
@@ -33541,20 +36842,21 @@ services

-Define the specified domain as a TCP inetd service. +Create a domain for short running processes +which can be started by init scripts.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_udp_sendto( +init_udp_sendto( @@ -33567,20 +36869,20 @@ services

-Send UDP network traffic to inetd. +Send UDP network traffic to init.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_udp_service_domain( +init_udp_sendto_script( @@ -33588,33 +36890,25 @@ services

domain - - , - - - - entrypoint - - )

-Define the specified domain as a UDP inetd service. +Send UDP network traffic to init scripts.

-Module: -inetd

-Layer: -services

+Module: +init

+Layer: +system

-inetd_use_fd( +init_unix_connect_script( @@ -33627,20 +36921,21 @@ services

-Inherit and use file descriptors from inetd. +Allow the specified domain to connect to +init scripts with a unix domain stream socket.

-Module: +Module: init

Layer: system

-init_daemon_domain( +init_unix_connect_script( @@ -33648,47 +36943,31 @@ system

domain - - , - - - - entry_point - - )

-Create a domain for long running processes -(daemons) which can be started by init scripts. +Allow the specified domain to connect to +init scripts with a unix socket.

-Module: +Module: init

Layer: system

-init_domain( - - - - - domain - +init_use_fd( - , - - entry_point + ? )
@@ -33696,20 +36975,20 @@ system

-Create a domain which can be started by init. +Summary is missing!

-Module: +Module: init

Layer: system

-init_domtrans( +init_use_initctl( @@ -33729,13 +37008,13 @@ Summary is missing!
-Module: +Module: init

Layer: system

-init_domtrans_script( +init_use_script_fd( @@ -33755,18 +37034,18 @@ Summary is missing!
-Module: +Module: init

Layer: system

-init_dontaudit_getattr_initctl( +init_use_script_pty( - ? + domain )
@@ -33774,20 +37053,20 @@ system

-Summary is missing! +Read and write the init script pty.

-Module: +Module: init

Layer: system

-init_dontaudit_rw_script_pid( +init_write_initctl( @@ -33807,18 +37086,18 @@ Summary is missing!
-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_dontaudit_use_fd( +inn_exec( - ? + domain )
@@ -33826,25 +37105,26 @@ system

-Summary is missing! +Allow the specified domain to execute innd +in the caller domain.

-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_dontaudit_use_initctl( +inn_exec_config( - ? + domain )
@@ -33852,25 +37132,26 @@ system

-Summary is missing! +Allow the specified domain to execute +inn configuration files in /etc.

-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_dontaudit_use_script_fd( +inn_manage_log( - ? + domain )
@@ -33878,25 +37159,25 @@ system

-Summary is missing! +Create, read, write, and delete the innd log.

-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_dontaudit_use_script_pty( +inn_manage_pid( - ? + domain )
@@ -33904,25 +37185,25 @@ system

-Summary is missing! +Create, read, write, and delete the innd pid files.

-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_dontaudit_write_script_pid( +inn_read_config( - ? + domain )
@@ -33930,20 +37211,20 @@ system

-Summary is missing! +Read innd configuration files.

-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_exec( +inn_read_news_lib( @@ -33956,25 +37237,25 @@ system

-Execute the init program in the caller domain. +Read innd news library files.

-Module: -init

-Layer: -system

+Module: +inn

+Layer: +services

-init_exec_script( +inn_read_news_spool( - ? + domain )
@@ -33982,25 +37263,51 @@ system

-Summary is missing! +Read innd news library files.

-Module: -init

+Module: +inn

+Layer: +services

+

+ +inn_sendto_unix_dgram_socket( + + + + + domain + + + )
+
+ +
+

+Send to a innd unix dgram socket. +

+
+ +
+ +
+Module: +ipsec

Layer: system

-init_get_process_group( +ipsec_domtrans( - ? + domain )
@@ -34008,25 +37315,25 @@ system

-Summary is missing! +Execute ipsec in the ipsec domain.

-Module: -init

+Module: +ipsec

Layer: system

-init_get_script_process_group( +ipsec_exec_mgmt( - ? + domain )
@@ -34034,25 +37341,25 @@ system

-Summary is missing! +Execute the IPSEC management program in the caller domain.

-Module: -init

+Module: +ipsec

Layer: system

-init_getattr_initctl( +ipsec_getattr_key_socket( - ? + domain )
@@ -34060,20 +37367,20 @@ system

-Summary is missing! +Get the attributes of an IPSEC key socket.

-Module: -init

+Module: +ipsec

Layer: system

-init_list_script_pids( +ipsec_manage_pid( @@ -34086,21 +37393,20 @@ system

-List the contents of an init script -process id directory. +Create, read, write, and delete the IPSEC pid files.

-Module: -init

+Module: +ipsec

Layer: system

-init_read_script( +ipsec_read_config( @@ -34113,20 +37419,20 @@ system

-Read init scripts. +Read the IPSEC configuration

-Module: -init

+Module: +ipsec

Layer: system

-init_read_script_file( +ipsec_stream_connect( @@ -34139,25 +37445,25 @@ system

-Read init scripts. +Connect to IPSEC using a unix domain stream socket.

-Module: -init

+Module: +iptables

Layer: system

-init_read_script_pid( +iptables_domtrans( - ? + domain )
@@ -34165,20 +37471,20 @@ system

-Summary is missing! +Execute iptables in the iptables domain.

-Module: -init

+Module: +iptables

Layer: system

-init_read_script_process_state( +iptables_exec( @@ -34191,20 +37497,20 @@ system

-Read the process state (/proc/pid) of the init scripts. +Execute iptables in the caller domain.

-Module: -init

+Module: +iptables

Layer: system

-init_run_daemon( +iptables_run( @@ -34233,25 +37539,79 @@ system

-Start and stop daemon programs directly. +Execute iptables in the iptables domain, and +allow the specified role the iptables domain.

-Module: -init

-Layer: -system

+Module: +kerberos

+Layer: +services

+

+ +kerberos_dontaudit_write_config( + + + + + domain + + + )
+
+ +
+

+Do not audit attempts to write the kerberos +configuration file (/etc/krb5.conf). +

+
+ +
+ +
+Module: +kerberos

+Layer: +services

+

+ +kerberos_read_config( + + + + + domain + + + )
+
+ +
+

+Read the kerberos configuration file (/etc/krb5.conf). +

+
+ +
+ +
+Module: +kerberos

+Layer: +services

-init_rw_script_pid( +kerberos_read_keytab( - ? + domain )
@@ -34259,20 +37619,20 @@ system

-Summary is missing! +Read the kerberos key table.

-Module: -init

-Layer: -system

+Module: +kerberos

+Layer: +services

-init_rw_script_pipe( +kerberos_rw_config( @@ -34285,20 +37645,20 @@ system

-Read and write init script unnamed pipes. +Read and write the kerberos configuration file (/etc/krb5.conf).

-Module: -init

-Layer: -system

+Module: +kerberos

+Layer: +services

-init_rw_script_tmp_files( +kerberos_use( @@ -34311,20 +37671,20 @@ system

-Read and write init script temporary data. +Use kerberos services

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_sigchld( +kernel_change_ring_buffer_level( @@ -34337,20 +37697,20 @@ system

-Send init a SIGCHLD signal. +Change the level of kernel messages logged to the console.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_signull( +kernel_clear_ring_buffer( @@ -34363,20 +37723,20 @@ system

-Send init a null signal. +Allows the caller to clear the ring buffer.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_system_domain( +kernel_dontaudit_getattr_core( @@ -34384,34 +37744,26 @@ system

domain - - , - - - - entry_point - - )

-Create a domain for short running processes -which can be started by init scripts. +Do not audit attempts to get the attributes of +core kernel interfaces.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_udp_sendto( +kernel_dontaudit_getattr_message_if( @@ -34424,20 +37776,21 @@ system

-Send UDP network traffic to init. +Do not audit attempts by caller to get the attributes of kernel +message interfaces.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_udp_sendto_script( +kernel_dontaudit_getattr_unlabeled_blk_dev( @@ -34450,25 +37803,26 @@ system

-Send UDP network traffic to init scripts. +Do not audit attempts by caller to get attributes for +unlabeled block devices.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_use_fd( +kernel_dontaudit_read_ring_buffer( - ? + domain )
@@ -34476,25 +37830,25 @@ system

-Summary is missing! +Do not audit attempts to read the ring buffer.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_use_initctl( +kernel_dontaudit_read_system_state( - ? + domain )
@@ -34502,25 +37856,26 @@ system

-Summary is missing! +Do not audit attempts by caller to +read system state information in proc.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_use_script_fd( +kernel_dontaudit_search_kernel_sysctl( - ? + domain )
@@ -34528,20 +37883,20 @@ system

-Summary is missing! +Do not audit attempts to search generic kernel sysctls.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_use_script_pty( +kernel_dontaudit_search_network_state( @@ -34554,25 +37909,26 @@ system

-Read and write the init script pty. +Do not audit attempts to search the network +state directory.

-Module: -init

-Layer: -system

+Module: +kernel

+Layer: +kernel

-init_write_initctl( +kernel_dontaudit_search_network_sysctl( - ? + domain )
@@ -34580,20 +37936,20 @@ system

-Summary is missing! +Do not audit attempts by caller to search network sysctl directories.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_exec( +kernel_dontaudit_search_sysctl( @@ -34606,21 +37962,21 @@ services

-Allow the specified domain to execute innd -in the caller domain. +Do not audit attempts by caller to search +the base directory of sysctls.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_exec_config( +kernel_dontaudit_use_fd( @@ -34633,21 +37989,21 @@ services

-Allow the specified domain to execute -inn configuration files in /etc. +Do not audit attempts to use +kernel file descriptors.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_manage_log( +kernel_dontaudit_write_kernel_sysctl( @@ -34660,20 +38016,20 @@ services

-Create, read, write, and delete the innd log. +Do not audit attempts to write generic kernel sysctls.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_manage_pid( +kernel_get_sysvipc_info( @@ -34686,20 +38042,20 @@ services

-Create, read, write, and delete the innd pid files. +Get information on all System V IPC objects.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_read_config( +kernel_getattr_core( @@ -34712,20 +38068,20 @@ services

-Read innd configuration files. +Allows caller to get attribues of core kernel interface.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_read_news_lib( +kernel_getattr_debugfs( @@ -34738,20 +38094,20 @@ services

-Read innd news library files. +Get the attributes of a kernel debugging filesystem.

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_read_news_spool( +kernel_getattr_message_if( @@ -34764,20 +38120,21 @@ services

-Read innd news library files. +Allow caller to get the attributes of kernel message +interface (/proc/kmsg).

-Module: -inn

-Layer: -services

+Module: +kernel

+Layer: +kernel

-inn_sendto_unix_dgram_socket( +kernel_getattr_proc( @@ -34790,20 +38147,20 @@ services

-Send to a innd unix dgram socket. +Get the attributes of the proc filesystem.

-Module: -ipsec

-Layer: -system

+Module: +kernel

+Layer: +kernel

-ipsec_domtrans( +kernel_kill_unlabeled( @@ -34816,25 +38173,25 @@ system

-Execute ipsec in the ipsec domain. +Send a kill signal to unlabeled processes.

-Module: -ipsec

-Layer: -system

+Module: +kernel

+Layer: +kernel

-ipsec_exec_mgmt( +kernel_list_from( - domain + dir_type )
@@ -34842,20 +38199,21 @@ system

-Execute the IPSEC management program in the caller domain. +Allow the kernel to read the contents +of the specified directory.

-Module: -ipsec

-Layer: -system

+Module: +kernel

+Layer: +kernel

-ipsec_getattr_key_socket( +kernel_list_proc( @@ -34868,20 +38226,20 @@ system

-Get the attributes of an IPSEC key socket. +List the contents of directories in /proc.

-Module: -ipsec

-Layer: -system

+Module: +kernel

+Layer: +kernel

-ipsec_manage_pid( +kernel_list_unlabeled( @@ -34894,20 +38252,20 @@ system

-Create, read, write, and delete the IPSEC pid files. +List unlabeled directories.

-Module: -ipsec

-Layer: -system

+Module: +kernel

+Layer: +kernel

-ipsec_read_config( +kernel_load_module( @@ -34920,20 +38278,20 @@ system

-Read the IPSEC configuration +Allows caller to load kernel modules

-Module: -ipsec

-Layer: -system

+Module: +kernel

+Layer: +kernel

-ipsec_stream_connect( +kernel_mount_debugfs( @@ -34946,20 +38304,20 @@ system

-Connect to IPSEC using a unix domain stream socket. +Mount a kernel debugging filesystem.

-Module: -iptables

-Layer: -system

+Module: +kernel

+Layer: +kernel

-iptables_domtrans( +kernel_read_all_sysctl( @@ -34972,20 +38330,20 @@ system

-Execute iptables in the iptables domain. +Allow caller to read all sysctls.

-Module: -iptables

-Layer: -system

+Module: +kernel

+Layer: +kernel

-iptables_exec( +kernel_read_debugfs( @@ -34998,20 +38356,20 @@ system

-Execute iptables in the caller domain. +Read information from the debugging filesystem.

-Module: -iptables

-Layer: -system

+Module: +kernel

+Layer: +kernel

-iptables_run( +kernel_read_device_sysctl( @@ -35019,47 +38377,30 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute iptables in the iptables domain, and -allow the specified role the iptables domain. +Allow caller to read the device sysctls.

-Module: -kerberos

-Layer: -services

+Module: +kernel

+Layer: +kernel

-kerberos_dontaudit_write_config( +kernel_read_file_from( - domain + dir_type )
@@ -35067,21 +38408,21 @@ services

-Do not audit attempts to write the kerberos -configuration file (/etc/krb5.conf). +Allow the kernel to read the +specified file.

-Module: -kerberos

-Layer: -services

+Module: +kernel

+Layer: +kernel

-kerberos_read_config( +kernel_read_fs_sysctl( @@ -35094,20 +38435,20 @@ services

-Read the kerberos configuration file (/etc/krb5.conf). +Read filesystem sysctls.

-Module: -kerberos

-Layer: -services

+Module: +kernel

+Layer: +kernel

-kerberos_read_keytab( +kernel_read_hotplug_sysctl( @@ -35120,20 +38461,20 @@ services

-Read the kerberos key table. +Read the hotplug sysctl.

-Module: -kerberos

-Layer: -services

+Module: +kernel

+Layer: +kernel

-kerberos_rw_config( +kernel_read_irq_sysctl( @@ -35146,20 +38487,20 @@ services

-Read and write the kerberos configuration file (/etc/krb5.conf). +Read IRQ sysctls.

-Module: -kerberos

-Layer: -services

+Module: +kernel

+Layer: +kernel

-kerberos_use( +kernel_read_kernel_sysctl( @@ -35172,20 +38513,20 @@ services

-Use kerberos services +Read generic kernel sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_change_ring_buffer_level( +kernel_read_messages( @@ -35198,20 +38539,21 @@ kernel

-Change the level of kernel messages logged to the console. +Allow caller to read kernel messages +using the /proc/kmsg interface.

-Module: +Module: kernel

Layer: kernel

-kernel_clear_ring_buffer( +kernel_read_modprobe_sysctl( @@ -35224,20 +38566,20 @@ kernel

-Allows the caller to clear the ring buffer. +Read the modprobe sysctl.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_getattr_core( +kernel_read_net_sysctl( @@ -35250,21 +38592,20 @@ kernel

-Do not audit attempts to get the attributes of -core kernel interfaces. +Allow caller to read network sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_getattr_message_if( +kernel_read_network_state( @@ -35277,21 +38618,20 @@ kernel

-Do not audit attempts by caller to get the attributes of kernel -message interfaces. +Allow caller to read the network state information.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_getattr_unlabeled_blk_dev( +kernel_read_proc_symlinks( @@ -35304,21 +38644,20 @@ kernel

-Do not audit attempts by caller to get attributes for -unlabeled block devices. +Read symbolic links in /proc.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_read_ring_buffer( +kernel_read_ring_buffer( @@ -35331,25 +38670,25 @@ kernel

-Do not audit attempts to read the ring buffer. +Allows caller to read the ring buffer.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_read_system_state( +kernel_read_rpc_sysctl( - domain + ? )
@@ -35357,21 +38696,20 @@ kernel

-Do not audit attempts by caller to -read system state information in proc. +Summary is missing!

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_search_network_state( +kernel_read_software_raid_state( @@ -35384,21 +38722,20 @@ kernel

-Do not audit attempts to search the network -state directory. +Allow caller to read the state information for software raid.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_search_network_sysctl_dir( +kernel_read_system_state( @@ -35411,20 +38748,20 @@ kernel

-Do not audit attempts by caller to search sysctl network directories. +Allows caller to read system state information in proc.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_search_sysctl_dir( +kernel_read_unix_sysctl( @@ -35437,20 +38774,21 @@ kernel

-Do not audit attempts by caller to search the sysctl directory. +Allow caller to read unix domain +socket sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_use_fd( +kernel_read_vm_sysctl( @@ -35463,21 +38801,20 @@ kernel

-Do not audit attempts to use -kernel file descriptors. +Allow caller to read virtual memory sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_dontaudit_write_kernel_sysctl( +kernel_relabel_unlabeled( @@ -35490,20 +38827,20 @@ kernel

-Do not audit attempts to write generic kernel sysctls. +Allow caller to relabel unlabeled objects.

-Module: +Module: kernel

Layer: kernel

-kernel_get_sysvipc_info( +kernel_remount_debugfs( @@ -35516,25 +38853,25 @@ kernel

-Get information on all System V IPC objects. +Remount a kernel debugging filesystem.

-Module: +Module: kernel

Layer: kernel

-kernel_getattr_core( +kernel_rootfs_mountpoint( - domain + directory_type )
@@ -35542,20 +38879,21 @@ kernel

-Allows caller to get attribues of core kernel interface. +Allows the kernel to mount filesystems on +the specified directory type.

-Module: +Module: kernel

Layer: kernel

-kernel_getattr_debugfs( +kernel_rw_all_sysctl( @@ -35568,20 +38906,20 @@ kernel

-Get the attributes of a kernel debugging filesystem. +Read and write all sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_getattr_message_if( +kernel_rw_device_sysctl( @@ -35594,21 +38932,20 @@ kernel

-Allow caller to get the attributes of kernel message -interface (/proc/kmsg). +Read and write device sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_getattr_proc( +kernel_rw_fs_sysctl( @@ -35621,20 +38958,20 @@ kernel

-Get the attributes of the proc filesystem. +Read and write fileystem sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_kill_unlabeled( +kernel_rw_hotplug_sysctl( @@ -35647,25 +38984,25 @@ kernel

-Send a kill signal to unlabeled processes. +Read and write the hotplug sysctl.

-Module: +Module: kernel

Layer: kernel

-kernel_list_from( +kernel_rw_irq_sysctl( - dir_type + domain )
@@ -35673,21 +39010,20 @@ kernel

-Allow the kernel to read the contents -of the specified directory. +Read and write IRQ sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_list_proc( +kernel_rw_kernel_sysctl( @@ -35700,20 +39036,20 @@ kernel

-List the contents of directories in /proc. +Read and write generic kernel sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_list_unlabeled( +kernel_rw_modprobe_sysctl( @@ -35726,20 +39062,20 @@ kernel

-List unlabeled directories. +Read and write the modprobe sysctl.

-Module: +Module: kernel

Layer: kernel

-kernel_load_module( +kernel_rw_net_sysctl( @@ -35752,20 +39088,20 @@ kernel

-Allows caller to load kernel modules +Allow caller to modiry contents of sysctl network files.

-Module: +Module: kernel

Layer: kernel

-kernel_mount_debugfs( +kernel_rw_pipe( @@ -35778,25 +39114,25 @@ kernel

-Mount a kernel debugging filesystem. +Read and write kernel unnamed pipes.

-Module: +Module: kernel

Layer: kernel

-kernel_read_all_sysctl( +kernel_rw_rpc_sysctl( - domain + ? )
@@ -35804,20 +39140,20 @@ kernel

-Allow caller to read all sysctls. +Summary is missing!

-Module: +Module: kernel

Layer: kernel

-kernel_read_device_sysctl( +kernel_rw_software_raid_state( @@ -35830,25 +39166,25 @@ kernel

-Allow caller to read the device sysctls. +Allow caller to read and set the state information for software raid.

-Module: +Module: kernel

Layer: kernel

-kernel_read_file_from( +kernel_rw_unix_dgram_socket( - dir_type + domain )
@@ -35856,21 +39192,20 @@ kernel

-Allow the kernel to read the -specified file. +Read and write kernel unix datagram sockets.

-Module: +Module: kernel

Layer: kernel

-kernel_read_fs_sysctl( +kernel_rw_unix_sysctl( @@ -35883,20 +39218,21 @@ kernel

-Read filesystem sysctls. +Read and write unix domain +socket sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_read_hotplug_sysctl( +kernel_rw_unlabeled_dir( @@ -35909,20 +39245,20 @@ kernel

-Read the hotplug sysctl. +Read and write unlabeled directories.

-Module: +Module: kernel

Layer: kernel

-kernel_read_irq_sysctl( +kernel_rw_vm_sysctl( @@ -35935,20 +39271,20 @@ kernel

-Read IRQ sysctls. +Read and write virtual memory sysctls.

-Module: +Module: kernel

Layer: kernel

-kernel_read_kernel_sysctl( +kernel_search_debugfs( @@ -35961,25 +39297,25 @@ kernel

-Read generic kernel sysctls. +Search the contents of a kernel debugging filesystem.

-Module: +Module: kernel

Layer: kernel

-kernel_read_messages( +kernel_search_from( - domain + dir_type )
@@ -35987,26 +39323,26 @@ kernel

-Allow caller to read kernel messages -using the /proc/kmsg interface. +Allow the kernel to search the +specified directory.

-Module: +Module: kernel

Layer: kernel

-kernel_read_modprobe_sysctl( +kernel_search_from( - domain + dir_type )
@@ -36014,20 +39350,21 @@ kernel

-Read the modprobe sysctl. +Allow the kernel to search the +specified directory.

-Module: +Module: kernel

Layer: kernel

-kernel_read_net_sysctl( +kernel_search_network_sysctl( @@ -36040,20 +39377,20 @@ kernel

-Allow caller to read network sysctls. +Search network sysctl directories.

-Module: +Module: kernel

Layer: kernel

-kernel_read_network_state( +kernel_search_proc( @@ -36066,25 +39403,33 @@ kernel

-Allow caller to read the network state information. +Search directories in /proc.

-Module: +Module: kernel

Layer: kernel

-kernel_read_proc_symlinks( +kernel_send_syslog_msg_from( - domain + socket + + + + , + + + + syslog_type )
@@ -36092,20 +39437,23 @@ kernel

-Read symbolic links in /proc. +Allow the kernel to send a syslog +message to the specified domain, +connecting over the specified named +socket.

-Module: +Module: kernel

Layer: kernel

-kernel_read_ring_buffer( +kernel_sendto_unix_dgram_socket( @@ -36118,25 +39466,25 @@ kernel

-Allows caller to read the ring buffer. +Send messages to kernel unix datagram sockets.

-Module: +Module: kernel

Layer: kernel

-kernel_read_rpc_sysctl( +kernel_setpgid( - ? + domain )
@@ -36144,20 +39492,20 @@ kernel

-Summary is missing! +Set the process group of kernel threads.

-Module: +Module: kernel

Layer: kernel

-kernel_read_software_raid_state( +kernel_share_state( @@ -36170,20 +39518,21 @@ kernel

-Allow caller to read the state information for software raid. +Allows the kernel to share state information with +the caller.

-Module: +Module: kernel

Layer: kernel

-kernel_read_system_state( +kernel_sigchld( @@ -36196,20 +39545,20 @@ kernel

-Allows caller to read system state information in proc. +Send a SIGCHLD signal to kernel threads.

-Module: +Module: kernel

Layer: kernel

-kernel_read_unix_sysctl( +kernel_sigchld_from( @@ -36222,21 +39571,21 @@ kernel

-Allow caller to read unix domain -socket sysctls. +Allow the kernel to send a SIGCHLD +signal to the specified domain.

-Module: +Module: kernel

Layer: kernel

-kernel_read_vm_sysctl( +kernel_sigchld_from_unlabeled( @@ -36249,20 +39598,21 @@ kernel

-Allow caller to read virtual memory sysctls. +Allow unlabeled processes to send a SIGCHLD +signal to the specified domain.

-Module: +Module: kernel

Layer: kernel

-kernel_relabel_unlabeled( +kernel_sigchld_unlabeled( @@ -36275,20 +39625,20 @@ kernel

-Allow caller to relabel unlabeled objects. +Send a child terminated signal to unlabeled processes.

-Module: +Module: kernel

Layer: kernel

-kernel_remount_debugfs( +kernel_signal( @@ -36301,25 +39651,25 @@ kernel

-Remount a kernel debugging filesystem. +Send a generic signal to kernel threads.

-Module: +Module: kernel

Layer: kernel

-kernel_rootfs_mountpoint( +kernel_signal_unlabeled( - directory_type + domain )
@@ -36327,21 +39677,20 @@ kernel

-Allows the kernel to mount filesystems on -the specified directory type. +Send general signals to unlabeled processes.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_all_sysctl( +kernel_signull_unlabeled( @@ -36354,20 +39703,20 @@ kernel

-Read and write all sysctls. +Send a null signal to unlabeled processes.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_device_sysctl( +kernel_sigstop_unlabeled( @@ -36380,20 +39729,20 @@ kernel

-Read and write device sysctls. +Send a stop signal to unlabeled processes.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_fs_sysctl( +kernel_tcp_recvfrom( @@ -36406,20 +39755,20 @@ kernel

-Read and write fileystem sysctls. +Receive messages from kernel TCP sockets.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_hotplug_sysctl( +kernel_udp_recvfrom( @@ -36432,20 +39781,20 @@ kernel

-Read and write the hotplug sysctl. +Receive messages from kernel UDP sockets.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_irq_sysctl( +kernel_udp_sendfrom( @@ -36458,20 +39807,21 @@ kernel

-Read and write IRQ sysctls. +Allow the kernel to send UDP network traffic +the specified domain.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_kernel_sysctl( +kernel_unconfined( @@ -36484,20 +39834,20 @@ kernel

-Read and write generic kernel sysctls. +Unconfined access to the kernel.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_modprobe_sysctl( +kernel_unmount_debugfs( @@ -36510,20 +39860,20 @@ kernel

-Read and write the modprobe sysctl. +Unmount a kernel debugging filesystem.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_net_sysctl( +kernel_use_fd( @@ -36536,25 +39886,41 @@ kernel

-Allow caller to modiry contents of sysctl network files. +Permits caller to use kernel file descriptors.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_pipe( +kernel_use_ld_so_from( - domain + lib_type + + + + , + + + + ld_type + + + + , + + + + cache_type )
@@ -36562,25 +39928,36 @@ kernel

-Read and write kernel unnamed pipes. +Use the specified types for /lib directory +and use the dynamic link/loader for automatic loading +of shared libraries, and the link/loader +cache.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_rpc_sysctl( +kernel_use_shared_libs_from( - ? + lib_dir_type + + + + , + + + + shlib_type )
@@ -36588,20 +39965,21 @@ kernel

-Summary is missing! +Allow the kernel to load and execute +functions from the specified shared libraries.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_software_raid_state( +kernel_use_unlabeled_blk_dev( @@ -36614,20 +39992,20 @@ kernel

-Allow caller to read and set the state information for software raid. +Read and write unlabeled block device nodes.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_unix_dgram_socket( +kernel_userland_entry( @@ -36635,25 +40013,34 @@ kernel

domain + + , + + + + entrypoint + + )

-Read and write kernel unix datagram sockets. +Allows to start userland processes +by transitioning to the specified domain.

-Module: +Module: kernel

Layer: kernel

-kernel_rw_unix_sysctl( +kernel_write_proc_file( @@ -36666,21 +40053,20 @@ kernel

-Read and write unix domain -socket sysctls. +Write to generic proc entries.

-Module: -kernel

-Layer: -kernel

+Module: +kudzu

+Layer: +admin

-kernel_rw_unlabeled_dir( +kudzu_domtrans( @@ -36693,20 +40079,20 @@ kernel

-Read and write unlabeled directories. +Execute kudzu in the kudzu domain.

-Module: -kernel

-Layer: -kernel

+Module: +kudzu

+Layer: +admin

-kernel_rw_vm_sysctl( +kudzu_run( @@ -36714,25 +40100,42 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Read and write virtual memory sysctls. +Execute kudzu in the kudzu domain, and +allow the specified role the kudzu domain.

-Module: -kernel

-Layer: -kernel

+Module: +ldap

+Layer: +services

-kernel_search_debugfs( +ldap_list_db_dir( @@ -36745,25 +40148,26 @@ kernel

-Search the contents of a kernel debugging filesystem. +Read the contents of the OpenLDAP +database directories.

-Module: -kernel

-Layer: -kernel

+Module: +ldap

+Layer: +services

-kernel_search_from( +ldap_read_config( - dir_type + domain )
@@ -36771,26 +40175,25 @@ kernel

-Allow the kernel to search the -specified directory. +Read the OpenLDAP configuration files.

-Module: -kernel

-Layer: -kernel

+Module: +ldap

+Layer: +services

-kernel_search_from( +ldap_use( - dir_type + domain )
@@ -36798,21 +40201,20 @@ kernel

-Allow the kernel to search the -specified directory. +Use LDAP over TCP connection.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_search_proc( +libs_domtrans_ldconfig( @@ -36825,33 +40227,25 @@ kernel

-Search directories in /proc. +Execute ldconfig in the ldconfig domain.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_send_syslog_msg_from( - - - - - socket - +libs_exec_ld_so( - , - - syslog_type + domain )
@@ -36859,23 +40253,20 @@ kernel

-Allow the kernel to send a syslog -message to the specified domain, -connecting over the specified named -socket. +Execute the dynamic link/loader in the caller's domain.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_sendto_unix_dgram_socket( +libs_exec_lib_files( @@ -36888,20 +40279,20 @@ kernel

-Send messages to kernel unix datagram sockets. +Execute library scripts in the caller domain.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_setpgid( +libs_legacy_use_ld_so( @@ -36914,20 +40305,21 @@ kernel

-Set the process group of kernel threads. +Use the dynamic link/loader for automatic loading +of shared libraries with legacy support.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_share_state( +libs_legacy_use_shared_libs( @@ -36940,21 +40332,21 @@ kernel

-Allows the kernel to share state information with -the caller. +Load and execute functions from shared libraries, +with legacy support.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_sigchld( +libs_read_lib( @@ -36967,20 +40359,21 @@ kernel

-Send a SIGCHLD signal to kernel threads. +Read files in the library directories, such +as static libraries.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_sigchld_from( +libs_relabelto_lib_files( @@ -36993,21 +40386,20 @@ kernel

-Allow the kernel to send a SIGCHLD -signal to the specified domain. +Relabel files to the type used in library directories.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_sigchld_from_unlabeled( +libs_run_ldconfig( @@ -37015,26 +40407,41 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Allow unlabeled processes to send a SIGCHLD -signal to the specified domain. +Execute ldconfig in the ldconfig domain.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_sigchld_unlabeled( +libs_rw_ld_so_cache( @@ -37047,20 +40454,21 @@ kernel

-Send a child terminated signal to unlabeled processes. +Modify the dynamic link/loader's cached listing +of shared libraries.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_signal( +libs_search_lib( @@ -37073,20 +40481,20 @@ kernel

-Send a generic signal to kernel threads. +Search lib directories.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_signal_unlabeled( +libs_use_ld_so( @@ -37099,20 +40507,21 @@ kernel

-Send general signals to unlabeled processes. +Use the dynamic link/loader for automatic loading +of shared libraries.

-Module: -kernel

-Layer: -kernel

+Module: +libraries

+Layer: +system

-kernel_signull_unlabeled( +libs_use_shared_libs( @@ -37125,20 +40534,20 @@ kernel

-Send a null signal to unlabeled processes. +Load and execute functions from shared libraries.

-Module: -kernel

-Layer: -kernel

+Module: +loadkeys

+Layer: +apps

-kernel_sigstop_unlabeled( +loadkeys_domtrans( @@ -37151,20 +40560,20 @@ kernel

-Send a stop signal to unlabeled processes. +Execute the loadkeys program in the loadkeys domain.

-Module: -kernel

-Layer: -kernel

+Module: +loadkeys

+Layer: +apps

-kernel_tcp_recvfrom( +loadkeys_exec( @@ -37177,20 +40586,20 @@ kernel

-Receive messages from kernel TCP sockets. +Execute the loadkeys program in the caller domain.

-Module: -kernel

-Layer: -kernel

+Module: +loadkeys

+Layer: +apps

-kernel_udp_recvfrom( +loadkeys_run( @@ -37198,25 +40607,41 @@ kernel

domain + + , + + + + role + + + + , + + + + terminal + + )

-Receive messages from kernel UDP sockets. +Execute the loadkeys program in the loadkeys domain.

-Module: -kernel

-Layer: -kernel

+Module: +locallogin

+Layer: +system

-kernel_udp_sendfrom( +locallogin_domtrans( @@ -37229,21 +40654,20 @@ kernel

-Allow the kernel to send UDP network traffic -the specified domain. +Execute local logins in the local login domain.

-Module: -kernel

-Layer: -kernel

+Module: +locallogin

+Layer: +system

-kernel_unconfined( +locallogin_dontaudit_use_fd( @@ -37256,20 +40680,20 @@ kernel

-Unconfined access to the kernel. +Do not audit attempts to inherit local login file descriptors.

-Module: -kernel

-Layer: -kernel

+Module: +locallogin

+Layer: +system

-kernel_unmount_debugfs( +locallogin_signull( @@ -37282,20 +40706,20 @@ kernel

-Unmount a kernel debugging filesystem. +Send a null signal to local login processes.

-Module: -kernel

-Layer: -kernel

+Module: +locallogin

+Layer: +system

-kernel_use_fd( +locallogin_use_fd( @@ -37308,41 +40732,25 @@ kernel

-Permits caller to use kernel file descriptors. +Allow processes to inherit local login file descriptors.

-Module: -kernel

-Layer: -kernel

+Module: +logging

+Layer: +system

-kernel_use_ld_so_from( - - - - - lib_type - - - - , - - - - ld_type - +logging_append_all_logs( - , - - cache_type + ? )
@@ -37350,36 +40758,25 @@ kernel

-Use the specified types for /lib directory -and use the dynamic link/loader for automatic loading -of shared libraries, and the link/loader -cache. +Summary is missing!

-Module: -kernel

-Layer: -kernel

+Module: +logging

+Layer: +system

-kernel_use_shared_libs_from( - - - - - lib_dir_type - +logging_create_log( - , - - shlib_type + ? )
@@ -37387,21 +40784,20 @@ kernel

-Allow the kernel to load and execute -functions from the specified shared libraries. +Summary is missing!

-Module: -kernel

-Layer: -kernel

+Module: +logging

+Layer: +system

-kernel_use_unlabeled_blk_dev( +logging_domtrans_syslog( @@ -37414,33 +40810,25 @@ kernel

-Read and write unlabeled block device nodes. +Execute syslogd in the syslog domain.

-Module: -kernel

-Layer: -kernel

+Module: +logging

+Layer: +system

-kernel_userland_entry( - - - - - domain - +logging_dontaudit_getattr_all_logs( - , - - entrypoint + ? )
@@ -37448,21 +40836,20 @@ kernel

-Allows to start userland processes -by transitioning to the specified domain. +Summary is missing!

-Module: -ldap

-Layer: -services

+Module: +logging

+Layer: +system

-ldap_list_db_dir( +logging_exec_all_logs( @@ -37475,21 +40862,20 @@ services

-Read the contents of the OpenLDAP -database directories. +Execute all log files in the caller domain.

-Module: -ldap

-Layer: -services

+Module: +logging

+Layer: +system

-ldap_read_config( +logging_list_logs( @@ -37502,25 +40888,25 @@ services

-Read the OpenLDAP configuration files. +List the contents of the generic log directory (/var/log).

-Module: -ldap

-Layer: -services

+Module: +logging

+Layer: +system

-ldap_use( +logging_log_file( - domain + file_type )
@@ -37528,25 +40914,26 @@ services

-Use LDAP over TCP connection. +Make the specified type a file +used for logs.

-Module: -libraries

+Module: +logging

Layer: system

-libs_domtrans_ldconfig( +logging_manage_all_logs( - domain + ? )
@@ -37554,20 +40941,20 @@ system

-Execute ldconfig in the ldconfig domain. +Summary is missing!

-Module: -libraries

+Module: +logging

Layer: system

-libs_exec_ld_so( +logging_manage_generic_logs( @@ -37580,25 +40967,26 @@ system

-Execute the dynamic link/loader in the caller's domain. +Create, read, write, and delete +generic log files.

-Module: -libraries

+Module: +logging

Layer: system

-libs_exec_lib_files( +logging_read_all_logs( - domain + ? )
@@ -37606,20 +40994,20 @@ system

-Execute library scripts in the caller domain. +Summary is missing!

-Module: -libraries

+Module: +logging

Layer: system

-libs_legacy_use_ld_so( +logging_read_auditd_config( @@ -37632,26 +41020,25 @@ system

-Use the dynamic link/loader for automatic loading -of shared libraries with legacy support. +Read the auditd configuration files.

-Module: -libraries

+Module: +logging

Layer: system

-libs_legacy_use_shared_libs( +logging_read_generic_logs( - domain + ? )
@@ -37659,21 +41046,20 @@ system

-Load and execute functions from shared libraries, -with legacy support. +Summary is missing!

-Module: -libraries

+Module: +logging

Layer: system

-libs_read_lib( +logging_rw_generic_logs( @@ -37686,21 +41072,20 @@ system

-Read files in the library directories, such -as static libraries. +Read and write generic log files.

-Module: -libraries

+Module: +logging

Layer: system

-libs_relabelto_lib_files( +logging_rw_log_dir( @@ -37713,20 +41098,20 @@ system

-Relabel files to the type used in library directories. +Read and write the generic log directory (/var/log).

-Module: -libraries

+Module: +logging

Layer: system

-libs_run_ldconfig( +logging_search_logs( @@ -37734,46 +41119,32 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute ldconfig in the ldconfig domain. +Allows the domain to open a file in the +log directory, but does not allow the listing +of the contents of the log directory.

-Module: -libraries

+Module: +logging

Layer: system

-libs_rw_ld_so_cache( +logging_send_syslog_msg( - domain + ? )
@@ -37781,26 +41152,25 @@ system

-Modify the dynamic link/loader's cached listing -of shared libraries. +Summary is missing!

-Module: -libraries

+Module: +logging

Layer: system

-libs_search_lib( +logging_write_generic_logs( - domain + ? )
@@ -37808,20 +41178,20 @@ system

-Search lib directories. +Summary is missing!

-Module: -libraries

-Layer: -system

+Module: +logrotate

+Layer: +admin

-libs_use_ld_so( +logrotate_domtrans( @@ -37834,21 +41204,20 @@ system

-Use the dynamic link/loader for automatic loading -of shared libraries. +Execute logrotate in the logrotate domain.

-Module: -libraries

-Layer: -system

+Module: +logrotate

+Layer: +admin

-libs_use_shared_libs( +logrotate_dontaudit_use_fd( @@ -37861,20 +41230,20 @@ system

-Load and execute functions from shared libraries. +Do not audit attempts to inherit logrotate file descriptors.

-Module: -loadkeys

-Layer: -apps

+Module: +logrotate

+Layer: +admin

-loadkeys_domtrans( +logrotate_exec( @@ -37887,20 +41256,20 @@ apps

-Execute the loadkeys program in the loadkeys domain. +Execute logrotate in the caller domain.

-Module: -loadkeys

-Layer: -apps

+Module: +logrotate

+Layer: +admin

-loadkeys_exec( +logrotate_read_tmp_files( @@ -37913,20 +41282,20 @@ apps

-Execute the loadkeys program in the caller domain. +Read a logrotate temporary files.

-Module: -loadkeys

-Layer: -apps

+Module: +logrotate

+Layer: +admin

-loadkeys_run( +logrotate_run( @@ -37955,20 +41324,21 @@ apps

-Execute the loadkeys program in the loadkeys domain. +Execute logrotate in the logrotate domain, and +allow the specified role the logrotate domain.

-Module: -locallogin

-Layer: -system

+Module: +logrotate

+Layer: +admin

-locallogin_domtrans( +logrotate_use_fd( @@ -37981,20 +41351,20 @@ system

-Execute local logins in the local login domain. +Inherit and use logrotate file descriptors.

-Module: -locallogin

+Module: +lvm

Layer: system

-locallogin_dontaudit_use_fd( +lvm_domtrans( @@ -38007,20 +41377,20 @@ system

-Do not audit attempts to inherit local login file descriptors. +Execute lvm programs in the lvm domain.

-Module: -locallogin

+Module: +lvm

Layer: system

-locallogin_signull( +lvm_read_config( @@ -38033,20 +41403,20 @@ system

-Send a null signal to local login processes. +Read LVM configuration files.

-Module: -locallogin

+Module: +lvm

Layer: system

-locallogin_use_fd( +lvm_run( @@ -38054,30 +41424,20 @@ system

domain - )
-

- -
-

-Allow processes to inherit local login file descriptors. -

-
- -
- -
-Module: -logging

-Layer: -system

-

- -logging_append_all_logs( + + , + + + + role + + , + - ? + terminal )
@@ -38085,25 +41445,25 @@ system

-Summary is missing! +Execute lvm programs in the lvm domain.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_create_log( +mailman_domtrans( - ? + domain )
@@ -38111,20 +41471,20 @@ system

-Summary is missing! +Execute mailman in the mailman domain.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_domtrans_syslog( +mailman_domtrans_cgi( @@ -38137,25 +41497,26 @@ system

-Execute syslogd in the syslog domain. +Execute mailman CGI scripts in the +mailman CGI domain.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_dontaudit_getattr_all_logs( +mailman_exec( - ? + domain )
@@ -38163,20 +41524,20 @@ system

-Summary is missing! +Execute mailman in the caller domain.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_exec_all_logs( +mailman_list_data( @@ -38189,25 +41550,25 @@ system

-Execute all log files in the caller domain. +List the contents of mailman data directories.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_log_file( +mailman_manage_log( - file_type + domain )
@@ -38215,26 +41576,26 @@ system

-Make the specified type a file -used for logs. +Create, read, write, and delete +mailman logs.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_manage_all_logs( +mailman_read_archive( - ? + domain )
@@ -38242,20 +41603,20 @@ system

-Summary is missing! +Allow domain to read mailman archive files.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_manage_generic_logs( +mailman_read_data_symlinks( @@ -38268,26 +41629,25 @@ system

-Create, read, write, and delete -generic log files. +Allow read acces to mailman data symbolic links.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_read_all_logs( +mailman_search_data( - ? + domain )
@@ -38295,20 +41655,20 @@ system

-Summary is missing! +Allow domain to search data directories.

-Module: -logging

-Layer: -system

+Module: +mailman

+Layer: +services

-logging_read_auditd_config( +mailman_signal_cgi( @@ -38321,25 +41681,25 @@ system

-Read the auditd configuration files. +Send generic signals to the mailman cgi domain.

-Module: -logging

+Module: +miscfiles

Layer: system

-logging_read_generic_logs( +miscfiles_delete_man_pages( - ? + domain )
@@ -38347,20 +41707,20 @@ system

-Summary is missing! +Delete man pages

-Module: -logging

+Module: +miscfiles

Layer: system

-logging_rw_generic_logs( +miscfiles_exec_tetex_data( @@ -38373,20 +41733,20 @@ system

-Read and write generic log files. +Execute TeX data programs in the caller domain.

-Module: -logging

+Module: +miscfiles

Layer: system

-logging_rw_log_dir( +miscfiles_legacy_read_localization( @@ -38399,20 +41759,20 @@ system

-Read and write the generic log directory (/var/log). +Allow process to read legacy time localization info

-Module: -logging

+Module: +miscfiles

Layer: system

-logging_search_logs( +miscfiles_manage_man_pages( @@ -38425,27 +41785,25 @@ system

-Allows the domain to open a file in the -log directory, but does not allow the listing -of the contents of the log directory. +Create, read, write, and delete man pages

-Module: -logging

+Module: +miscfiles

Layer: system

-logging_send_syslog_msg( +miscfiles_manage_public_files( - ? + domain )
@@ -38453,25 +41811,26 @@ system

-Summary is missing! +Create, read, write, and delete public files +and directories used for file transfer services.

-Module: -logging

+Module: +miscfiles

Layer: system

-logging_write_generic_logs( +miscfiles_read_certs( - ? + domain )
@@ -38479,20 +41838,20 @@ system

-Summary is missing! +Read system SSL certificates.

-Module: -logrotate

-Layer: -admin

+Module: +miscfiles

+Layer: +system

-logrotate_domtrans( +miscfiles_read_fonts( @@ -38505,20 +41864,20 @@ admin

-Execute logrotate in the logrotate domain. +Read fonts.

-Module: -logrotate

-Layer: -admin

+Module: +miscfiles

+Layer: +system

-logrotate_dontaudit_use_fd( +miscfiles_read_hwdata( @@ -38531,20 +41890,20 @@ admin

-Do not audit attempts to inherit logrotate file descriptors. +Read hardware identification data.

-Module: -logrotate

-Layer: -admin

+Module: +miscfiles

+Layer: +system

-logrotate_exec( +miscfiles_read_localization( @@ -38557,20 +41916,20 @@ admin

-Execute logrotate in the caller domain. +Allow process to read localization info

-Module: -logrotate

-Layer: -admin

+Module: +miscfiles

+Layer: +system

-logrotate_read_tmp_files( +miscfiles_read_man_pages( @@ -38583,20 +41942,20 @@ admin

-Read a logrotate temporary files. +Read man pages

-Module: -logrotate

-Layer: -admin

+Module: +miscfiles

+Layer: +system

-logrotate_run( +miscfiles_read_public_files( @@ -38604,42 +41963,26 @@ admin

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute logrotate in the logrotate domain, and -allow the specified role the logrotate domain. +Read public files used for file +transfer services.

-Module: -lvm

+Module: +miscfiles

Layer: system

-lvm_domtrans( +miscfiles_read_tetex_data( @@ -38652,20 +41995,20 @@ system

-Execute lvm programs in the lvm domain. +Read TeX data

-Module: -lvm

-Layer: -system

+Module: +mls

+Layer: +kernel

-lvm_read_config( +mls_file_downgrade( @@ -38678,20 +42021,21 @@ system

-Read LVM configuration files. +Make specified domain MLS trusted +for lowering the level of files.

-Module: -lvm

-Layer: -system

+Module: +mls

+Layer: +kernel

-lvm_run( +mls_file_read_up( @@ -38699,41 +42043,26 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Execute lvm programs in the lvm domain. +Make specified domain MLS trusted +for reading from files at higher levels.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_delete_man_pages( +mls_file_upgrade( @@ -38746,20 +42075,21 @@ system

-Delete man pages +Make specified domain MLS trusted +for raising the level of files.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_exec_tetex_data( +mls_file_write_down( @@ -38772,20 +42102,21 @@ system

-Execute TeX data programs in the caller domain. +Make specified domain MLS trusted +for writing to files at lower levels.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_legacy_read_localization( +mls_process_read_up( @@ -38798,20 +42129,21 @@ system

-Allow process to read legacy time localization info +Make specified domain MLS trusted +for reading from processes at higher levels.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_manage_man_pages( +mls_process_set_level( @@ -38824,20 +42156,22 @@ system

-Create, read, write, and delete man pages +Make specified domain MLS trusted +for setting the level of processes +it executes.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_read_fonts( +mls_process_write_down( @@ -38850,20 +42184,21 @@ system

-Read fonts +Make specified domain MLS trusted +for writing to processes at lower levels.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_read_localization( +mls_rangetrans_source( @@ -38876,20 +42211,22 @@ system

-Allow process to read localization info +Allow the specified domain to do a MLS +range transition that changes +the current level.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_read_man_pages( +mls_rangetrans_target( @@ -38902,20 +42239,22 @@ system

-Read man pages +Make specified domain a target domain +for MLS range transitions that change +the current level.

-Module: -miscfiles

-Layer: -system

+Module: +mls

+Layer: +kernel

-miscfiles_read_tetex_data( +mls_trusted_object( @@ -38928,7 +42267,7 @@ system

-Read TeX data +Make specified object MLS trusted.

@@ -39144,6 +42483,33 @@ loading modules.
+Module: +modutils

+Layer: +system

+

+ +modutils_rename_module_conf( + + + + + domain + + + )
+
+ +
+

+Rename a file with the configuration options used when +loading modules. +

+
+ +
+ +
Module: modutils

Layer: @@ -39266,20 +42632,90 @@ system

-Execute update_modules in the update_modules domain. +Execute update_modules in the update_modules domain. +

+
+ +
+ +
+Module: +mount

+Layer: +system

+

+ +mount_domtrans( + + + + + domain + + + )
+
+ +
+

+Execute mount in the mount domain. +

+
+ +
+ +
+Module: +mount

+Layer: +system

+

+ +mount_run( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Execute mount in the mount domain, and +allow the specified role the mount domain, +and use the caller's terminal.

-Module: +Module: mount

Layer: system

-mount_domtrans( +mount_send_nfs_client_request( @@ -39292,64 +42728,21 @@ system

-Execute mount in the mount domain. -

-
- -
- -
-Module: -mount

-Layer: -system

-

- -mount_run( - - - - - domain - - - - , - - - - role - - - - , - - - - terminal - - - )
-
- -
-

-Execute mount in the mount domain, and -allow the specified role the mount domain, -and use the caller's terminal. +Allow the mount domain to send nfs requests for mounting +network drives

-Module: +Module: mount

Layer: system

-mount_send_nfs_client_request( +mount_use_fd( @@ -39362,21 +42755,20 @@ system

-Allow the mount domain to send nfs requests for mounting -network drives +Use file descriptors for mount.

-Module: -mount

-Layer: -system

+Module: +mta

+Layer: +services

-mount_use_fd( +mta_append_spool( @@ -39389,20 +42781,20 @@ system

-Use file descriptors for mount. +Create, read, and write the mail spool.

-Module: +Module: mta

Layer: services

-mta_append_spool( +mta_dontaudit_read_spool_symlink( @@ -39415,20 +42807,21 @@ services

-Create, read, and write the mail spool. +Do not audit attempts to read a symlink +in the mail spool.

-Module: +Module: mta

Layer: services

-mta_dontaudit_read_spool_symlink( +mta_dontaudit_rw_delivery_tcp_socket( @@ -39441,8 +42834,8 @@ services

-Do not audit attempts to read a symlink -in the mail spool. +Do not audit attempts to read and write TCP +sockets of mail delivery domains.

@@ -39800,6 +43193,62 @@ sendmail daemon use.
+Module: +mta

+Layer: +services

+

+ +mta_stub( + + + + + [ + + domain + + ] + + + )
+
+ +
+

+MTA stub interface. No access allowed. +

+
+ +
+ +
+Module: +mta

+Layer: +services

+

+ +mta_tcp_connect_all_mailservers( + + + + + domain + + + )
+
+ +
+

+Connect to all mail servers over TCP. +

+
+ +
+ +
+Module: +mysql

+Layer: +services

+

+ +mysql_rw_db_socket( + + + + + domain + + + )
+
+ +
+

+Read and write to the MySQL database +named socket. +

+
+ +
+ +
Module: mysql

Layer: @@ -40217,21 +43693,150 @@ admin

-Execute ping in the ping domain, and -allow the specified role the ping domain. +Execute ping in the ping domain, and +allow the specified role the ping domain. +

+
+ +
+ +
+Module: +netutils

+Layer: +admin

+

+ +netutils_run_ping_cond( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Conditionally execute ping in the ping domain, and +allow the specified role the ping domain. +

+
+ +
+ +
+Module: +netutils

+Layer: +admin

+

+ +netutils_run_traceroute( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Execute traceroute in the traceroute domain, and +allow the specified role the traceroute domain. +

+
+ +
+ +
+Module: +netutils

+Layer: +admin

+

+ +netutils_run_traceroute_cond( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Conditionally execute traceroute in the traceroute domain, and +allow the specified role the traceroute domain.

-Module: -netutils

-Layer: -admin

+Module: +nis

+Layer: +services

-netutils_run_traceroute( +nis_list_var_yp( @@ -40239,20 +43844,30 @@ admin

domain - - , - - - - role - + )
+

+ +
+

+Send UDP network traffic to NIS clients. +

+
+ +
+ +
+Module: +nis

+Layer: +services

+

+ +nis_signal_ypbind( - , - - terminal + domain )
@@ -40260,21 +43875,20 @@ admin

-Execute traceroute in the traceroute domain, and -allow the specified role the traceroute domain. +Send generic signals to ypbind.

-Module: +Module: nis

Layer: services

-nis_list_var_yp( +nis_udp_sendto_ypbind( @@ -40294,13 +43908,13 @@ Send UDP network traffic to NIS clients.
-Module: +Module: nis

Layer: services

-nis_udp_sendto_ypbind( +nis_use_ypbind( @@ -40313,20 +43927,20 @@ services

-Send UDP network traffic to NIS clients. +Use the ypbind service to access NIS services.

-Module: +Module: nis

Layer: services

-nis_use_ypbind( +nis_use_ypbind_uncond( @@ -40339,7 +43953,8 @@ services

-Use the ypbind service to access NIS services. +Use the ypbind service to access NIS services +unconditionally.

@@ -41013,6 +44628,162 @@ Allow the specified domain to connect to postgresql with a unix socket.
+Module: +ppp

+Layer: +services

+

+ +ppp_domtrans( + + + + + domain + + + )
+
+ +
+

+Execute domain in the ppp domain. +

+
+ +
+ +
+Module: +ppp

+Layer: +services

+

+ +ppp_run( + + + + + domain + + + )
+
+ +
+

+Unconditionally execute ppp daemon on behalf of a user or staff type. +

+
+ +
+ +
+Module: +ppp

+Layer: +services

+

+ +ppp_run_cond( + + + + + domain + + + )
+
+ +
+

+Conditionally execute ppp daemon on behalf of a user or staff type. +

+
+ +
+ +
+Module: +ppp

+Layer: +services

+

+ +ppp_sigchld( + + + + + domain + + + )
+
+ +
+

+Allow domain to send sigchld to parent of PPP domain type. +

+
+ +
+ +
+Module: +ppp

+Layer: +services

+

+ +ppp_signal( + + + + + domain + + + )
+
+ +
+

+Allow domain to send a signal to PPP domain type. +

+
+ +
+ +
+Module: +ppp

+Layer: +services

+

+ +ppp_use_fd( + + + + + domain + + + )
+
+ +
+

+Use PPP file discriptors. +

+
+ +
+ +
+Module: +samba

+Layer: +services

+

+ +samba_domtrans_winbind_helper( + + + + + domain + + + )
+
+ +
+

+Execute winbind_helper in the winbind_helper domain. +

+
+ +
+ +
+Module: +samba

+Layer: +services

+

+ +samba_read_winbind_pid( + + + + + domain + + + )
+
+ +
+

+Allow the specified domain to read the winbind pid files. +

+
+ +
+ +
+Module: +samba

+Layer: +services

+

+ +samba_read_winbind_pid( + + + + + domain + + + )
+
+ +
+

+Allow the specified domain to read the winbind pid files. +

+
+ +
+ +
+Module: +samba

+Layer: +services

+

+ +samba_run_winbind_helper( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Execute winbind_helper in the winbind_helper domain, and +allow the specified role the winbind_helper domain. +

+
+ +
+ +
+Module: +selinux

+Layer: +kernel

+

+ +selinux_search_fs( + + + + + domain + + + )
+
+ +
+

+Search selinuxfs. +

+
+ +
+ +
+Module: +sendmail

+Layer: +services

+

+ +sendmail_stub( + + + + + [ + + domain + + ] + + + )
+
+ +
+

+Sendmail stub interface. No access allowed. +

+
+ +
+ +
+Module: +su

+Layer: +admin

+

+ +su_exec( + + + + + domain + + + )
+
+ +
+

+Execute su in the caller domain. +

+
+ +
+ +
+Module: +sysnetwork

+Layer: +system

+

+ +sysnet_delete_dhcpc_pid( + + + + + domain + + + )
+
+ +
+

+Delete the dhcp client pid file. +

+
+ +
+ +
+Module: +tcpd

+Layer: +services

+

+ +tcpd_domtrans( + + + + + domain + + + )
+
+ +
+

+Execute tcpd in the tcpd domain. +

+
+ +
+ +
+Module: +terminal

+Layer: +kernel

+

+ +term_ioctl_generic_pty( + + + + + domain + + + )
+
+ +
+

+ioctl of generic pty types. +

+
+ +
+ +
+Module: +terminal

+Layer: +kernel

+

+ +term_search_ptys( + + + + + domain + + + )
+
+ +
+

+Search the contents of the /dev/pts directory. +

+
+ +
+ +
+Module: +terminal

+Layer: +kernel

+

+ +term_use_ptmx( + + + + + domain + + + )
+
+ +
+

+Read and write the pty multiplexor (/dev/ptmx). +

+
+ +
+ +
+Module: +udev

+Layer: +system

+

+ +udev_read_state( + + + + + domain + + + )
+
+ +
+

+Allow process to read udev process state. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_dontaudit_search_user_home_dirs( + + + + + domain + + + )
+
+ +
+

+Don't audit search on the user home subdirectory. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_dontaudit_use_sysadm_pty( + + + + + domain + + + )
+
+ +
+

+Dont audit attempts to read and write sysadm ptys. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_getattr_sysadm_home_dir( + + + + + domain + + + )
+
+ +
+

+Get the attributes of the sysadm users +home directory. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_manage_all_user_dirs( + + + + + domain + + + )
+
+ +
+

+Create, read, write, and delete all directories +in all users home directories. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_manage_all_user_files( + + + + + domain + + + )
+
+ +
+

+Create, read, write, and delete all files +in all users home directories. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_manage_all_user_symlinks( + + + + + domain + + + )
+
+ +
+

+Create, read, write, and delete all symlinks +in all users home directories. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_read_unpriv_user_home_files( + + + + + domain + + + )
+
+ +
+

+Read all unprivileged users home directory +files. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_search_unpriv_user_home_dirs( + + + + + domain + + + )
+
+ +
+

+Search all unprivileged users home directories. +

+
+ +
+ +
+Module: +userdomain

+Layer: +system

+

+ +userdom_sigchld_sysadm( + + + + + domain + + + )
+
+ +
+

+Send a SIGCHLD signal to sysadm users. +

+
+ +
+ +
+Module: +usermanage

+Layer: +admin

+

+ +usermanage_domtrans_admin_passwd( + + + + + domain + + + )
+
+ +
+

+Execute password admin functions in +the admin passwd domain. +

+
+ +
+ +
+Module: +webalizer

+Layer: +apps

+

+ +webalizer_domtrans( + + + + + domain + + + )
+
+ +
+

+Execute webalizer in the webalizer domain. +

+
+ +
+ +
+Module: +webalizer

+Layer: +apps

+

+ +webalizer_run( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+ +
+

+Execute webalizer in the webalizer domain, and +allow the specified role the webalizer domain. +

+
+ +
+ +
Module: zebra

Layer: diff --git a/www/api-docs/kernel.html b/www/api-docs/kernel.html index 6ede3e3..05604c7 100644 --- a/www/api-docs/kernel.html +++ b/www/api-docs/kernel.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -124,6 +127,11 @@ Policy for kernel threads, proc filesystem,and unlabeled processes and objects.

+ + mls +

Multilevel security policy

+ + selinux

diff --git a/www/api-docs/kernel_bootloader.html b/www/api-docs/kernel_bootloader.html index ec96c97..34cd583 100644 --- a/www/api-docs/kernel_bootloader.html +++ b/www/api-docs/kernel_bootloader.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -972,6 +975,48 @@ No

+ +
+ + +
+ +bootloader_search_kernel_modules( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search the contents of the kernel module directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
diff --git a/www/api-docs/kernel_corenetwork.html b/www/api-docs/kernel_corenetwork.html index a451f9d..b535756 100644 --- a/www/api-docs/kernel_corenetwork.html +++ b/www/api-docs/kernel_corenetwork.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -4208,6 +4211,90 @@ No
+ +
+ + +
+ +corenet_tcp_bind_pegasus_http_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Bind TCP sockets to the pegasus_http port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_tcp_bind_pegasus_https_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Bind TCP sockets to the pegasus_https port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -5846,6 +5933,48 @@ No
+ +
+ + +
+ +corenet_tcp_connect_all_reserved_ports( + + + + + domain + + + )
+
+
+ +
Summary
+

+Connect TCP sockets to reserved ports. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -7694,6 +7823,90 @@ No
+ +
+ + +
+ +corenet_tcp_connect_pegasus_http_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make a TCP connection to the pegasus_http port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_tcp_connect_pegasus_https_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make a TCP connection to the pegasus_https port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -11558,13 +11771,13 @@ No
- +
-corenet_tcp_sendrecv_pop_port( +corenet_tcp_sendrecv_pegasus_http_port( @@ -11578,7 +11791,7 @@ No
Summary

-Send and receive TCP traffic on the pop port. +Send and receive TCP traffic on the pegasus_http port.

@@ -11600,13 +11813,13 @@ No
- +
-corenet_tcp_sendrecv_portmap_port( +corenet_tcp_sendrecv_pegasus_https_port( @@ -11620,7 +11833,7 @@ No
Summary

-Send and receive TCP traffic on the portmap port. +Send and receive TCP traffic on the pegasus_https port.

@@ -11642,13 +11855,13 @@ No
- +
-corenet_tcp_sendrecv_postgresql_port( +corenet_tcp_sendrecv_pop_port( @@ -11662,7 +11875,7 @@ No
Summary

-Send and receive TCP traffic on the postgresql port. +Send and receive TCP traffic on the pop port.

@@ -11684,13 +11897,13 @@ No
- +
-corenet_tcp_sendrecv_postgrey_port( +corenet_tcp_sendrecv_portmap_port( @@ -11704,7 +11917,7 @@ No
Summary

-Send and receive TCP traffic on the postgrey port. +Send and receive TCP traffic on the portmap port.

@@ -11726,13 +11939,13 @@ No
- +
-corenet_tcp_sendrecv_printer_port( +corenet_tcp_sendrecv_postgresql_port( @@ -11746,7 +11959,7 @@ No
Summary

-Send and receive TCP traffic on the printer port. +Send and receive TCP traffic on the postgresql port.

@@ -11768,13 +11981,13 @@ No
- +
-corenet_tcp_sendrecv_ptal_port( +corenet_tcp_sendrecv_postgrey_port( @@ -11788,7 +12001,7 @@ No
Summary

-Send and receive TCP traffic on the ptal port. +Send and receive TCP traffic on the postgrey port.

@@ -11810,13 +12023,13 @@ No
- +
-corenet_tcp_sendrecv_pxe_port( +corenet_tcp_sendrecv_printer_port( @@ -11830,7 +12043,7 @@ No
Summary

-Send and receive TCP traffic on the pxe port. +Send and receive TCP traffic on the printer port.

@@ -11852,13 +12065,13 @@ No
- +
-corenet_tcp_sendrecv_pyzor_port( +corenet_tcp_sendrecv_ptal_port( @@ -11872,7 +12085,7 @@ No
Summary

-Send and receive TCP traffic on the pyzor port. +Send and receive TCP traffic on the ptal port.

@@ -11894,13 +12107,13 @@ No
- +
-corenet_tcp_sendrecv_radacct_port( +corenet_tcp_sendrecv_pxe_port( @@ -11914,7 +12127,7 @@ No
Summary

-Send and receive TCP traffic on the radacct port. +Send and receive TCP traffic on the pxe port.

@@ -11936,13 +12149,13 @@ No
- +
-corenet_tcp_sendrecv_radius_port( +corenet_tcp_sendrecv_pyzor_port( @@ -11956,7 +12169,7 @@ No
Summary

-Send and receive TCP traffic on the radius port. +Send and receive TCP traffic on the pyzor port.

@@ -11978,13 +12191,13 @@ No
- +
-corenet_tcp_sendrecv_razor_port( +corenet_tcp_sendrecv_radacct_port( @@ -11998,7 +12211,91 @@ No
Summary

-Send and receive TCP traffic on the razor port. +Send and receive TCP traffic on the radacct port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_tcp_sendrecv_radius_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send and receive TCP traffic on the radius port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_tcp_sendrecv_razor_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send and receive TCP traffic on the razor port.

@@ -15422,6 +15719,90 @@ No
+ +
+ + +
+ +corenet_udp_bind_pegasus_http_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Bind UDP sockets to the pegasus_http port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_udp_bind_pegasus_https_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Bind UDP sockets to the pegasus_https port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -19370,6 +19751,90 @@ No
+ +
+ + +
+ +corenet_udp_receive_pegasus_http_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Receive UDP traffic on the pegasus_http port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_udp_receive_pegasus_https_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Receive UDP traffic on the pegasus_https port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -23318,6 +23783,90 @@ No
+ +
+ + +
+ +corenet_udp_send_pegasus_http_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send UDP traffic on the pegasus_http port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_udp_send_pegasus_https_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send UDP traffic on the pegasus_https port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -27266,6 +27815,90 @@ No
+ +
+ + +
+ +corenet_udp_sendrecv_pegasus_http_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send and receive UDP traffic on the pegasus_http port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +corenet_udp_sendrecv_pegasus_https_port( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send and receive UDP traffic on the pegasus_https port. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -28694,6 +29327,48 @@ No
+ +
+ + +
+ +corenet_use_ppp_device( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write the point-to-point device. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/kernel_devices.html b/www/api-docs/kernel_devices.html index b526346..1e7104f 100644 --- a/www/api-docs/kernel_devices.html +++ b/www/api-docs/kernel_devices.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -97,10 +100,10 @@ are used to label device nodes should use the dev_node macro.

Additionally, this module controls access to three things:

    -

  • the device directories containing device nodes

    • -

  • device nodes as a group

    • -

  • individual access to specific device nodes covered by - this module.

    • +

  • the device directories containing device nodes

    • +

  • device nodes as a group

    • +

  • individual access to specific device nodes covered by +this module.

@@ -3568,6 +3571,48 @@ No
+ +
+ + +
+ +dev_rw_crypto( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write the the hardware SSL accelerator. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -3694,6 +3739,48 @@ No
+ +
+ + +
+ +dev_rw_mouse( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write to mouse devices. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/kernel_filesystem.html b/www/api-docs/kernel_filesystem.html index 877f98e..05db9d7 100644 --- a/www/api-docs/kernel_filesystem.html +++ b/www/api-docs/kernel_filesystem.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -348,6 +351,49 @@ No
+ +
+ + +
+ +fs_dontaudit_getattr_all_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of all files with a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -391,6 +437,135 @@ No
+ +
+ + +
+ +fs_dontaudit_getattr_all_pipes( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of all named pipes with a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +fs_dontaudit_getattr_all_sockets( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of all named sockets with a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +fs_dontaudit_getattr_all_symlinks( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of all symbolic links with a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -1127,6 +1302,50 @@ No
+ +
+ + +
+ +fs_get_xattr_fs_quotas( + + + + + domain + + + )
+
+
+ +
Summary
+

+Get the quotas of a persistent +filesystem which has extended +attributes, such as ext3, JFS, or XFS. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the domain getting quotas. + + +No +
+
+
+
@@ -1138,7 +1357,7 @@ No - ? + domain )
@@ -1147,7 +1366,8 @@ No
Summary

-Summary is missing! +Get the attributes of all files with +a filesystem type.

@@ -1156,10 +1376,10 @@ Summary is missing! Parameter:Description:Optional: -? +domain -Parameter descriptions are missing! +Domain allowed access. No @@ -1213,6 +1433,135 @@ No
+ +
+ + +
+ +fs_getattr_all_pipes( + + + + + domain + + + )
+
+
+ +
Summary
+

+Get the attributes of all named pipes with +a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +fs_getattr_all_sockets( + + + + + domain + + + )
+
+
+ +
Summary
+

+Get the attributes of all named sockets with +a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +fs_getattr_all_symlinks( + + + + + domain + + + )
+
+
+ +
Summary
+

+Get the attributes of all symbolic links with +a filesystem type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -4349,6 +4698,48 @@ No
+ +
+ + +
+ +fs_search_ramfs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search directories on a ramfs +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -5194,6 +5585,48 @@ No
+ +
+ + +
+ +fs_write_ramfs_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Write to named socket on a ramfs filesystem. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ Return diff --git a/www/api-docs/kernel_kernel.html b/www/api-docs/kernel_kernel.html index 7566760..333c284 100644 --- a/www/api-docs/kernel_kernel.html +++ b/www/api-docs/kernel_kernel.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -391,6 +394,48 @@ No
+ +
+ + +
+ +kernel_dontaudit_search_kernel_sysctl( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to search generic kernel sysctls. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+
@@ -434,13 +479,13 @@ No
- +
-kernel_dontaudit_search_network_sysctl_dir( +kernel_dontaudit_search_network_sysctl( @@ -454,7 +499,7 @@ No
Summary

-Do not audit attempts by caller to search sysctl network directories. +Do not audit attempts by caller to search network sysctl directories.

@@ -476,13 +521,13 @@ No
- +
-kernel_dontaudit_search_sysctl_dir( +kernel_dontaudit_search_sysctl( @@ -496,7 +541,8 @@ No
Summary

-Do not audit attempts by caller to search the sysctl directory. +Do not audit attempts by caller to search +the base directory of sysctls.

@@ -1109,6 +1155,48 @@ No
+ +
+ + +
+ +kernel_read_debugfs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read information from the debugging filesystem. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -2712,6 +2800,48 @@ No
+ +
+ + +
+ +kernel_search_network_sysctl( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search network sysctl directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -3780,6 +3910,48 @@ No
+ +
+ + +
+ +kernel_write_proc_file( + + + + + domain + + + )
+
+
+ +
Summary
+

+Write to generic proc entries. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ Return diff --git a/www/api-docs/kernel_mls.html b/www/api-docs/kernel_mls.html new file mode 100644 index 0000000..efc603d --- /dev/null +++ b/www/api-docs/kernel_mls.html @@ -0,0 +1,557 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: kernel

+

Module: mls

+ +

Description:

+ +

+

+This module contains interfaces for handling multilevel +security. The interfaces allow the specified subjects +and objects to be allowed certain privileges in the +MLS rules. +

+

+ + +

This module is required to be included in all policies.

+ + + +

Interfaces:

+ + +
+ + +
+ +mls_file_downgrade( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for lowering the level of files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_file_read_up( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for reading from files at higher levels. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_file_upgrade( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for raising the level of files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_file_write_down( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for writing to files at lower levels. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_process_read_up( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for reading from processes at higher levels. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_process_set_level( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for setting the level of processes +it executes. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_process_write_down( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain MLS trusted +for writing to processes at lower levels. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_rangetrans_source( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to do a MLS +range transition that changes +the current level. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_rangetrans_target( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified domain a target domain +for MLS range transitions that change +the current level. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +mls_trusted_object( + + + + + domain + + + )
+
+
+ +
Summary
+

+Make specified object MLS trusted. +

+ + +
Description
+

+

+Make specified object MLS trusted. This +allows all levels to read and write the +object. +

+

+This currently only applies to filesystem +objects, for example, files and directories. +

+

+ +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the object. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/kernel_selinux.html b/www/api-docs/kernel_selinux.html index a3afe1d..bfaec7c 100644 --- a/www/api-docs/kernel_selinux.html +++ b/www/api-docs/kernel_selinux.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -527,6 +530,48 @@ No
+ +
+ + +
+ +selinux_search_fs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search selinuxfs. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/kernel_storage.html b/www/api-docs/kernel_storage.html index 6b0ac10..06855d5 100644 --- a/www/api-docs/kernel_storage.html +++ b/www/api-docs/kernel_storage.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
diff --git a/www/api-docs/kernel_terminal.html b/www/api-docs/kernel_terminal.html index 5c8ad61..8cdb17d 100644 --- a/www/api-docs/kernel_terminal.html +++ b/www/api-docs/kernel_terminal.html @@ -40,6 +40,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -799,6 +802,48 @@ No
+ +
+ + +
+ +term_ioctl_generic_pty( + + + + + domain + + + )
+
+
+ +
Summary
+

+ioctl of generic pty types. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -1141,6 +1186,48 @@ No
+ +
+ + +
+ +term_search_ptys( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search the contents of the /dev/pts directory. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -1611,6 +1698,48 @@ No
+ +
+ + +
+ +term_use_ptmx( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write the pty multiplexor (/dev/ptmx). +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process to allow access. + + +No +
+
+
+
diff --git a/www/api-docs/services.html b/www/api-docs/services.html index 394ae95..dc4fdea 100644 --- a/www/api-docs/services.html +++ b/www/api-docs/services.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -192,11 +222,31 @@ + + apache +

Apache web server

+ + + + apm +

Advanced power management daemon

+ + + + arpwatch +

Ethernet activity monitor.

+ + bind

Berkeley internet name domain DNS server.

+ + bluetooth +

Bluetooth tools and system services.

+ + comsat

Comsat, a biff server.

@@ -232,6 +282,16 @@

Dictionary daemon

+ + finger +

Finger user information service.

+ + + + ftp +

File transfer protocol service

+ + gpm

General Purpose Mouse driver

@@ -272,6 +332,11 @@

OpenLDAP directory server

+ + mailman +

Mailman is for managing electronic mail discussion and e-newsletter lists

+ + mta

Policy common to all email tranfer agents.

@@ -307,11 +372,21 @@

PostgreSQL relational database

+ + ppp +

Point to Point Protocol daemon creates links in ppp networks

+ + privoxy

Privacy enhancing web proxy.

+ + radvd +

IPv6 router advertisement daemon

+ + remotelogin

Policy for rshd, rlogind, and telnetd.

@@ -334,7 +409,16 @@ samba -

SMB and CIFS client/server programs for UNIX

+

+SMB and CIFS client/server programs for UNIX and +name Service Switch daemon for resolving names +from Windows NT servers. +

+ + + + sasl +

SASL authentication server

diff --git a/www/api-docs/services_apache.html b/www/api-docs/services_apache.html new file mode 100644 index 0000000..5e06d09 --- /dev/null +++ b/www/api-docs/services_apache.html @@ -0,0 +1,1237 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: apache

+ +Interfaces +Templates + +

Description:

+ +

Apache web server

+ + + + +

Interfaces:

+ + +
+ + +
+ +apache_append_squirrelmail_data( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to append +apache squirrelmail data. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Transition to apache. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_domtrans_all_scripts( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute all user scripts in the user +script domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_domtrans_helper( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute the Apache helper program with +a domain transition. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_domtrans_sys_script( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute all web scripts in the system +script domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_dontaudit_append_log( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to append to the +Apache logs. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +apache_dontaudit_rw_stream_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to read and write Apache +unix domain stream sockets. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_dontaudit_rw_sys_script_stream_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to read and write Apache +system script unix domain stream sockets. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_dontaudit_rw_tcp_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to read and write Apache +TCP sockets. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_list_modules( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to list +the contents of the apache modules +directory. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_manage_sys_content( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to manage +apache system content files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_read_config( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to read +apache configuration files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_read_log( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to read +apache log files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_read_squirrelmail_data( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to read +apache squirrelmail data. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_run_all_scripts( + + + + + domain + + + + , + + + + role + + + )
+
+
+ +
Summary
+

+Execute all user scripts in the user +script domain. Add user script domains +to the specified role. +

+ + +
Parameters
+ + + + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+role + + +The role to be allowed the script domains. + + +No +
+
+
+ + +
+ + +
+ +apache_run_helper( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Execute the Apache helper program with +a domain transition, and allow the +specified role the dmidecode domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+role + + +The role to be allowed the dmidecode domain. + + +No +
+terminal + + +The type of the terminal allow the dmidecode domain to use. + + +No +
+
+
+ + +
+ + +
+ +apache_sigchld( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send a SIGCHLD signal to apache. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_signull( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send a null signal to apache. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apache_use_fd( + + + + + domain + + + )
+
+
+ +
Summary
+

+Inherit and use file descriptors from Apache. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return + + + +

Templates:

+ + +
+ + +
+ +apache_content_template( + + + + + prefix + + + )
+
+
+ +
Summary
+

+Create a set of derived types for apache +web content. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+prefix + + +The prefix to be used for deriving type names. + + +No +
+
+
+ + +
+ + +
+ +apache_per_userdomain_template( + + + + + userdomain_prefix + + + + , + + + + user_domain + + + + , + + + + user_role + + + )
+
+
+ +
Summary
+

+The per user domain template for the apache module. +

+ + +
Description
+

+

+This template creates types used for web pages +and web cgi to be used from the user home directory. +

+

+This template is invoked automatically for each user, and +generally does not need to be invoked directly +by policy writers. +

+

+ +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+userdomain_prefix + + +The prefix of the user domain (e.g., user +is the prefix for user_t). + + +No +
+user_domain + + +The type of the user domain. + + +No +
+user_role + + +The role associated with the user domain. + + +No +
+
+
+ + +Return + + + +
+ + diff --git a/www/api-docs/services_apm.html b/www/api-docs/services_apm.html new file mode 100644 index 0000000..2bd681f --- /dev/null +++ b/www/api-docs/services_apm.html @@ -0,0 +1,433 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: apm

+ +

Description:

+ +

Advanced power management daemon

+ + + + +

Interfaces:

+ + +
+ + +
+ +apm_append_log( + + + + + domain + + + )
+
+
+ +
Summary
+

+Append to apm's log file. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apm_domtrans_client( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute APM in the apm domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apm_rw_stream_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write to an apm unix stream socket. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +apm_use_fd( + + + + + domain + + + )
+
+
+ +
Summary
+

+Use file descriptors for apmd. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +apm_write_pipe( + + + + + domain + + + )
+
+
+ +
Summary
+

+Write to apmd unnamed pipes. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/services_arpwatch.html b/www/api-docs/services_arpwatch.html new file mode 100644 index 0000000..6958f7c --- /dev/null +++ b/www/api-docs/services_arpwatch.html @@ -0,0 +1,392 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: arpwatch

+ +

Description:

+ +

Ethernet activity monitor.

+ + + + +

Interfaces:

+ + +
+ + +
+ +arpwatch_dontaudit_rw_packet_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to read and write +arpwatch packet sockets. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +arpwatch_manage_data_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Create arpwatch data files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +arpwatch_rw_tmp_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write arpwatch temporary files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +arpwatch_search_data( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search arpwatch's data file directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/services_bind.html b/www/api-docs/services_bind.html index df05670..1459d3c 100644 --- a/www/api-docs/services_bind.html +++ b/www/api-docs/services_bind.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -182,6 +212,48 @@

Interfaces:

+ +
+ + +
+ +bind_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute bind in the named domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -214,7 +286,7 @@ Execute ndc in the ndc domain. domain -The type of the process performing this action. +Domain allowed access. No @@ -400,7 +472,7 @@ allow the specified role the ndc domain. domain -The type of the process performing this action. +Domain allowed access. No diff --git a/www/api-docs/services_bluetooth.html b/www/api-docs/services_bluetooth.html new file mode 100644 index 0000000..6b003f0 --- /dev/null +++ b/www/api-docs/services_bluetooth.html @@ -0,0 +1,219 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: bluetooth

+ +

Description:

+ +

Bluetooth tools and system services.

+ + + + + +

No interfaces or templates.

+ + +
+ + diff --git a/www/api-docs/services_comsat.html b/www/api-docs/services_comsat.html index 1c5c953..40c2848 100644 --- a/www/api-docs/services_comsat.html +++ b/www/api-docs/services_comsat.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_cpucontrol.html b/www/api-docs/services_cpucontrol.html index 6a8360d..7dbd1ab 100644 --- a/www/api-docs/services_cpucontrol.html +++ b/www/api-docs/services_cpucontrol.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_cron.html b/www/api-docs/services_cron.html index 70de6d0..a8447e4 100644 --- a/www/api-docs/services_cron.html +++ b/www/api-docs/services_cron.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_cvs.html b/www/api-docs/services_cvs.html index aadd944..a5a28d9 100644 --- a/www/api-docs/services_cvs.html +++ b/www/api-docs/services_cvs.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_dbus.html b/www/api-docs/services_dbus.html index ff31173..55874d9 100644 --- a/www/api-docs/services_dbus.html +++ b/www/api-docs/services_dbus.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_dhcp.html b/www/api-docs/services_dhcp.html index 0e2d884..2f9a4fc 100644 --- a/www/api-docs/services_dhcp.html +++ b/www/api-docs/services_dhcp.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_dictd.html b/www/api-docs/services_dictd.html index f384c15..1ca1e06 100644 --- a/www/api-docs/services_dictd.html +++ b/www/api-docs/services_dictd.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_finger.html b/www/api-docs/services_finger.html new file mode 100644 index 0000000..2fbae3d --- /dev/null +++ b/www/api-docs/services_finger.html @@ -0,0 +1,307 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: finger

+ +

Description:

+ +

Finger user information service.

+ + + + +

Interfaces:

+ + +
+ + +
+ +finger_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute fingerd in the fingerd domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +finger_tcp_connect( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to connect to fingerd with a tcp socket. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/services_ftp.html b/www/api-docs/services_ftp.html new file mode 100644 index 0000000..d6f8396 --- /dev/null +++ b/www/api-docs/services_ftp.html @@ -0,0 +1,391 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: ftp

+ +

Description:

+ +

File transfer protocol service

+ + + + +

Interfaces:

+ + +
+ + +
+ +ftp_check_exec( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute FTP daemon entry point programs. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ftp_read_config( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read ftpd etc files +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ftp_read_log( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read FTP transfer logs +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ftp_tcp_connect( + + + + + domain + + + )
+
+
+ +
Summary
+

+Use ftp by connecting over TCP. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/services_gpm.html b/www/api-docs/services_gpm.html index bd02bc7..31570fb 100644 --- a/www/api-docs/services_gpm.html +++ b/www/api-docs/services_gpm.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -202,7 +232,7 @@
Summary

-Do not audit attempts to get the +Do not audit attempts to get the attributes of the GPM control channel named socket.

diff --git a/www/api-docs/services_hal.html b/www/api-docs/services_hal.html index d37fbc5..06979a0 100644 --- a/www/api-docs/services_hal.html +++ b/www/api-docs/services_hal.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_howl.html b/www/api-docs/services_howl.html index 62be7e3..9e679ab 100644 --- a/www/api-docs/services_howl.html +++ b/www/api-docs/services_howl.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_inetd.html b/www/api-docs/services_inetd.html index 38f97f7..a0392db 100644 --- a/www/api-docs/services_inetd.html +++ b/www/api-docs/services_inetd.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_inn.html b/www/api-docs/services_inn.html index 0678109..acfa596 100644 --- a/www/api-docs/services_inn.html +++ b/www/api-docs/services_inn.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_kerberos.html b/www/api-docs/services_kerberos.html index 2f4b0e2..bf1a47b 100644 --- a/www/api-docs/services_kerberos.html +++ b/www/api-docs/services_kerberos.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -182,17 +212,17 @@ This policy supports:

Servers:

    -

  • kadmind

    • -

  • krb5kdc

    • +

  • kadmind

    • +

  • krb5kdc

Clients:

    -

  • kinit

    • -

  • kdestroy

    • -

  • klist

    • -

  • ksu (incomplete)

    • +

  • kinit

    • +

  • kdestroy

    • +

  • klist

    • +

  • ksu (incomplete)

diff --git a/www/api-docs/services_ktalk.html b/www/api-docs/services_ktalk.html index d99f2a6..f88e605 100644 --- a/www/api-docs/services_ktalk.html +++ b/www/api-docs/services_ktalk.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_ldap.html b/www/api-docs/services_ldap.html index a22ab97..3209036 100644 --- a/www/api-docs/services_ldap.html +++ b/www/api-docs/services_ldap.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_mailman.html b/www/api-docs/services_mailman.html new file mode 100644 index 0000000..f9b6256 --- /dev/null +++ b/www/api-docs/services_mailman.html @@ -0,0 +1,662 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: mailman

+ +Interfaces +Templates + +

Description:

+ +

Mailman is for managing electronic mail discussion and e-newsletter lists

+ + + + +

Interfaces:

+ + +
+ + +
+ +mailman_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute mailman in the mailman domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_domtrans_cgi( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute mailman CGI scripts in the +mailman CGI domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_exec( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute mailman in the caller domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowd access. + + +No +
+
+
+ + +
+ + +
+ +mailman_list_data( + + + + + domain + + + )
+
+
+ +
Summary
+

+List the contents of mailman data directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_manage_log( + + + + + domain + + + )
+
+
+ +
Summary
+

+Create, read, write, and delete +mailman logs. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_read_archive( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow domain to read mailman archive files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_read_data_symlinks( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow read acces to mailman data symbolic links. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_search_data( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow domain to search data directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +mailman_signal_cgi( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send generic signals to the mailman cgi domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return + + + +

Templates:

+ + +
+ + +
+ +mailman_domain_template( + + + + + userdomain_prefix + + + )
+
+
+ +
Summary
+

+The template to define a mailmain domain. +

+ + +
Description
+

+

+This template creates a domain to be used for +a new mailman daemon. +

+

+ +
Parameters
+ + + + + +
Parameter:Description:Optional:
+userdomain_prefix + + +The type of daemon to be used eg, cgi would give mailman_cgi_ + + +No +
+
+
+ + +Return + + + +
+ + diff --git a/www/api-docs/services_mta.html b/www/api-docs/services_mta.html index e5c420a..3417eef 100644 --- a/www/api-docs/services_mta.html +++ b/www/api-docs/services_mta.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -270,6 +300,49 @@ No
+ +
+ + +
+ +mta_dontaudit_rw_delivery_tcp_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to read and write TCP +sockets of mail delivery domains. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Mail server domain. + + +No +
+
+
+
@@ -855,6 +928,94 @@ No
+ +
+ + +
+ +mta_stub( + + + + + [ + + domain + + ] + + + )
+
+
+ +
Summary
+

+MTA stub interface. No access allowed. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +N/A + + +yes +
+
+
+ + +
+ + +
+ +mta_tcp_connect_all_mailservers( + + + + + domain + + + )
+
+
+ +
Summary
+

+Connect to all mail servers over TCP. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Mail server domain. + + +No +
+
+
+ Return diff --git a/www/api-docs/services_mysql.html b/www/api-docs/services_mysql.html index ce795e5..bb9f9f9 100644 --- a/www/api-docs/services_mysql.html +++ b/www/api-docs/services_mysql.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -308,6 +338,49 @@ No
+ +
+ + +
+ +mysql_rw_db_socket( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read and write to the MySQL database +named socket. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/services_nis.html b/www/api-docs/services_nis.html index ab78661..cf599a4 100644 --- a/www/api-docs/services_nis.html +++ b/www/api-docs/services_nis.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -224,6 +254,48 @@ No
+ +
+ + +
+ +nis_signal_ypbind( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send generic signals to ypbind. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -308,6 +380,63 @@ No
+ +
+ + +
+ +nis_use_ypbind_uncond( + + + + + domain + + + )
+
+
+ +
Summary
+

+Use the ypbind service to access NIS services +unconditionally. +

+ + +
Description
+

+

+Use the ypbind service to access NIS services +unconditionally. +

+

+This interface was added because of apache and +spamassassin, to fix a nested conditionals problem. +When that support is added, this should be removed, +and the regular interface should be used. +

+

+ +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ Return diff --git a/www/api-docs/services_nscd.html b/www/api-docs/services_nscd.html index 5d3b7e6..be6ae3f 100644 --- a/www/api-docs/services_nscd.html +++ b/www/api-docs/services_nscd.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_ntp.html b/www/api-docs/services_ntp.html index 5b8d96c..e335128 100644 --- a/www/api-docs/services_ntp.html +++ b/www/api-docs/services_ntp.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_portmap.html b/www/api-docs/services_portmap.html index 5bc40fc..545536c 100644 --- a/www/api-docs/services_portmap.html +++ b/www/api-docs/services_portmap.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_postgresql.html b/www/api-docs/services_postgresql.html index 622102f..adfeb36 100644 --- a/www/api-docs/services_postgresql.html +++ b/www/api-docs/services_postgresql.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_ppp.html b/www/api-docs/services_ppp.html new file mode 100644 index 0000000..0ff8334 --- /dev/null +++ b/www/api-docs/services_ppp.html @@ -0,0 +1,475 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: ppp

+ +

Description:

+ +

Point to Point Protocol daemon creates links in ppp networks

+ + + + +

Interfaces:

+ + +
+ + +
+ +ppp_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute domain in the ppp domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ppp_run( + + + + + domain + + + )
+
+
+ +
Summary
+

+Unconditionally execute ppp daemon on behalf of a user or staff type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ppp_run_cond( + + + + + domain + + + )
+
+
+ +
Summary
+

+Conditionally execute ppp daemon on behalf of a user or staff type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ppp_sigchld( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow domain to send sigchld to parent of PPP domain type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ppp_signal( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow domain to send a signal to PPP domain type. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +ppp_use_fd( + + + + + domain + + + )
+
+
+ +
Summary
+

+Use PPP file discriptors. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +Return + + + + +
+ + diff --git a/www/api-docs/services_privoxy.html b/www/api-docs/services_privoxy.html index 5126089..39d6e34 100644 --- a/www/api-docs/services_privoxy.html +++ b/www/api-docs/services_privoxy.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_radvd.html b/www/api-docs/services_radvd.html new file mode 100644 index 0000000..ccdb103 --- /dev/null +++ b/www/api-docs/services_radvd.html @@ -0,0 +1,219 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: radvd

+ +

Description:

+ +

IPv6 router advertisement daemon

+ + + + + +

No interfaces or templates.

+ + +
+ + diff --git a/www/api-docs/services_remotelogin.html b/www/api-docs/services_remotelogin.html index 0ea1ca8..6281f28 100644 --- a/www/api-docs/services_remotelogin.html +++ b/www/api-docs/services_remotelogin.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_rlogin.html b/www/api-docs/services_rlogin.html index 4eaaf20..c65af2d 100644 --- a/www/api-docs/services_rlogin.html +++ b/www/api-docs/services_rlogin.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_rshd.html b/www/api-docs/services_rshd.html index fe29334..8bb06e7 100644 --- a/www/api-docs/services_rshd.html +++ b/www/api-docs/services_rshd.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_rsync.html b/www/api-docs/services_rsync.html index 564fe65..1f68855 100644 --- a/www/api-docs/services_rsync.html +++ b/www/api-docs/services_rsync.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_samba.html b/www/api-docs/services_samba.html index 2665033..f2e7a4f 100644 --- a/www/api-docs/services_samba.html +++ b/www/api-docs/services_samba.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -178,7 +208,11 @@

Description:

-

SMB and CIFS client/server programs for UNIX

+

+SMB and CIFS client/server programs for UNIX and +name Service Switch daemon for resolving names +from Windows NT servers. +

@@ -269,6 +303,48 @@ No
+ +
+ + +
+ +samba_domtrans_winbind_helper( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute winbind_helper in the winbind_helper domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -438,6 +514,90 @@ No
+ +
+ + +
+ +samba_read_winbind_pid( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to read the winbind pid files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +samba_read_winbind_pid( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to read the winbind pid files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -517,6 +677,85 @@ No
+ +
+ + +
+ +samba_run_winbind_helper( + + + + + domain + + + + , + + + + role + + + + , + + + + terminal + + + )
+
+
+ +
Summary
+

+Execute winbind_helper in the winbind_helper domain, and +allow the specified role the winbind_helper domain. +

+ + +
Parameters
+ + + + + + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+role + + +The role to be allowed the winbind_helper domain. + + +No +
+terminal + + +The type of the terminal allow the winbind_helper domain to use. + + +No +
+
+
+
@@ -665,22 +904,6 @@ No userdomain_prefix - - , - - - - user_domain - - - - , - - - - user_role - - )
@@ -720,26 +943,6 @@ is the prefix for user_t). No - -user_domain - - -The type of the user domain. - - -No - - - -user_role - - -The role associated with the user domain. - - -No - -
diff --git a/www/api-docs/services_sasl.html b/www/api-docs/services_sasl.html new file mode 100644 index 0000000..9e7df34 --- /dev/null +++ b/www/api-docs/services_sasl.html @@ -0,0 +1,219 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +
+ +

Layer: services

+

Module: sasl

+ +

Description:

+ +

SASL authentication server

+ + + + + +

No interfaces or templates.

+ + +
+ + diff --git a/www/api-docs/services_sendmail.html b/www/api-docs/services_sendmail.html index a041859..ff9ef8c 100644 --- a/www/api-docs/services_sendmail.html +++ b/www/api-docs/services_sendmail.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -224,6 +254,52 @@ No
+ +
+ + +
+ +sendmail_stub( + + + + + [ + + domain + + ] + + + )
+
+
+ +
Summary
+

+Sendmail stub interface. No access allowed. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +N/A + + +yes +
+
+
+ Return diff --git a/www/api-docs/services_snmp.html b/www/api-docs/services_snmp.html index 9071383..025ce65 100644 --- a/www/api-docs/services_snmp.html +++ b/www/api-docs/services_snmp.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_squid.html b/www/api-docs/services_squid.html index 5d88a00..1d48ff7 100644 --- a/www/api-docs/services_squid.html +++ b/www/api-docs/services_squid.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_ssh.html b/www/api-docs/services_ssh.html index 53f9947..d665fc0 100644 --- a/www/api-docs/services_ssh.html +++ b/www/api-docs/services_ssh.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_stunnel.html b/www/api-docs/services_stunnel.html index ba1eefe..10e796c 100644 --- a/www/api-docs/services_stunnel.html +++ b/www/api-docs/services_stunnel.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_tcpd.html b/www/api-docs/services_tcpd.html index 5184f99..f3b1852 100644 --- a/www/api-docs/services_tcpd.html +++ b/www/api-docs/services_tcpd.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -179,9 +209,55 @@ + +

Interfaces:

+ + +
+ + +
+ +tcpd_domtrans( + + + + + domain + + + )
+
+
+ +
Summary
+

+Execute tcpd in the tcpd domain. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +Return -

No interfaces or templates.

diff --git a/www/api-docs/services_telnet.html b/www/api-docs/services_telnet.html index 503c549..060ba45 100644 --- a/www/api-docs/services_telnet.html +++ b/www/api-docs/services_telnet.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_tftp.html b/www/api-docs/services_tftp.html index a3da7d4..3afbbca 100644 --- a/www/api-docs/services_tftp.html +++ b/www/api-docs/services_tftp.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_uucp.html b/www/api-docs/services_uucp.html index dc9e959..cde0bf4 100644 --- a/www/api-docs/services_uucp.html +++ b/www/api-docs/services_uucp.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/services_zebra.html b/www/api-docs/services_zebra.html index 753dd77..66bf7b7 100644 --- a/www/api-docs/services_zebra.html +++ b/www/api-docs/services_zebra.html @@ -31,9 +31,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -55,6 +67,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -79,6 +97,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -100,9 +121,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -118,6 +145,9 @@    -  samba
+    -  + sasl
+    -  sendmail
diff --git a/www/api-docs/system_authlogin.html b/www/api-docs/system_authlogin.html index becc402..5f55eaa 100644 --- a/www/api-docs/system_authlogin.html +++ b/www/api-docs/system_authlogin.html @@ -188,6 +188,90 @@ No
+ +
+ + +
+ +auth_append_lastlog( + + + + + domain + + + )
+
+
+ +
Summary
+

+Append only to the last logins log. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +auth_append_login_records( + + + + + domain + + + )
+
+
+ +
Summary
+

+Append to login records (wtmp). +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -1030,6 +1114,48 @@ No
+ +
+ + +
+ +auth_read_lastlog( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read the last logins log. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -1515,7 +1641,7 @@ No - ? + domain )
@@ -1524,7 +1650,7 @@ No
Summary

-Summary is missing! +Read and write to the last logins log.

@@ -1533,10 +1659,10 @@ Summary is missing! Parameter:Description:Optional: -? +domain -Parameter descriptions are missing! +Domain allowed access. No @@ -1684,6 +1810,90 @@ No
+ +
+ + +
+ +auth_use_nsswitch( + + + + + domain + + + )
+
+
+ +
Summary
+

+Use nsswitch to look up uid-username mappings. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +auth_write_login_records( + + + + + domain + + + )
+
+
+ +
Summary
+

+Write to login records (wtmp). +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ Return diff --git a/www/api-docs/system_clock.html b/www/api-docs/system_clock.html index 27e4604..71d7400 100644 --- a/www/api-docs/system_clock.html +++ b/www/api-docs/system_clock.html @@ -205,8 +205,8 @@ No
Summary

- Execute hwclock in the caller domain. -

+Execute hwclock in the caller domain. +

Parameters
@@ -217,8 +217,8 @@ No domain - The type of the process performing this action. - +The type of the process performing this action. + No @@ -326,8 +326,8 @@ No
Summary

- Allow executing domain to modify clock drift -

+Allow executing domain to modify clock drift +

Parameters
@@ -338,8 +338,8 @@ No domain - The type of the process performing this action. - +The type of the process performing this action. + No diff --git a/www/api-docs/system_domain.html b/www/api-docs/system_domain.html index 99e978f..c4ab57d 100644 --- a/www/api-docs/system_domain.html +++ b/www/api-docs/system_domain.html @@ -324,6 +324,49 @@ No
+ +
+ + +
+ +domain_dontaudit_getattr_all_key_sockets( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get attribues of +all domains IPSEC key management sockets. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -1371,6 +1414,48 @@ No
+ +
+ + +
+ +domain_ptrace_all_domains( + + + + + domain + + + )
+
+
+ +
Summary
+

+Ptrace all domains. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/system_files.html b/www/api-docs/system_files.html index 6778e7e..75d1af1 100644 --- a/www/api-docs/system_files.html +++ b/www/api-docs/system_files.html @@ -1319,6 +1319,308 @@ No
+ +
+ + +
+ +files_dontaudit_getattr_home_dir( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the +attributes of the home directories root +(/home). +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_getattr_non_security_blk_dev( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of non security block devices. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_getattr_non_security_chr_dev( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of non security character devices. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_getattr_non_security_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of non security files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_getattr_non_security_pipes( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of non security named pipes. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_getattr_non_security_sockets( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of non security named sockets. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_getattr_non_security_symlinks( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to get the attributes +of non security symbolic links. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+
@@ -1490,6 +1792,49 @@ No
+ +
+ + +
+ +files_dontaudit_list_non_security( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to list all +non security directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+
@@ -1885,6 +2230,49 @@ No + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to search +the /var/run directory. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_search_src( + + + + ? @@ -1894,7 +2282,50 @@ No
Summary

-Summary is missing! +Summary is missing! +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+? + + +Parameter descriptions are missing! + + +No +
+
+
+ + +
+ + +
+ +files_dontaudit_search_var( + + + + + domain + + + )
+
+
+ +
Summary
+

+Do not audit attempts to search +the contents of /var.

@@ -1903,10 +2334,10 @@ Summary is missing! Parameter:Description:Optional: -? +domain -Parameter descriptions are missing! +Domain to not audit. No @@ -1916,18 +2347,18 @@ No
- +
-files_dontaudit_search_var( +files_dontaudit_write_all_pids( - ? + domain )
@@ -1936,7 +2367,7 @@ No
Summary

-Summary is missing! +Do not audit attempts to write to daemon runtime data files.

@@ -1945,10 +2376,10 @@ Summary is missing! Parameter:Description:Optional: -? +domain -Parameter descriptions are missing! +The type of the process performing this action. No @@ -1958,18 +2389,18 @@ No
- +
-files_dontaudit_write_all_pids( +files_exec_etc_files( - domain + ? )
@@ -1978,7 +2409,7 @@ No
Summary

-Do not audit attempts to write to daemon runtime data files. +Summary is missing!

@@ -1987,10 +2418,10 @@ Do not audit attempts to write to daemon runtime data files. Parameter:Description:Optional: -domain +? -The type of the process performing this action. +Parameter descriptions are missing! No @@ -2000,18 +2431,18 @@ No
- +
-files_exec_etc_files( +files_exec_usr_files( - ? + domain )
@@ -2020,7 +2451,7 @@ No
Summary

-Summary is missing! +Execute generic programs in /usr in the caller domain.

@@ -2029,10 +2460,10 @@ Summary is missing! Parameter:Description:Optional: -? +domain -Parameter descriptions are missing! +The type of the process performing this action. No @@ -2042,13 +2473,13 @@ No
- +
-files_exec_usr_files( +files_exec_usr_src_files( @@ -2356,8 +2787,7 @@ No
Summary

-Do not audit attempts to get the -attributes of the home directories root +Get the attributes of the home directories root (/home).

@@ -2928,6 +3358,48 @@ No
+ +
+ + +
+ +files_list_var( + + + + + domain + + + )
+
+
+ +
Summary
+

+List the contents of /var. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -4201,7 +4673,7 @@ No
Summary

-Make the specified type a +Make the specified type a polyinstantiated directory.

@@ -5070,7 +5542,49 @@ No
Summary

-Read generic files in /var/lib +Read generic files in /var/lib. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +files_read_var_lib_symlinks( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read generic symbolic links in /var/lib

@@ -5599,7 +6113,7 @@ No
Summary

-Read and write block device nodes on new filesystems +Read and write block device nodes on new filesystems that have not yet been labeled.

@@ -5665,6 +6179,91 @@ No
+ +
+ + +
+ +files_rw_locks_dir( + + + + + domain + + + )
+
+
+ +
Summary
+

+Add and remove entries in the /var/lock +directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +files_search_all( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search all directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -6096,7 +6695,7 @@ No - ? + domain )
@@ -6105,7 +6704,7 @@ No
Summary

-Summary is missing! +Search the contents of /var.

@@ -6114,10 +6713,10 @@ Summary is missing! Parameter:Description:Optional: -? +domain -Parameter descriptions are missing! +Domain allowed access. No @@ -6169,6 +6768,51 @@ No
+ +
+ + +
+ +files_security_file( + + + + + file_type + + + )
+
+
+ +
Summary
+

+Make the specified type a file that +should not be dontaudited from +browsing from user domains. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+file_type + + +Type of the file to be used as a +member directory. + + +No +
+
+
+
@@ -6351,7 +6995,7 @@ No - ? + type )
@@ -6360,7 +7004,8 @@ No
Summary

-Summary is missing! +Make the specified type usable for files +in a filesystem.

@@ -6369,10 +7014,10 @@ Summary is missing! Parameter:Description:Optional: -? +type -Parameter descriptions are missing! +Type to be used for files. No diff --git a/www/api-docs/system_hostname.html b/www/api-docs/system_hostname.html index e08d8ae..254a954 100644 --- a/www/api-docs/system_hostname.html +++ b/www/api-docs/system_hostname.html @@ -205,8 +205,8 @@ No
Summary

- Execute hostname in the caller domain. -

+Execute hostname in the caller domain. +

Parameters
@@ -217,8 +217,8 @@ No domain - The type of the process performing this action. - +The type of the process performing this action. + No diff --git a/www/api-docs/system_init.html b/www/api-docs/system_init.html index 4c0c625..e2753aa 100644 --- a/www/api-docs/system_init.html +++ b/www/api-docs/system_init.html @@ -432,6 +432,49 @@ No
+ +
+ + +
+ +init_dontaudit_unix_connect_script( + + + + + domain + + + )
+
+
+ +
Summary
+

+Dont audit the specified domain connecting to +init scripts with a unix domain stream socket. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -1505,6 +1548,92 @@ No
+ +
+ + +
+ +init_unix_connect_script( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to connect to +init scripts with a unix domain stream socket. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +init_unix_connect_script( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow the specified domain to connect to +init scripts with a unix socket. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/system_logging.html b/www/api-docs/system_logging.html index 0398aca..77f1e5c 100644 --- a/www/api-docs/system_logging.html +++ b/www/api-docs/system_logging.html @@ -353,6 +353,48 @@ No
+ +
+ + +
+ +logging_list_logs( + + + + + domain + + + )
+
+
+ +
Summary
+

+List the contents of the generic log directory (/var/log). +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/system_miscfiles.html b/www/api-docs/system_miscfiles.html index 34c1602..17e6d2e 100644 --- a/www/api-docs/system_miscfiles.html +++ b/www/api-docs/system_miscfiles.html @@ -217,7 +217,7 @@ Execute TeX data programs in the caller domain. domain -Type type of the process performing this action. +Domain allowed access. No @@ -259,7 +259,7 @@ Allow process to read legacy time localization info domain -Type type of the process performing this action. +Domain allowed access. No @@ -311,6 +311,91 @@ No
+ +
+ + +
+ +miscfiles_manage_public_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Create, read, write, and delete public files +and directories used for file transfer services. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+ + +
+ + +
+ +miscfiles_read_certs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read system SSL certificates. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -331,7 +416,7 @@ No
Summary

-Read fonts +Read fonts.

@@ -343,7 +428,49 @@ Read fonts domain -Type type of the process performing this action. +Domain allowed access. + + +No + + + +
+
+ + +
+ + +
+ +miscfiles_read_hwdata( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read hardware identification data. +

+ + +
Parameters
+ + + + + Loadable modules can be built with a compler + that has the require-in-conditionals, + delcare-then-require, and stack-overflow patches + applied. @@ -202,16 +205,6 @@ converted: - - - - - - - - - - @@ -352,11 +345,6 @@ converted: - - - - - @@ -422,11 +410,6 @@ converted: - - - - - @@ -469,7 +452,7 @@ converted: - + @@ -547,16 +530,6 @@ converted: - - - - - - - - - - @@ -579,7 +552,7 @@ converted: - + @@ -587,11 +560,6 @@ converted: - - - - - @@ -712,11 +680,6 @@ converted: - - - - -
Parameter:Description:Optional:
+domain + + +Domain allowed access. No @@ -385,7 +512,7 @@ Allow process to read localization info domain -Type type of the process performing this action. +Domain allowed access. No @@ -437,6 +564,49 @@ No + +
+ + +
+ +miscfiles_read_public_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read public files used for file +transfer services. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -469,7 +639,7 @@ Read TeX data domain
-Type type of the process performing this action. +Domain allowed access. No diff --git a/www/api-docs/system_modutils.html b/www/api-docs/system_modutils.html index 549a2eb..44d0e72 100644 --- a/www/api-docs/system_modutils.html +++ b/www/api-docs/system_modutils.html @@ -480,6 +480,49 @@ No + +
+ + +
+ +modutils_rename_module_conf( + + + + + domain + + + )
+
+
+ +
Summary
+

+Rename a file with the configuration options used when +loading modules. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
diff --git a/www/api-docs/system_sysnetwork.html b/www/api-docs/system_sysnetwork.html index cb4ac86..36727ab 100644 --- a/www/api-docs/system_sysnetwork.html +++ b/www/api-docs/system_sysnetwork.html @@ -280,6 +280,48 @@ yes
+ +
+ + +
+ +sysnet_delete_dhcpc_pid( + + + + + domain + + + )
+
+
+ +
Summary
+

+Delete the dhcp client pid file. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -354,7 +396,7 @@ Execute dhcp client in dhcpc domain. domain
- The type of the process performing this action. +The type of the process performing this action. No diff --git a/www/api-docs/system_udev.html b/www/api-docs/system_udev.html index 4b54963..58b3003 100644 --- a/www/api-docs/system_udev.html +++ b/www/api-docs/system_udev.html @@ -313,6 +313,48 @@ No + +
+ + +
+ +udev_read_state( + + + + + domain + + + )
+
+
+ +
Summary
+

+Allow process to read udev process state. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
diff --git a/www/api-docs/system_userdomain.html b/www/api-docs/system_userdomain.html index 026247f..3ec650f 100644 --- a/www/api-docs/system_userdomain.html +++ b/www/api-docs/system_userdomain.html @@ -426,6 +426,48 @@ No
+ +
+ + +
+ +userdom_dontaudit_search_user_home_dirs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Don't audit search on the user home subdirectory. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -469,6 +511,48 @@ No
+ +
+ + +
+ +userdom_dontaudit_use_sysadm_pty( + + + + + domain + + + )
+
+
+ +
Summary
+

+Dont audit attempts to read and write sysadm ptys. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+
@@ -639,6 +723,178 @@ No
+ +
+ + +
+ +userdom_getattr_sysadm_home_dir( + + + + + domain + + + )
+
+
+ +
Summary
+

+Get the attributes of the sysadm users +home directory. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain to not audit. + + +No +
+
+
+ + +
+ + +
+ +userdom_manage_all_user_dirs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Create, read, write, and delete all directories +in all users home directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +userdom_manage_all_user_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Create, read, write, and delete all files +in all users home directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+ + +
+ + +
+ +userdom_manage_all_user_symlinks( + + + + + domain + + + )
+
+
+ +
Summary
+

+Create, read, write, and delete all symlinks +in all users home directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -1024,6 +1280,49 @@ No
+ +
+ + +
+ +userdom_read_unpriv_user_home_files( + + + + + domain + + + )
+
+
+ +
Summary
+

+Read all unprivileged users home directory +files. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -1192,6 +1491,48 @@ No
+ +
+ + +
+ +userdom_search_unpriv_user_home_dirs( + + + + + domain + + + )
+
+
+ +
Summary
+

+Search all unprivileged users home directories. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +Domain allowed access. + + +No +
+
+
+
@@ -1234,6 +1575,48 @@ No
+ +
+ + +
+ +userdom_sigchld_sysadm( + + + + + domain + + + )
+
+
+ +
Summary
+

+Send a SIGCHLD signal to sysadm users. +

+ + +
Parameters
+ + + + + +
Parameter:Description:Optional:
+domain + + +The type of the process performing this action. + + +No +
+
+
+
@@ -1825,15 +2208,15 @@ tmp, and tmpfs files.

The privileges given to administrative users are:

    -

  • Raw disk access

    • -

  • Set all sysctls

    • -

  • All kernel ring buffer controls

    • -

  • Set SELinux enforcement mode (enforcing/permissive)

    • -

  • Set SELinux booleans

    • -

  • Relabel all files but shadow

    • -

  • Create, read, write, and delete all files but shadow

    • -

  • Manage source and binary format SELinux policy

    • -

  • Run insmod

    • +

  • Raw disk access

    • +

  • Set all sysctls

    • +

  • All kernel ring buffer controls

    • +

  • Set SELinux enforcement mode (enforcing/permissive)

    • +

  • Set SELinux booleans

    • +

  • Relabel all files but shadow

    • +

  • Create, read, write, and delete all files but shadow

    • +

  • Manage source and binary format SELinux policy

    • +

  • Run insmod

@@ -2873,6 +3256,78 @@ No
+ +
+ + +
+ +userdom_search_user_home( + + + + + userdomain_prefix + + + + , + + + + domain + + + )
+
+
+ +
Summary
+

+Search user home directories. +

+ + +
Description
+

+

+Search user home directories. +

+

+This is a templated interface, and should only +be called from a per-userdomain template. +

+

+ +
Parameters
+ + + + + + + +
Parameter:Description:Optional:
+userdomain_prefix + + +The prefix of the user domain (e.g., user +is the prefix for user_t). + + +No +
+domain + + +The type of the process performing this action. + + +No +
+
+
+
diff --git a/www/api-docs/templates.html b/www/api-docs/templates.html index 9b717e2..4a5a514 100644 --- a/www/api-docs/templates.html +++ b/www/api-docs/templates.html @@ -16,15 +16,24 @@    -  acct
+    -  + anaconda
+    -  consoletype
   -  dmesg
+    -  + dmidecode
+    -  firstboot
+    -  + kudzu
+    -  logrotate
@@ -67,6 +76,9 @@    -  loadkeys
+    -  + webalizer
+
+  @@ -88,6 +100,9 @@    -  kernel
+    -  + mls
+    -  selinux
@@ -103,9 +118,21 @@ services
+    -  + apache
+ +    -  + apm
+ +    -  + arpwatch
+    -  bind
+    -  + bluetooth
+    -  comsat
@@ -127,6 +154,12 @@    -  dictd
+    -  + finger
+ +    -  + ftp
+    -  gpm
@@ -151,6 +184,9 @@    -  ldap
+    -  + mailman
+    -  mta
@@ -172,9 +208,15 @@    -  postgresql
+    -  + ppp
+    -  privoxy
+    -  + radvd
+    -  remotelogin
@@ -190,6 +232,9 @@    -  samba
+    -  + sasl
+    -  sendmail
@@ -349,6 +394,75 @@ The template for creating an administrative user.
+Module: +apache

+Layer: +services

+

+ +apache_content_template( + + + + + prefix + + + )
+
+ +
+

+Create a set of derived types for apache +web content. +

+
+ +
+ +
+Module: +apache

+Layer: +services

+

+ +apache_per_userdomain_template( + + + + + userdomain_prefix + + + + , + + + + user_domain + + + + , + + + + user_role + + + )
+
+ +
+

+The per user domain template for the apache module. +

+
+ +
+ +
+Module: +mailman

+Layer: +services

+

+ +mailman_domain_template( + + + + + userdomain_prefix + + + )
+
+ +
+

+The template to define a mailmain domain. +

+
+ +
+ +
Module: mta

Layer: @@ -748,22 +888,6 @@ services

userdomain_prefix - - , - - - - user_domain - - - - , - - - - user_role - - )

@@ -1409,6 +1533,40 @@ Read user home files.
+Module: +userdomain

+Layer: +system

+

+ +userdom_search_user_home( + + + + + userdomain_prefix + + + + , + + + + domain + + + )
+
+ +
+

+Search user home directories. +

+
+ +
+ +
Module: userdomain

Layer: diff --git a/www/html/Changelog.txt b/www/html/Changelog.txt new file mode 100644 index 0000000..9c1d91f --- /dev/null +++ b/www/html/Changelog.txt @@ -0,0 +1,150 @@ +* Wed Oct 19 2005 Chris PeBenito - 20051019 +- Many fixes to make loadable modules build. +- Add targets for sechecker. +- Updated to sedoctool to read bool files and tunable + files separately. +- Changed the xml tag of to to be consistent + with gen_bool(). +- Modified the implementation of segenxml to use regular + expressions. +- Rename context_template() to gen_context() to clarify + that its not a Reference Policy template, but a support + macro. +- Add disable_*_trans bool support for targeted policy. +- Add MLS module to handle MLS constraint exceptions, + such as reading up and writing down. +- Fix errors uncovered by sediff. +- Added policies: + anaconda + apache + apm + arpwatch + bluetooth + dmidecode + finger + ftp + kudzu + mailman + ppp + radvd + radius + sasl + webalizer + +* Thu Sep 22 2005 Chris PeBenito - 20050922 +- Make logrotate, sendmail, sshd, and rpm policies + unconfined in the targeted policy so no special + modules.conf is required. +- Add experimental MCS support. +- Add appconfig for MLS. +- Add equivalents for old can_resolve(), can_ldap(), and + can_portmap() to sysnetwork. +- Fix base module compile issues. +- Added policies: + cpucontrol + cvs + ktalk + portmap + postgresql + rlogin + samba + snmp + stunnel + telnet + tftp + uucp + vpn + zebra + +* Wed Sep 07 2005 Chris PeBenito - 20050907 +- Fix errors uncovered by sediff. +- Doc tool will explicitly say a module does not have interfaces + or templates on the module page. +- Added policies: + comsat + dbus + dhcp + dictd + hal + inn + ntp + squid + +* Fri Aug 26 2005 Chris PeBenito - 20050826 +- Add Makefile support for building loadable modules. +- Add genclassperms.py tool to add require blocks + for loadable modules. +- Change sedoctool to make required modules part of base + by default, otherwise make as modules, in modules.conf. +- Fix segenxml to handle modules with no interfaces. +- Rename ipsec connect interface for consistency. +- Add missing parts of unix stream socket connect interface + of ipsec. +- Rename inetd connect interface for consistency. +- Rename interface for purging contents of tmp, for clarity, + since it allows deletion of classes other than file. +- Misc. cleanups. +- Added policies: + acct + bind + firstboot + gpm + howl + ldap + loadkeys + mysql + privoxy + quota + rshd + rsync + su + sudo + tcpd + tmpreaper + updfstab + +* Tue Aug 2 2005 Chris PeBenito - 20050802 +- Fix comparison bug in fc_sort. +- Fix handling of ordered and unordered HTML lists. +- Corenetwork now supports multiple network interfaces having the + same type. +- Doc tool now creates pages for global Booleans and global tunables. +- Doc tool now links directly to the interface/template in the + module page when it is selected in the interface/template index. +- Added support for layer summaries. +- Added policies: + ipsec + nscd + pcmcia + raid + +* Thu Jul 7 2005 Chris PeBenito - 20050707 +- Changed xml to have modules encapsulated by layer tags, rather + than putting layer="foo" in the module tags. Also in the future + we can put a summary and description for each layer. +- Added tool to infer interface, module, and layer tags. This will + now list all interfaces, even if they are missing xml docs. +- Shortened xml tag names. +- Added macros to declare interfaces and templates. +- Added interface call trace. +- Updated all xml documentation for shorter and inferred tags. +- Doc tool now displays templates in the web pages. +- Doc tool retains the user's settings in modules.conf and + tunables.conf if the files already exist. +- Modules.conf behavior has been changed to be a list of all + available modules, and the user can specify if the module is + built as a loadable module, included in the monolithic policy, + or excluded. +- Added policies: + fstools (fsck, mkfs, swapon, etc. tools) + logrotate + inetd + kerberos + nis (ypbind and ypserv) + ssh (server, client, and agent) + unconfined +- Added infrastructure for targeted policy support, only missing + transition boolean support. + +* Wed Jun 15 2005 Chris PeBenito - 20050615 + - Initial release diff --git a/www/html/status.html b/www/html/status.html index d23916e..eb3f389 100644 --- a/www/html/status.html +++ b/www/html/status.html @@ -1,5 +1,5 @@

Status

-Current Version: 20050922 +Current Version: 20051019

See download for download information. Details of this release are part of the changelog. @@ -7,7 +7,9 @@ the NSA example policy in sourceforge CVS. Currently both strict and targeted policies can be built. MLS policies can be built, but the policy has not been tested on running systems. MCS support has also - been added, but it is still experimental. + been added, but it is still experimental. Loadable modules can + now be built with a compiler that has the require-in-conditionals, + delcare-then-require, and stack-overflow patches applied.

 

Status and Tasks

@@ -34,9 +36,10 @@
Major improvements Infrastructure is in place to support both source policy and loadable policy modules. Makefile support completed. - Almost all policy modules can be compiled; however, - there are compiler issues which prevent all modules - from compiling.
Documentation Infrastructure
apache *+apache.te apache.fc apache_macros.teTresys
arpwatch *+arpwatch.te arpwatch.fcTresys
asterisk asterisk.te asterisk.fc
finger *+fingerd.te fingerd.fc fingerd_macros.te
fontconfig + fontconfig.te fontconfig.fc
kudzu *+kudzu.te kudzu.fcTresys
lcd lcd.te lcd.fc
networkmanager *+ NetworkManager.te NetworkManager.fcTresys
nsd
radius *+radius.te radius.fcTresys
radvd *+radvd.te radvd.fcTresys
razor razor.te razor.fc razor_macros.te
rpc *+ rpcd.te rpcd.fcTresys
rssh
sasl *+saslauthd.te saslauthd.fcTresys
scannerdaemon scannerdaemon.te scannerdaemon.fc
webalizer *+webalizer.te webalizer.fcTresys
xdm *+ xdm.te xdm.fc xdm_macros.te