@@ -55,11 +72,28 @@ + + consoletype +

+Determine of the console connected to the controlling terminal. +

+ + dmesg

Policy for dmesg.

+ + logrotate +

Rotate and archive system logs

+ + + + netutils +

Network analysis utilities

+ + rpm

Policy for the RPM package manager.

@@ -80,6 +114,9 @@ + + +

diff --git a/www/api-docs/admin_consoletype.html b/www/api-docs/admin_consoletype.html new file mode 100644 index 0000000..37a4b2d --- /dev/null +++ b/www/api-docs/admin_consoletype.html @@ -0,0 +1,172 @@ + + + + Security Enhanced Linux Reference Policy + + + + +

+ + +

+ +

Layer: admin

Module: consoletype

+ + + +

Description:

+ +

+Determine of the console connected to the controlling terminal. +

+ + + +

Interfaces:

+ +

+ + +

+
+consoletype_domtrans(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Execute consoletype in the consoletype domain. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+consoletype_exec(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Execute consoletype in the caller domain. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/admin_dmesg.html b/www/api-docs/admin_dmesg.html index 73b8b72..0d4fb90 100644 --- a/www/api-docs/admin_dmesg.html +++ b/www/api-docs/admin_dmesg.html @@ -13,9 +13,18 @@ admin

+    - + consoletype
+    - dmesg
+    - + logrotate
+ +    - + netutils
+    - rpm
@@ -24,6 +33,12 @@

+ + + apps
+

+ +

+ + kernel

@@ -44,15 +59,23 @@

* Interface Index +

+ * Template Index

Layer: admin

Module: dmesg

+ + +

Description:

Policy for dmesg.

+ +

Interfaces:

@@ -75,7 +98,7 @@

Description

- Execute dmesg in the dmesg domain. +Execute dmesg in the dmesg domain.

Parameters

@@ -86,7 +109,7 @@ domain - The type of the process performing this action. +The type of the process performing this action. No @@ -116,7 +139,7 @@ No

Description

- Execute dmesg in the caller domain. +Execute dmesg in the caller domain.

Parameters

@@ -127,7 +150,7 @@ No domain - The type of the process performing this action. +The type of the process performing this action. No @@ -138,6 +161,9 @@ No

+Return + +

diff --git a/www/api-docs/admin_logrotate.html b/www/api-docs/admin_logrotate.html new file mode 100644 index 0000000..d05e732 --- /dev/null +++ b/www/api-docs/admin_logrotate.html @@ -0,0 +1,289 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: admin

Module: logrotate

+ + + +

Description:

+ +

Rotate and archive system logs

+ + + +

Interfaces:

+ +

+ + +

+
+logrotate_domtrans(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute logrotate in the logrotate domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+logrotate_dontaudit_use_fd(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Do not audit attempts to inherit logrotate file descriptors. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to not audit. + +	+No +

+ +

+ + +

+
+logrotate_exec(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute logrotate in the caller domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+logrotate_run(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		role
+		
+	
+		
+			,
+		
+		
+		
+		terminal
+		
+	
+	)

+

+ +

Summary

+Execute logrotate in the logrotate domain, and +allow the specified role the logrotate domain. +

+ + +

Parameters

+ + + + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +
+role +	+ +The role to be allowed the logrotate domain. + +	+No +
+terminal +	+ +The type of the terminal allow the logrotate domain to use. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/admin_netutils.html b/www/api-docs/admin_netutils.html new file mode 100644 index 0000000..7beb0fd --- /dev/null +++ b/www/api-docs/admin_netutils.html @@ -0,0 +1,568 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: admin

Module: netutils

+ + + +

Description:

+ +

Network analysis utilities

+ + + +

Interfaces:

+ +

+ + +

+
+netutils_domtrans(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute network utilities in the netutils domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+netutils_domtrans_ping(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute ping in the ping domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+netutils_domtrans_traceroute(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute traceroute in the traceroute domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+netutils_exec(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute network utilities in the caller domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+netutils_exec_ping(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute ping in the caller domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+netutils_exec_traceroute(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Execute traceroute in the caller domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+netutils_run(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		role
+		
+	
+		
+			,
+		
+		
+		
+		terminal
+		
+	
+	)

+

+ +

Summary

+Execute network utilities in the netutils domain, and +allow the specified role the netutils domain. +

+ + +

Parameters

+ + + + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +
+role +	+ +The role to be allowed the netutils domain. + +	+No +
+terminal +	+ +The type of the terminal allow the netutils domain to use. + +	+No +

+ +

+ + +

+
+netutils_run_ping(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		role
+		
+	
+		
+			,
+		
+		
+		
+		terminal
+		
+	
+	)

+

+ +

Summary

+Execute ping in the ping domain, and +allow the specified role the ping domain. +

+ + +

Parameters

+ + + + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +
+role +	+ +The role to be allowed the ping domain. + +	+No +
+terminal +	+ +The type of the terminal allow the ping domain to use. + +	+No +

+ +

+ + +

+
+netutils_run_traceroute(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		role
+		
+	
+		
+			,
+		
+		
+		
+		terminal
+		
+	
+	)

+

+ +

Summary

+Execute traceroute in the traceroute domain, and +allow the specified role the traceroute domain. +

+ + +

Parameters

+ + + + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +
+role +	+ +The role to be allowed the traceroute domain. + +	+No +
+terminal +	+ +The type of the terminal allow the traceroute domain to use. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/admin_rpm.html b/www/api-docs/admin_rpm.html index 4abe612..ed15c7c 100644 --- a/www/api-docs/admin_rpm.html +++ b/www/api-docs/admin_rpm.html @@ -13,9 +13,18 @@ admin

+    - + consoletype
+    - dmesg
+    - + logrotate
+ +    - + netutils
+    - rpm
@@ -24,6 +33,12 @@

+ + + apps
+

+ +

+ + kernel

@@ -44,15 +59,23 @@

* Interface Index +

+ * Template Index

Layer: admin

Module: rpm

+ + +

Description:

Policy for the RPM package manager.

+ +

Interfaces:

@@ -72,12 +95,53 @@

Summary

+Execute rpm programs in the rpm domain. +

+ -

Description

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+rpm_manage_db(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

+ + +

Description:

Policy for the kernel modules, kernel image, and bootloader.

+ +

Interfaces:

@@ -90,7 +104,7 @@

Description

- Install a kernel into the /boot directory. +Install a kernel into the /boot directory.

Parameters

@@ -101,7 +115,7 @@ domain

+ +

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -211,12 +275,12 @@ No

- -

Description

Summary

- Execute RPM programs in the RPM domain. +Execute RPM programs in the RPM domain.

Parameters

@@ -225,7 +289,7 @@ No domain + + + @@ -214,7 +275,7 @@ Device nodes and interfaces for many basic system devices. kernel @@ -246,7 +307,7 @@ Policy for kernel security interface, in particular, selinuxfs.

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -235,7 +299,7 @@ No role

- The role to allow the RPM domain. +The role to allow the RPM domain.

No @@ -245,7 +309,7 @@ No terminal

- The type of the terminal allow the RPM domain to use. +The type of the terminal allow the RPM domain to use.

No @@ -272,12 +336,12 @@ No

- -

Description

Summary

- Inherit and use file descriptors from RPM. +Inherit and use file descriptors from RPM.

Parameters

@@ -286,7 +350,7 @@ No domain + +

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -297,6 +361,9 @@ No +Return + + diff --git a/www/api-docs/admin_usermanage.html b/www/api-docs/admin_usermanage.html index dde0c32..6453b11 100644 --- a/www/api-docs/admin_usermanage.html +++ b/www/api-docs/admin_usermanage.html @@ -13,9 +13,18 @@ admin

+    - + consoletype
+    - dmesg
+    - + logrotate
+ +    - + netutils
+    - rpm
@@ -24,6 +33,12 @@

+ + + apps
+

+ +

+ + kernel

@@ -44,15 +59,23 @@

* Interface Index +

+ * Template Index

Layer: admin

Module: usermanage

+ + +

Description:

Policy for managing user accounts.

@@ -209,7 +232,48 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ + +

+
+usermanage_read_crack_db(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read the crack database. +

Layer: apps

+ + + + + + + + + + + + + + + + + + + + + + +
Module: Description:
+ + gpg
Policy for GNU Privacy Guard and related programs.
+

+ +

+ + diff --git a/www/api-docs/apps_gpg.html b/www/api-docs/apps_gpg.html new file mode 100644 index 0000000..c354b75 --- /dev/null +++ b/www/api-docs/apps_gpg.html @@ -0,0 +1,128 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: apps

Module: gpg

+ +

Description:

+ +

Policy for GNU Privacy Guard and related programs.

+ + + + +

Templates:

+ +

+ + +

+
+gpg_per_userdomain_template(
+	
+		
+		
+		
+		userdomain_prefix
+		
+	
+	)

+

+ +

Summary

+The per user domain template for the gpg module. +

+ + +

Description

+This template creates the types and rules for GPG, +GPG-agent, and GPG helper programs. This protects +the user keys and secrets, and runs the programs +in domains specific to the user type. +

+This is invoked automatically for each user and +generally does not need to be invoked directly +by policy writers. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+userdomain_prefix +	+ +The prefix of the user domain (e.g., user +is the prefix for user_t). + +	+No +

+ + +Return + + +

+ + diff --git a/www/api-docs/index.html b/www/api-docs/index.html index b7d6703..60256bc 100644 --- a/www/api-docs/index.html +++ b/www/api-docs/index.html @@ -13,9 +13,18 @@ admin

+    - + consoletype
+    - dmesg
+    - + logrotate
+ +    - + netutils
+    - rpm
@@ -24,6 +33,15 @@

+ + + apps
+

+ + - + gpg
+ +

+ + kernel

@@ -58,15 +76,30 @@ services

+    - + cron
+ +    - + inetd
+ +    - + kerberos
+    - mta
+    - + nis
+    - remotelogin
   - sendmail
+    - + ssh
+

+ @@ -88,6 +121,9 @@    - files
+    - + fstools
+    - getty
@@ -140,6 +176,8 @@

* Interface Index +

+ * Template Index

@@ -151,11 +189,28 @@

+ + consoletype

+Determine of the console connected to the controlling terminal. +

dmesg

Policy for dmesg.

+ + logrotate

Rotate and archive system logs

+ + netutils

Network analysis utilities

rpm

Policy for the RPM package manager.

@@ -188,6 +246,9 @@

bootloader

-Policy for kernel threads, proc filesystem, +Policy for kernel threads, proc filesystem, and unlabeled processes and objects.

Layer: services

Layer: apps

@@ -255,23 +316,16 @@ Policy for kernel security interface, in particular, selinuxfs. - - - - + + gpg + - - + + - - + + @@ -296,6 +350,9 @@ Policy for kernel security interface, in particular, selinuxfs. + + + @@ -327,6 +384,11 @@ Basic filesystem types and interfaces.
+ + + @@ -414,6 +476,69 @@ connection and disconnection of devices at runtime.

Module: Description:
- - mta
Policy common to all email tranfer agents.
Policy for GNU Privacy Guard and related programs.
- - remotelogin
Policy for rshd, rlogind, and telnetd.
- - sendmail
Policy for sendmail.
authlogin
+ + fstools
Tools for filesystem management, such as mkfs and fsck.
getty
Policy for getty.

Layer: services

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Module: Description:
+ + cron
Periodic execution of scheduled commands.
+ + inetd
Internet services daemon.
+ + kerberos
MIT Kerberos admin and KDC
+ + mta
Policy common to all email tranfer agents.
+ + nis
Policy for NIS (YP) servers and clients
+ + remotelogin
Policy for rshd, rlogind, and telnetd.
+ + sendmail
Policy for sendmail.
+ + ssh
Secure shell client and server policy.
+

diff --git a/www/api-docs/interfaces.html b/www/api-docs/interfaces.html index 4edbaa1..aee2de3 100644 --- a/www/api-docs/interfaces.html +++ b/www/api-docs/interfaces.html @@ -13,9 +13,18 @@ admin

+    - + consoletype
+    - dmesg
+    - + logrotate
+ +    - + netutils
+    - rpm
@@ -24,6 +33,15 @@

+ + + apps
+

+ + - + gpg
+ +

+ + kernel

@@ -58,15 +76,30 @@ services

+    - + cron
+ +    - + inetd
+ +    - + kerberos
+    - mta
+    - + nis
+    - remotelogin
   - sendmail
+    - + ssh
+

+ @@ -88,6 +121,9 @@    - files
+    - + fstools
+    - getty
@@ -140,6 +176,8 @@

* Interface Index +

+ * Template Index

@@ -241,6 +279,32 @@ Layer: system

 
+auth_domtrans_pam_console(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+ auth_domtrans_utempter( @@ -306,12 +370,18 @@ system

- domain + ? )

+Summary is missing! +

@@ -346,12 +416,18 @@ system

- domain + ? )

+Summary is missing! +

@@ -413,17 +489,153 @@ Layer: system

 
+auth_manage_login_records(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+
+auth_manage_pam_console_data(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+
+auth_manage_shadow(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+
 auth_read_login_records(
 	
 		
 		
 		
-		domain
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+
+auth_read_pam_console_data(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+
+auth_read_pam_pid(
+	
+		
+		
+		
+		?
 		
 	
 	)

 

+Summary is missing! +

@@ -485,6 +697,32 @@ Layer: system

 
+auth_relabelto_shadow(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +authlogin

+Layer: +system

+ auth_run_pam( @@ -557,17 +795,23 @@ Layer: system

 
-auth_rw_shadow(
+auth_rw_faillog(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

@@ -577,47 +821,59 @@ Layer: system

 
-authlogin_per_userdomain_template(
+auth_rw_lastlog(
 	
-		userdomain_prefix
+		?
 		
 	)

+Summary is missing! +

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

 
-bootloader_create_kernel(
+auth_rw_login_records(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -bootloader

-Layer: -kernel

+Module: +authlogin

+Layer: +system

-bootloader_create_kernel_symbol_table( +auth_rw_shadow( @@ -637,7 +893,7 @@ Layer: kernel

-bootloader_create_runtime_file( +bootloader_create_kernel( @@ -657,7 +913,7 @@ Layer: kernel

-bootloader_delete_kernel( +bootloader_create_kernel_symbol_table( @@ -677,17 +933,23 @@ Layer: kernel

 
-bootloader_delete_kernel_symbol_table(
+bootloader_create_modules(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

@@ -697,7 +959,7 @@ Layer: kernel

-bootloader_domtrans( +bootloader_create_runtime_file( @@ -717,7 +979,7 @@ Layer: kernel

-bootloader_dontaudit_search_boot( +bootloader_delete_kernel( @@ -737,7 +999,7 @@ Layer: kernel

-bootloader_list_kernel_modules( +bootloader_delete_kernel_symbol_table( @@ -757,7 +1019,7 @@ Layer: kernel

-bootloader_manage_kernel_modules( +bootloader_domtrans( @@ -777,7 +1039,7 @@ Layer: kernel

-bootloader_read_config( +bootloader_dontaudit_search_boot( @@ -797,7 +1059,7 @@ Layer: kernel

-bootloader_read_kernel_modules( +bootloader_list_kernel_modules( @@ -817,7 +1079,67 @@ Layer: kernel

 
-bootloader_read_kernel_symbol_table(
+bootloader_manage_kernel_modules(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

+Module: +bootloader

+Layer: +kernel

+
+bootloader_read_config(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

+Module: +bootloader

+Layer: +kernel

+
+bootloader_read_kernel_modules(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

+Module: +bootloader

+Layer: +kernel

+ +bootloader_read_kernel_symbol_table( @@ -933,7 +1255,7 @@ Layer: kernel

-bootloader_search_boot_dir( +bootloader_search_boot( @@ -1063,13 +1385,13 @@ system

-Module: -corecommands

-Layer: -system

+Module: +consoletype

+Layer: +admin

-corecmd_domtrans_shell( +consoletype_domtrans( @@ -1077,17 +1399,55 @@ system

domain + )
+

+ +

+Module: +consoletype

+Layer: +admin

+
+consoletype_exec(
+	
+		
 		
-			,
 		
+		domain
 		
+	
+	)

+

+ +

+Module: +corecommands

+Layer: +system

+
+corecmd_chroot_exec_chroot(
+	
 		
-		target_domain
+		
+		
+		?
 		
 	
 	)

 

+Summary is missing! +

@@ -1097,7 +1457,7 @@ Layer: system

-corecmd_shell_spec_domtrans( +corecmd_domtrans_shell( @@ -1119,113 +1479,143 @@ system

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_compat_ipv4_node(
+corecmd_dontaudit_getattr_sbin_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_eth0(
+corecmd_exec_bin(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_eth1(
+corecmd_exec_ls(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_eth2(
+corecmd_exec_sbin(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_inaddr_any_node(
+corecmd_exec_shell(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_ippp0( +corecmd_getattr_bin_file( @@ -1236,76 +1626,100 @@ kernel

)

+Get the attributes of files in bin directories. +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_ipsec0(
+corecmd_getattr_sbin_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_ipsec1(
+corecmd_list_bin(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_ipsec2(
+corecmd_list_sbin(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_link_local_node( +corecmd_read_bin_symlink( @@ -1316,16 +1730,22 @@ kernel

)

+Read symbolic links in bin directories. +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_lo( +corecmd_read_sbin_symlink( @@ -1336,56 +1756,74 @@ kernel

)

+Read symbolic links in sbin directories. +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_lo_node(
+corecmd_search_bin(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

 
-corenet_raw_receive_mapped_ipv4_node(
+corecmd_search_sbin(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_multicast_node( +corecmd_shell_entry_type( @@ -1396,16 +1834,22 @@ kernel

)

+Make the shell an entrypoint for the specified domain. +

-Module: -corenetwork

-Layer: -kernel

+Module: +corecommands

+Layer: +system

-corenet_raw_receive_site_local_node( +corecmd_shell_spec_domtrans( @@ -1413,6 +1857,14 @@ kernel

domain + + , + + + + target_domain + + )

@@ -1425,7 +1877,7 @@ Layer: kernel

-corenet_raw_receive_unspec_node( +corenet_dontaudit_tcp_bind_all_reserved_ports( @@ -1436,6 +1888,12 @@ kernel

)

+Do not audit attempts to bind TCP sockets to all reserved ports. +

@@ -1445,7 +1903,7 @@ Layer: kernel

-corenet_raw_send_compat_ipv4_node( +corenet_dontaudit_udp_bind_all_reserved_ports( @@ -1456,6 +1914,12 @@ kernel

)

+Do not audit attempts to bind UDP sockets to all reserved ports. +

@@ -1465,7 +1929,7 @@ Layer: kernel

-corenet_raw_send_eth0( +corenet_raw_receive_all_if( @@ -1476,6 +1940,12 @@ kernel

)

+Receive raw IP packets on all interfaces. +

@@ -1485,7 +1955,7 @@ Layer: kernel

-corenet_raw_send_eth1( +corenet_raw_receive_all_nodes( @@ -1496,6 +1966,12 @@ kernel

)

+Receive raw IP packets on all nodes. +

@@ -1505,7 +1981,7 @@ Layer: kernel

-corenet_raw_send_eth2( +corenet_raw_receive_compat_ipv4_node( @@ -1525,7 +2001,7 @@ Layer: kernel

-corenet_raw_send_inaddr_any_node( +corenet_raw_receive_eth0( @@ -1545,7 +2021,7 @@ Layer: kernel

-corenet_raw_send_ippp0( +corenet_raw_receive_eth1( @@ -1565,7 +2041,7 @@ Layer: kernel

-corenet_raw_send_ipsec0( +corenet_raw_receive_eth2( @@ -1585,7 +2061,7 @@ Layer: kernel

-corenet_raw_send_ipsec1( +corenet_raw_receive_generic_if( @@ -1596,6 +2072,12 @@ kernel

)

+Receive raw IP packets on generic interfaces. +

@@ -1605,7 +2087,7 @@ Layer: kernel

-corenet_raw_send_ipsec2( +corenet_raw_receive_generic_node( @@ -1616,6 +2098,12 @@ kernel

)

+Receive raw IP packets on generic nodes. +

@@ -1625,7 +2113,7 @@ Layer: kernel

-corenet_raw_send_link_local_node( +corenet_raw_receive_inaddr_any_node( @@ -1645,7 +2133,7 @@ Layer: kernel

-corenet_raw_send_lo( +corenet_raw_receive_ippp0( @@ -1665,7 +2153,7 @@ Layer: kernel

-corenet_raw_send_lo_node( +corenet_raw_receive_ipsec0( @@ -1685,7 +2173,7 @@ Layer: kernel

-corenet_raw_send_mapped_ipv4_node( +corenet_raw_receive_ipsec1( @@ -1705,7 +2193,7 @@ Layer: kernel

-corenet_raw_send_multicast_node( +corenet_raw_receive_ipsec2( @@ -1725,7 +2213,7 @@ Layer: kernel

-corenet_raw_send_site_local_node( +corenet_raw_receive_link_local_node( @@ -1745,7 +2233,7 @@ Layer: kernel

-corenet_raw_send_unspec_node( +corenet_raw_receive_lo( @@ -1765,7 +2253,7 @@ Layer: kernel

-corenet_raw_sendrecv_compat_ipv4_node( +corenet_raw_receive_lo_node( @@ -1785,7 +2273,7 @@ Layer: kernel

-corenet_raw_sendrecv_eth0( +corenet_raw_receive_mapped_ipv4_node( @@ -1805,7 +2293,7 @@ Layer: kernel

-corenet_raw_sendrecv_eth1( +corenet_raw_receive_multicast_node( @@ -1825,7 +2313,7 @@ Layer: kernel

-corenet_raw_sendrecv_eth2( +corenet_raw_receive_site_local_node( @@ -1845,7 +2333,7 @@ Layer: kernel

-corenet_raw_sendrecv_inaddr_any_node( +corenet_raw_receive_unspec_node( @@ -1865,7 +2353,7 @@ Layer: kernel

-corenet_raw_sendrecv_ippp0( +corenet_raw_send_all_if( @@ -1876,6 +2364,12 @@ kernel

)

+Send raw IP packets on all interfaces. +

@@ -1885,7 +2379,7 @@ Layer: kernel

-corenet_raw_sendrecv_ipsec0( +corenet_raw_send_all_nodes( @@ -1896,6 +2390,12 @@ kernel

)

+Send raw IP packets on all nodes. +

@@ -1905,7 +2405,7 @@ Layer: kernel

-corenet_raw_sendrecv_ipsec1( +corenet_raw_send_compat_ipv4_node( @@ -1925,7 +2425,7 @@ Layer: kernel

-corenet_raw_sendrecv_ipsec2( +corenet_raw_send_eth0( @@ -1945,7 +2445,7 @@ Layer: kernel

-corenet_raw_sendrecv_link_local_node( +corenet_raw_send_eth1( @@ -1965,7 +2465,7 @@ Layer: kernel

-corenet_raw_sendrecv_lo( +corenet_raw_send_eth2( @@ -1985,7 +2485,7 @@ Layer: kernel

-corenet_raw_sendrecv_lo_node( +corenet_raw_send_generic_if( @@ -1996,6 +2496,12 @@ kernel

)

+Send raw IP packets on generic interfaces. +

@@ -2005,7 +2511,7 @@ Layer: kernel

-corenet_raw_sendrecv_mapped_ipv4_node( +corenet_raw_send_generic_node( @@ -2016,6 +2522,12 @@ kernel

)

+Send raw IP packets on generic nodes. +

@@ -2025,7 +2537,7 @@ Layer: kernel

-corenet_raw_sendrecv_multicast_node( +corenet_raw_send_inaddr_any_node( @@ -2045,7 +2557,7 @@ Layer: kernel

-corenet_raw_sendrecv_site_local_node( +corenet_raw_send_ippp0( @@ -2065,7 +2577,7 @@ Layer: kernel

-corenet_raw_sendrecv_unspec_node( +corenet_raw_send_ipsec0( @@ -2085,7 +2597,7 @@ Layer: kernel

-corenet_tcp_bind_amanda_port( +corenet_raw_send_ipsec1( @@ -2105,7 +2617,7 @@ Layer: kernel

-corenet_tcp_bind_compat_ipv4_node( +corenet_raw_send_ipsec2( @@ -2125,7 +2637,7 @@ Layer: kernel

-corenet_tcp_bind_dbskkd_port( +corenet_raw_send_link_local_node( @@ -2145,7 +2657,7 @@ Layer: kernel

-corenet_tcp_bind_dhcpc_port( +corenet_raw_send_lo( @@ -2165,7 +2677,7 @@ Layer: kernel

-corenet_tcp_bind_dhcpd_port( +corenet_raw_send_lo_node( @@ -2185,7 +2697,7 @@ Layer: kernel

-corenet_tcp_bind_dict_port( +corenet_raw_send_mapped_ipv4_node( @@ -2205,7 +2717,7 @@ Layer: kernel

-corenet_tcp_bind_dns_port( +corenet_raw_send_multicast_node( @@ -2225,7 +2737,7 @@ Layer: kernel

-corenet_tcp_bind_fingerd_port( +corenet_raw_send_site_local_node( @@ -2245,7 +2757,7 @@ Layer: kernel

-corenet_tcp_bind_ftp_data_port( +corenet_raw_send_unspec_node( @@ -2265,7 +2777,7 @@ Layer: kernel

-corenet_tcp_bind_ftp_port( +corenet_raw_sendrecv_all_if( @@ -2276,6 +2788,12 @@ kernel

)

+Send and receive raw IP packets on all interfaces. +

@@ -2285,7 +2803,7 @@ Layer: kernel

-corenet_tcp_bind_howl_port( +corenet_raw_sendrecv_all_nodes( @@ -2296,6 +2814,12 @@ kernel

)

+Send and receive raw IP packets on all nodes. +

@@ -2305,7 +2829,7 @@ Layer: kernel

-corenet_tcp_bind_http_cache_port( +corenet_raw_sendrecv_compat_ipv4_node( @@ -2325,7 +2849,7 @@ Layer: kernel

-corenet_tcp_bind_http_port( +corenet_raw_sendrecv_eth0( @@ -2345,7 +2869,7 @@ Layer: kernel

-corenet_tcp_bind_inaddr_any_node( +corenet_raw_sendrecv_eth1( @@ -2365,7 +2889,7 @@ Layer: kernel

-corenet_tcp_bind_inetd_child_port( +corenet_raw_sendrecv_eth2( @@ -2385,7 +2909,7 @@ Layer: kernel

-corenet_tcp_bind_innd_port( +corenet_raw_sendrecv_generic_if( @@ -2396,6 +2920,12 @@ kernel

)

+Send and receive raw IP packets on generic interfaces. +

@@ -2405,7 +2935,7 @@ Layer: kernel

-corenet_tcp_bind_ipp_port( +corenet_raw_sendrecv_generic_node( @@ -2416,6 +2946,12 @@ kernel

)

+Send and receive raw IP packets on generic nodes. +

@@ -2425,7 +2961,7 @@ Layer: kernel

-corenet_tcp_bind_kerberos_admin_port( +corenet_raw_sendrecv_inaddr_any_node( @@ -2445,7 +2981,7 @@ Layer: kernel

-corenet_tcp_bind_kerberos_master_port( +corenet_raw_sendrecv_ippp0( @@ -2465,7 +3001,7 @@ Layer: kernel

-corenet_tcp_bind_kerberos_port( +corenet_raw_sendrecv_ipsec0( @@ -2485,7 +3021,7 @@ Layer: kernel

-corenet_tcp_bind_ktalkd_port( +corenet_raw_sendrecv_ipsec1( @@ -2505,7 +3041,7 @@ Layer: kernel

-corenet_tcp_bind_ldap_port( +corenet_raw_sendrecv_ipsec2( @@ -2525,7 +3061,7 @@ Layer: kernel

-corenet_tcp_bind_link_local_node( +corenet_raw_sendrecv_link_local_node( @@ -2545,7 +3081,7 @@ Layer: kernel

-corenet_tcp_bind_lo_node( +corenet_raw_sendrecv_lo( @@ -2565,7 +3101,7 @@ Layer: kernel

-corenet_tcp_bind_mail_port( +corenet_raw_sendrecv_lo_node( @@ -2585,7 +3121,7 @@ Layer: kernel

-corenet_tcp_bind_mapped_ipv4_node( +corenet_raw_sendrecv_mapped_ipv4_node( @@ -2605,7 +3141,7 @@ Layer: kernel

-corenet_tcp_bind_multicast_node( +corenet_raw_sendrecv_multicast_node( @@ -2625,7 +3161,7 @@ Layer: kernel

-corenet_tcp_bind_mysqld_port( +corenet_raw_sendrecv_site_local_node( @@ -2645,7 +3181,7 @@ Layer: kernel

-corenet_tcp_bind_nmbd_port( +corenet_raw_sendrecv_unspec_node( @@ -2665,7 +3201,7 @@ Layer: kernel

-corenet_tcp_bind_pop_port( +corenet_tcp_bind_all_nodes( @@ -2676,8 +3212,14 @@ kernel

)

- +

+Bind TCP sockets to all nodes. +

+ +

Module: corenetwork

@@ -2685,7 +3227,7 @@ Layer: kernel

-corenet_tcp_bind_portmap_port( +corenet_tcp_bind_all_ports( @@ -2696,6 +3238,12 @@ kernel

)

+Bind TCP sockets to all ports. +

@@ -2705,7 +3253,7 @@ Layer: kernel

-corenet_tcp_bind_postgresql_port( +corenet_tcp_bind_all_reserved_ports( @@ -2716,6 +3264,12 @@ kernel

)

+Bind TCP sockets to all reserved ports. +

@@ -2725,7 +3279,7 @@ Layer: kernel

-corenet_tcp_bind_printer_port( +corenet_tcp_bind_amanda_port( @@ -2745,7 +3299,7 @@ Layer: kernel

-corenet_tcp_bind_pxe_port( +corenet_tcp_bind_compat_ipv4_node( @@ -2765,7 +3319,7 @@ Layer: kernel

-corenet_tcp_bind_radacct_port( +corenet_tcp_bind_dbskkd_port( @@ -2785,7 +3339,7 @@ Layer: kernel

-corenet_tcp_bind_radius_port( +corenet_tcp_bind_dhcpc_port( @@ -2805,7 +3359,7 @@ Layer: kernel

-corenet_tcp_bind_rsh_port( +corenet_tcp_bind_dhcpd_port( @@ -2825,7 +3379,7 @@ Layer: kernel

-corenet_tcp_bind_rsync_port( +corenet_tcp_bind_dict_port( @@ -2845,7 +3399,7 @@ Layer: kernel

-corenet_tcp_bind_site_local_node( +corenet_tcp_bind_dns_port( @@ -2865,7 +3419,7 @@ Layer: kernel

-corenet_tcp_bind_smbd_port( +corenet_tcp_bind_fingerd_port( @@ -2885,7 +3439,7 @@ Layer: kernel

-corenet_tcp_bind_smtp_port( +corenet_tcp_bind_ftp_data_port( @@ -2905,7 +3459,7 @@ Layer: kernel

-corenet_tcp_bind_snmp_port( +corenet_tcp_bind_ftp_port( @@ -2925,7 +3479,7 @@ Layer: kernel

-corenet_tcp_bind_ssh_port( +corenet_tcp_bind_generic_node( @@ -2936,6 +3490,12 @@ kernel

)

+Bind TCP sockets to generic nodes. +

@@ -2945,7 +3505,7 @@ Layer: kernel

-corenet_tcp_bind_swat_port( +corenet_tcp_bind_generic_port( @@ -2956,6 +3516,12 @@ kernel

)

+Bind TCP sockets to generic ports. +

@@ -2965,7 +3531,7 @@ Layer: kernel

-corenet_tcp_bind_syslogd_port( +corenet_tcp_bind_howl_port( @@ -2985,7 +3551,7 @@ Layer: kernel

-corenet_tcp_bind_telnetd_port( +corenet_tcp_bind_http_cache_port( @@ -3005,7 +3571,7 @@ Layer: kernel

-corenet_tcp_bind_tftp_port( +corenet_tcp_bind_http_port( @@ -3025,7 +3591,7 @@ Layer: kernel

-corenet_tcp_bind_unspec_node( +corenet_tcp_bind_inaddr_any_node( @@ -3045,7 +3611,7 @@ Layer: kernel

-corenet_tcp_bind_vnc_port( +corenet_tcp_bind_inetd_child_port( @@ -3065,7 +3631,7 @@ Layer: kernel

-corenet_tcp_bind_xserver_port( +corenet_tcp_bind_innd_port( @@ -3085,7 +3651,7 @@ Layer: kernel

-corenet_tcp_bind_zebra_port( +corenet_tcp_bind_ipp_port( @@ -3105,7 +3671,7 @@ Layer: kernel

-corenet_tcp_sendrecv_amanda_port( +corenet_tcp_bind_kerberos_admin_port( @@ -3125,7 +3691,7 @@ Layer: kernel

-corenet_tcp_sendrecv_compat_ipv4_node( +corenet_tcp_bind_kerberos_master_port( @@ -3145,7 +3711,7 @@ Layer: kernel

-corenet_tcp_sendrecv_dbskkd_port( +corenet_tcp_bind_kerberos_port( @@ -3165,7 +3731,7 @@ Layer: kernel

-corenet_tcp_sendrecv_dhcpc_port( +corenet_tcp_bind_ktalkd_port( @@ -3185,7 +3751,7 @@ Layer: kernel

-corenet_tcp_sendrecv_dhcpd_port( +corenet_tcp_bind_ldap_port( @@ -3205,7 +3771,7 @@ Layer: kernel

-corenet_tcp_sendrecv_dict_port( +corenet_tcp_bind_link_local_node( @@ -3225,7 +3791,7 @@ Layer: kernel

-corenet_tcp_sendrecv_dns_port( +corenet_tcp_bind_lo_node( @@ -3245,7 +3811,7 @@ Layer: kernel

-corenet_tcp_sendrecv_eth0( +corenet_tcp_bind_mail_port( @@ -3265,7 +3831,7 @@ Layer: kernel

-corenet_tcp_sendrecv_eth1( +corenet_tcp_bind_mapped_ipv4_node( @@ -3285,7 +3851,7 @@ Layer: kernel

-corenet_tcp_sendrecv_eth2( +corenet_tcp_bind_multicast_node( @@ -3305,7 +3871,7 @@ Layer: kernel

-corenet_tcp_sendrecv_fingerd_port( +corenet_tcp_bind_mysqld_port( @@ -3325,7 +3891,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ftp_data_port( +corenet_tcp_bind_nmbd_port( @@ -3345,7 +3911,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ftp_port( +corenet_tcp_bind_pop_port( @@ -3365,7 +3931,7 @@ Layer: kernel

-corenet_tcp_sendrecv_generic_if( +corenet_tcp_bind_portmap_port( @@ -3385,7 +3951,7 @@ Layer: kernel

-corenet_tcp_sendrecv_howl_port( +corenet_tcp_bind_postgresql_port( @@ -3405,7 +3971,7 @@ Layer: kernel

-corenet_tcp_sendrecv_http_cache_port( +corenet_tcp_bind_printer_port( @@ -3425,7 +3991,7 @@ Layer: kernel

-corenet_tcp_sendrecv_http_port( +corenet_tcp_bind_pxe_port( @@ -3445,7 +4011,7 @@ Layer: kernel

-corenet_tcp_sendrecv_inaddr_any_node( +corenet_tcp_bind_radacct_port( @@ -3465,7 +4031,7 @@ Layer: kernel

-corenet_tcp_sendrecv_inetd_child_port( +corenet_tcp_bind_radius_port( @@ -3485,7 +4051,7 @@ Layer: kernel

-corenet_tcp_sendrecv_innd_port( +corenet_tcp_bind_reserved_port( @@ -3496,6 +4062,12 @@ kernel

)

+Bind TCP sockets to generic reserved ports. +

@@ -3505,7 +4077,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ipp_port( +corenet_tcp_bind_rsh_port( @@ -3525,7 +4097,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ippp0( +corenet_tcp_bind_rsync_port( @@ -3545,7 +4117,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ipsec0( +corenet_tcp_bind_site_local_node( @@ -3565,7 +4137,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ipsec1( +corenet_tcp_bind_smbd_port( @@ -3585,7 +4157,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ipsec2( +corenet_tcp_bind_smtp_port( @@ -3605,7 +4177,7 @@ Layer: kernel

-corenet_tcp_sendrecv_kerberos_admin_port( +corenet_tcp_bind_snmp_port( @@ -3625,7 +4197,7 @@ Layer: kernel

-corenet_tcp_sendrecv_kerberos_master_port( +corenet_tcp_bind_ssh_port( @@ -3645,7 +4217,7 @@ Layer: kernel

-corenet_tcp_sendrecv_kerberos_port( +corenet_tcp_bind_swat_port( @@ -3665,7 +4237,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ktalkd_port( +corenet_tcp_bind_syslogd_port( @@ -3685,7 +4257,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ldap_port( +corenet_tcp_bind_telnetd_port( @@ -3705,7 +4277,7 @@ Layer: kernel

-corenet_tcp_sendrecv_link_local_node( +corenet_tcp_bind_tftp_port( @@ -3725,7 +4297,7 @@ Layer: kernel

-corenet_tcp_sendrecv_lo( +corenet_tcp_bind_unspec_node( @@ -3745,7 +4317,7 @@ Layer: kernel

-corenet_tcp_sendrecv_lo_node( +corenet_tcp_bind_vnc_port( @@ -3765,7 +4337,7 @@ Layer: kernel

-corenet_tcp_sendrecv_mail_port( +corenet_tcp_bind_xserver_port( @@ -3785,7 +4357,7 @@ Layer: kernel

-corenet_tcp_sendrecv_mapped_ipv4_node( +corenet_tcp_bind_zebra_port( @@ -3805,7 +4377,7 @@ Layer: kernel

-corenet_tcp_sendrecv_multicast_node( +corenet_tcp_sendrecv_all_if( @@ -3816,6 +4388,12 @@ kernel

)

+Send and receive TCP network traffic on all interfaces. +

@@ -3825,7 +4403,7 @@ Layer: kernel

-corenet_tcp_sendrecv_mysqld_port( +corenet_tcp_sendrecv_all_nodes( @@ -3836,6 +4414,12 @@ kernel

)

+Send and receive TCP network traffic on all nodes. +

@@ -3845,7 +4429,7 @@ Layer: kernel

-corenet_tcp_sendrecv_nmbd_port( +corenet_tcp_sendrecv_all_ports( @@ -3856,6 +4440,12 @@ kernel

)

+Send and receive TCP network traffic on all ports. +

@@ -3865,7 +4455,7 @@ Layer: kernel

-corenet_tcp_sendrecv_pop_port( +corenet_tcp_sendrecv_all_reserved_ports( @@ -3876,6 +4466,12 @@ kernel

)

+Send and receive TCP network traffic on all reserved ports. +

@@ -3885,7 +4481,7 @@ Layer: kernel

-corenet_tcp_sendrecv_portmap_port( +corenet_tcp_sendrecv_amanda_port( @@ -3905,7 +4501,7 @@ Layer: kernel

-corenet_tcp_sendrecv_postgresql_port( +corenet_tcp_sendrecv_compat_ipv4_node( @@ -3925,7 +4521,7 @@ Layer: kernel

-corenet_tcp_sendrecv_printer_port( +corenet_tcp_sendrecv_dbskkd_port( @@ -3945,7 +4541,7 @@ Layer: kernel

-corenet_tcp_sendrecv_pxe_port( +corenet_tcp_sendrecv_dhcpc_port( @@ -3965,7 +4561,7 @@ Layer: kernel

-corenet_tcp_sendrecv_radacct_port( +corenet_tcp_sendrecv_dhcpd_port( @@ -3985,7 +4581,7 @@ Layer: kernel

-corenet_tcp_sendrecv_radius_port( +corenet_tcp_sendrecv_dict_port( @@ -4005,7 +4601,7 @@ Layer: kernel

-corenet_tcp_sendrecv_rsh_port( +corenet_tcp_sendrecv_dns_port( @@ -4025,7 +4621,7 @@ Layer: kernel

-corenet_tcp_sendrecv_rsync_port( +corenet_tcp_sendrecv_eth0( @@ -4045,7 +4641,7 @@ Layer: kernel

-corenet_tcp_sendrecv_site_local_node( +corenet_tcp_sendrecv_eth1( @@ -4065,7 +4661,7 @@ Layer: kernel

-corenet_tcp_sendrecv_smbd_port( +corenet_tcp_sendrecv_eth2( @@ -4085,7 +4681,7 @@ Layer: kernel

-corenet_tcp_sendrecv_smtp_port( +corenet_tcp_sendrecv_fingerd_port( @@ -4105,7 +4701,7 @@ Layer: kernel

-corenet_tcp_sendrecv_snmp_port( +corenet_tcp_sendrecv_ftp_data_port( @@ -4125,7 +4721,7 @@ Layer: kernel

-corenet_tcp_sendrecv_ssh_port( +corenet_tcp_sendrecv_ftp_port( @@ -4145,7 +4741,7 @@ Layer: kernel

-corenet_tcp_sendrecv_swat_port( +corenet_tcp_sendrecv_generic_if( @@ -4156,6 +4752,12 @@ kernel

)

+Send and receive TCP network traffic on the generic interfaces. +

@@ -4165,7 +4767,7 @@ Layer: kernel

-corenet_tcp_sendrecv_syslogd_port( +corenet_tcp_sendrecv_generic_node( @@ -4176,6 +4778,12 @@ kernel

)

+Send and receive TCP network traffic on generic nodes. +

@@ -4185,7 +4793,7 @@ Layer: kernel

-corenet_tcp_sendrecv_telnetd_port( +corenet_tcp_sendrecv_generic_port( @@ -4196,6 +4804,12 @@ kernel

)

+Send and receive TCP network traffic on generic ports. +

@@ -4205,7 +4819,7 @@ Layer: kernel

-corenet_tcp_sendrecv_tftp_port( +corenet_tcp_sendrecv_howl_port( @@ -4225,7 +4839,7 @@ Layer: kernel

-corenet_tcp_sendrecv_unspec_node( +corenet_tcp_sendrecv_http_cache_port( @@ -4245,7 +4859,7 @@ Layer: kernel

-corenet_tcp_sendrecv_vnc_port( +corenet_tcp_sendrecv_http_port( @@ -4265,7 +4879,7 @@ Layer: kernel

-corenet_tcp_sendrecv_xserver_port( +corenet_tcp_sendrecv_inaddr_any_node( @@ -4285,7 +4899,7 @@ Layer: kernel

-corenet_tcp_sendrecv_zebra_port( +corenet_tcp_sendrecv_inetd_child_port( @@ -4305,7 +4919,7 @@ Layer: kernel

-corenet_udp_bind_amanda_port( +corenet_tcp_sendrecv_innd_port( @@ -4325,7 +4939,7 @@ Layer: kernel

-corenet_udp_bind_compat_ipv4_node( +corenet_tcp_sendrecv_ipp_port( @@ -4345,7 +4959,7 @@ Layer: kernel

-corenet_udp_bind_dbskkd_port( +corenet_tcp_sendrecv_ippp0( @@ -4365,7 +4979,7 @@ Layer: kernel

-corenet_udp_bind_dhcpc_port( +corenet_tcp_sendrecv_ipsec0( @@ -4385,7 +4999,7 @@ Layer: kernel

-corenet_udp_bind_dhcpd_port( +corenet_tcp_sendrecv_ipsec1( @@ -4405,7 +5019,7 @@ Layer: kernel

-corenet_udp_bind_dict_port( +corenet_tcp_sendrecv_ipsec2( @@ -4425,7 +5039,7 @@ Layer: kernel

-corenet_udp_bind_dns_port( +corenet_tcp_sendrecv_kerberos_admin_port( @@ -4445,7 +5059,7 @@ Layer: kernel

-corenet_udp_bind_fingerd_port( +corenet_tcp_sendrecv_kerberos_master_port( @@ -4465,7 +5079,7 @@ Layer: kernel

-corenet_udp_bind_ftp_data_port( +corenet_tcp_sendrecv_kerberos_port( @@ -4485,7 +5099,7 @@ Layer: kernel

-corenet_udp_bind_ftp_port( +corenet_tcp_sendrecv_ktalkd_port( @@ -4505,7 +5119,7 @@ Layer: kernel

-corenet_udp_bind_howl_port( +corenet_tcp_sendrecv_ldap_port( @@ -4525,7 +5139,7 @@ Layer: kernel

-corenet_udp_bind_http_cache_port( +corenet_tcp_sendrecv_link_local_node( @@ -4545,7 +5159,7 @@ Layer: kernel

-corenet_udp_bind_http_port( +corenet_tcp_sendrecv_lo( @@ -4565,7 +5179,7 @@ Layer: kernel

-corenet_udp_bind_inaddr_any_node( +corenet_tcp_sendrecv_lo_node( @@ -4585,7 +5199,7 @@ Layer: kernel

-corenet_udp_bind_inetd_child_port( +corenet_tcp_sendrecv_mail_port( @@ -4605,7 +5219,7 @@ Layer: kernel

-corenet_udp_bind_innd_port( +corenet_tcp_sendrecv_mapped_ipv4_node( @@ -4625,7 +5239,7 @@ Layer: kernel

-corenet_udp_bind_ipp_port( +corenet_tcp_sendrecv_multicast_node( @@ -4645,7 +5259,7 @@ Layer: kernel

-corenet_udp_bind_kerberos_admin_port( +corenet_tcp_sendrecv_mysqld_port( @@ -4665,7 +5279,7 @@ Layer: kernel

-corenet_udp_bind_kerberos_master_port( +corenet_tcp_sendrecv_nmbd_port( @@ -4685,7 +5299,7 @@ Layer: kernel

-corenet_udp_bind_kerberos_port( +corenet_tcp_sendrecv_pop_port( @@ -4705,7 +5319,7 @@ Layer: kernel

-corenet_udp_bind_ktalkd_port( +corenet_tcp_sendrecv_portmap_port( @@ -4725,7 +5339,7 @@ Layer: kernel

-corenet_udp_bind_ldap_port( +corenet_tcp_sendrecv_postgresql_port( @@ -4745,7 +5359,7 @@ Layer: kernel

-corenet_udp_bind_link_local_node( +corenet_tcp_sendrecv_printer_port( @@ -4765,7 +5379,7 @@ Layer: kernel

-corenet_udp_bind_lo_node( +corenet_tcp_sendrecv_pxe_port( @@ -4785,7 +5399,7 @@ Layer: kernel

-corenet_udp_bind_mail_port( +corenet_tcp_sendrecv_radacct_port( @@ -4805,7 +5419,7 @@ Layer: kernel

-corenet_udp_bind_mapped_ipv4_node( +corenet_tcp_sendrecv_radius_port( @@ -4825,7 +5439,7 @@ Layer: kernel

-corenet_udp_bind_multicast_node( +corenet_tcp_sendrecv_reserved_port( @@ -4836,6 +5450,12 @@ kernel

)

+Send and receive TCP network traffic on generic reserved ports. +

@@ -4845,7 +5465,7 @@ Layer: kernel

-corenet_udp_bind_mysqld_port( +corenet_tcp_sendrecv_rsh_port( @@ -4865,7 +5485,7 @@ Layer: kernel

-corenet_udp_bind_nmbd_port( +corenet_tcp_sendrecv_rsync_port( @@ -4885,7 +5505,7 @@ Layer: kernel

-corenet_udp_bind_pop_port( +corenet_tcp_sendrecv_site_local_node( @@ -4905,7 +5525,7 @@ Layer: kernel

-corenet_udp_bind_portmap_port( +corenet_tcp_sendrecv_smbd_port( @@ -4925,7 +5545,7 @@ Layer: kernel

-corenet_udp_bind_postgresql_port( +corenet_tcp_sendrecv_smtp_port( @@ -4945,7 +5565,7 @@ Layer: kernel

-corenet_udp_bind_printer_port( +corenet_tcp_sendrecv_snmp_port( @@ -4965,7 +5585,7 @@ Layer: kernel

-corenet_udp_bind_pxe_port( +corenet_tcp_sendrecv_ssh_port( @@ -4985,7 +5605,7 @@ Layer: kernel

-corenet_udp_bind_radacct_port( +corenet_tcp_sendrecv_swat_port( @@ -5005,7 +5625,7 @@ Layer: kernel

-corenet_udp_bind_radius_port( +corenet_tcp_sendrecv_syslogd_port( @@ -5025,7 +5645,7 @@ Layer: kernel

-corenet_udp_bind_rsh_port( +corenet_tcp_sendrecv_telnetd_port( @@ -5045,7 +5665,7 @@ Layer: kernel

-corenet_udp_bind_rsync_port( +corenet_tcp_sendrecv_tftp_port( @@ -5065,7 +5685,7 @@ Layer: kernel

-corenet_udp_bind_site_local_node( +corenet_tcp_sendrecv_unspec_node( @@ -5085,7 +5705,7 @@ Layer: kernel

-corenet_udp_bind_smbd_port( +corenet_tcp_sendrecv_vnc_port( @@ -5105,7 +5725,7 @@ Layer: kernel

-corenet_udp_bind_smtp_port( +corenet_tcp_sendrecv_xserver_port( @@ -5125,7 +5745,7 @@ Layer: kernel

-corenet_udp_bind_snmp_port( +corenet_tcp_sendrecv_zebra_port( @@ -5145,7 +5765,7 @@ Layer: kernel

-corenet_udp_bind_ssh_port( +corenet_udp_bind_all_nodes( @@ -5156,6 +5776,12 @@ kernel

)

+Bind UDP sockets to all nodes. +

@@ -5165,7 +5791,7 @@ Layer: kernel

-corenet_udp_bind_swat_port( +corenet_udp_bind_all_ports( @@ -5176,6 +5802,12 @@ kernel

)

+Bind UDP sockets to all ports. +

@@ -5185,7 +5817,7 @@ Layer: kernel

-corenet_udp_bind_syslogd_port( +corenet_udp_bind_all_reserved_ports( @@ -5196,6 +5828,12 @@ kernel

)

+Bind UDP sockets to all reserved ports. +

@@ -5205,7 +5843,7 @@ Layer: kernel

-corenet_udp_bind_telnetd_port( +corenet_udp_bind_amanda_port( @@ -5225,7 +5863,7 @@ Layer: kernel

-corenet_udp_bind_tftp_port( +corenet_udp_bind_compat_ipv4_node( @@ -5245,7 +5883,7 @@ Layer: kernel

-corenet_udp_bind_unspec_node( +corenet_udp_bind_dbskkd_port( @@ -5265,7 +5903,7 @@ Layer: kernel

-corenet_udp_bind_vnc_port( +corenet_udp_bind_dhcpc_port( @@ -5285,7 +5923,7 @@ Layer: kernel

-corenet_udp_bind_xserver_port( +corenet_udp_bind_dhcpd_port( @@ -5305,7 +5943,7 @@ Layer: kernel

-corenet_udp_bind_zebra_port( +corenet_udp_bind_dict_port( @@ -5325,7 +5963,7 @@ Layer: kernel

-corenet_udp_receive_amanda_port( +corenet_udp_bind_dns_port( @@ -5345,7 +5983,7 @@ Layer: kernel

-corenet_udp_receive_compat_ipv4_node( +corenet_udp_bind_fingerd_port( @@ -5365,7 +6003,7 @@ Layer: kernel

-corenet_udp_receive_dbskkd_port( +corenet_udp_bind_ftp_data_port( @@ -5385,7 +6023,7 @@ Layer: kernel

-corenet_udp_receive_dhcpc_port( +corenet_udp_bind_ftp_port( @@ -5405,7 +6043,7 @@ Layer: kernel

-corenet_udp_receive_dhcpd_port( +corenet_udp_bind_generic_node( @@ -5416,6 +6054,12 @@ kernel

)

+Bind UDP sockets to generic nodes. +

@@ -5425,7 +6069,7 @@ Layer: kernel

-corenet_udp_receive_dict_port( +corenet_udp_bind_generic_port( @@ -5436,6 +6080,12 @@ kernel

)

+Bind UDP sockets to generic ports. +

@@ -5445,7 +6095,7 @@ Layer: kernel

-corenet_udp_receive_dns_port( +corenet_udp_bind_howl_port( @@ -5465,7 +6115,7 @@ Layer: kernel

-corenet_udp_receive_eth0( +corenet_udp_bind_http_cache_port( @@ -5485,7 +6135,7 @@ Layer: kernel

-corenet_udp_receive_eth1( +corenet_udp_bind_http_port( @@ -5505,7 +6155,7 @@ Layer: kernel

-corenet_udp_receive_eth2( +corenet_udp_bind_inaddr_any_node( @@ -5525,7 +6175,7 @@ Layer: kernel

-corenet_udp_receive_fingerd_port( +corenet_udp_bind_inetd_child_port( @@ -5545,7 +6195,7 @@ Layer: kernel

-corenet_udp_receive_ftp_data_port( +corenet_udp_bind_innd_port( @@ -5565,7 +6215,7 @@ Layer: kernel

-corenet_udp_receive_ftp_port( +corenet_udp_bind_ipp_port( @@ -5585,7 +6235,7 @@ Layer: kernel

-corenet_udp_receive_howl_port( +corenet_udp_bind_kerberos_admin_port( @@ -5605,7 +6255,7 @@ Layer: kernel

-corenet_udp_receive_http_cache_port( +corenet_udp_bind_kerberos_master_port( @@ -5625,7 +6275,7 @@ Layer: kernel

-corenet_udp_receive_http_port( +corenet_udp_bind_kerberos_port( @@ -5645,7 +6295,7 @@ Layer: kernel

-corenet_udp_receive_inaddr_any_node( +corenet_udp_bind_ktalkd_port( @@ -5665,7 +6315,7 @@ Layer: kernel

-corenet_udp_receive_inetd_child_port( +corenet_udp_bind_ldap_port( @@ -5685,7 +6335,7 @@ Layer: kernel

-corenet_udp_receive_innd_port( +corenet_udp_bind_link_local_node( @@ -5705,7 +6355,7 @@ Layer: kernel

-corenet_udp_receive_ipp_port( +corenet_udp_bind_lo_node( @@ -5725,7 +6375,7 @@ Layer: kernel

-corenet_udp_receive_ippp0( +corenet_udp_bind_mail_port( @@ -5745,7 +6395,7 @@ Layer: kernel

-corenet_udp_receive_ipsec0( +corenet_udp_bind_mapped_ipv4_node( @@ -5765,7 +6415,7 @@ Layer: kernel

-corenet_udp_receive_ipsec1( +corenet_udp_bind_multicast_node( @@ -5785,7 +6435,7 @@ Layer: kernel

-corenet_udp_receive_ipsec2( +corenet_udp_bind_mysqld_port( @@ -5805,7 +6455,7 @@ Layer: kernel

-corenet_udp_receive_kerberos_admin_port( +corenet_udp_bind_nmbd_port( @@ -5825,7 +6475,7 @@ Layer: kernel

-corenet_udp_receive_kerberos_master_port( +corenet_udp_bind_pop_port( @@ -5845,7 +6495,7 @@ Layer: kernel

-corenet_udp_receive_kerberos_port( +corenet_udp_bind_portmap_port( @@ -5865,7 +6515,7 @@ Layer: kernel

-corenet_udp_receive_ktalkd_port( +corenet_udp_bind_postgresql_port( @@ -5885,7 +6535,7 @@ Layer: kernel

-corenet_udp_receive_ldap_port( +corenet_udp_bind_printer_port( @@ -5905,7 +6555,7 @@ Layer: kernel

-corenet_udp_receive_link_local_node( +corenet_udp_bind_pxe_port( @@ -5925,7 +6575,7 @@ Layer: kernel

-corenet_udp_receive_lo( +corenet_udp_bind_radacct_port( @@ -5945,7 +6595,7 @@ Layer: kernel

-corenet_udp_receive_lo_node( +corenet_udp_bind_radius_port( @@ -5965,7 +6615,7 @@ Layer: kernel

-corenet_udp_receive_mail_port( +corenet_udp_bind_reserved_port( @@ -5976,6 +6626,12 @@ kernel

)

+Bind UDP sockets to generic reserved ports. +

@@ -5985,7 +6641,7 @@ Layer: kernel

-corenet_udp_receive_mapped_ipv4_node( +corenet_udp_bind_rsh_port( @@ -6005,7 +6661,7 @@ Layer: kernel

-corenet_udp_receive_multicast_node( +corenet_udp_bind_rsync_port( @@ -6025,7 +6681,7 @@ Layer: kernel

-corenet_udp_receive_mysqld_port( +corenet_udp_bind_site_local_node( @@ -6045,7 +6701,7 @@ Layer: kernel

-corenet_udp_receive_nmbd_port( +corenet_udp_bind_smbd_port( @@ -6065,7 +6721,7 @@ Layer: kernel

-corenet_udp_receive_pop_port( +corenet_udp_bind_smtp_port( @@ -6085,7 +6741,7 @@ Layer: kernel

-corenet_udp_receive_portmap_port( +corenet_udp_bind_snmp_port( @@ -6105,7 +6761,7 @@ Layer: kernel

-corenet_udp_receive_postgresql_port( +corenet_udp_bind_ssh_port( @@ -6125,7 +6781,7 @@ Layer: kernel

-corenet_udp_receive_printer_port( +corenet_udp_bind_swat_port( @@ -6145,7 +6801,7 @@ Layer: kernel

-corenet_udp_receive_pxe_port( +corenet_udp_bind_syslogd_port( @@ -6165,7 +6821,7 @@ Layer: kernel

-corenet_udp_receive_radacct_port( +corenet_udp_bind_telnetd_port( @@ -6185,7 +6841,7 @@ Layer: kernel

-corenet_udp_receive_radius_port( +corenet_udp_bind_tftp_port( @@ -6205,7 +6861,7 @@ Layer: kernel

-corenet_udp_receive_rsh_port( +corenet_udp_bind_unspec_node( @@ -6225,7 +6881,7 @@ Layer: kernel

-corenet_udp_receive_rsync_port( +corenet_udp_bind_vnc_port( @@ -6245,7 +6901,7 @@ Layer: kernel

-corenet_udp_receive_site_local_node( +corenet_udp_bind_xserver_port( @@ -6265,7 +6921,7 @@ Layer: kernel

-corenet_udp_receive_smbd_port( +corenet_udp_bind_zebra_port( @@ -6285,7 +6941,7 @@ Layer: kernel

-corenet_udp_receive_smtp_port( +corenet_udp_receive_all_if( @@ -6296,6 +6952,12 @@ kernel

)

+Receive UDP network traffic on all interfaces. +

@@ -6305,7 +6967,7 @@ Layer: kernel

-corenet_udp_receive_snmp_port( +corenet_udp_receive_all_nodes( @@ -6316,6 +6978,12 @@ kernel

)

+Receive UDP network traffic on all nodes. +

@@ -6325,7 +6993,7 @@ Layer: kernel

-corenet_udp_receive_ssh_port( +corenet_udp_receive_all_ports( @@ -6336,6 +7004,12 @@ kernel

)

+Receive UDP network traffic on all ports. +

@@ -6345,7 +7019,7 @@ Layer: kernel

-corenet_udp_receive_swat_port( +corenet_udp_receive_all_reserved_ports( @@ -6356,6 +7030,12 @@ kernel

)

+Receive UDP network traffic on all reserved ports. +

@@ -6365,7 +7045,7 @@ Layer: kernel

-corenet_udp_receive_syslogd_port( +corenet_udp_receive_amanda_port( @@ -6385,7 +7065,7 @@ Layer: kernel

-corenet_udp_receive_telnetd_port( +corenet_udp_receive_compat_ipv4_node( @@ -6405,7 +7085,7 @@ Layer: kernel

-corenet_udp_receive_tftp_port( +corenet_udp_receive_dbskkd_port( @@ -6425,7 +7105,7 @@ Layer: kernel

-corenet_udp_receive_unspec_node( +corenet_udp_receive_dhcpc_port( @@ -6445,7 +7125,7 @@ Layer: kernel

-corenet_udp_receive_vnc_port( +corenet_udp_receive_dhcpd_port( @@ -6465,7 +7145,7 @@ Layer: kernel

-corenet_udp_receive_xserver_port( +corenet_udp_receive_dict_port( @@ -6485,7 +7165,7 @@ Layer: kernel

-corenet_udp_receive_zebra_port( +corenet_udp_receive_dns_port( @@ -6505,7 +7185,7 @@ Layer: kernel

-corenet_udp_send_amanda_port( +corenet_udp_receive_eth0( @@ -6525,7 +7205,7 @@ Layer: kernel

-corenet_udp_send_compat_ipv4_node( +corenet_udp_receive_eth1( @@ -6545,7 +7225,7 @@ Layer: kernel

-corenet_udp_send_dbskkd_port( +corenet_udp_receive_eth2( @@ -6565,7 +7245,7 @@ Layer: kernel

-corenet_udp_send_dhcpc_port( +corenet_udp_receive_fingerd_port( @@ -6585,7 +7265,7 @@ Layer: kernel

-corenet_udp_send_dhcpd_port( +corenet_udp_receive_ftp_data_port( @@ -6605,7 +7285,7 @@ Layer: kernel

-corenet_udp_send_dict_port( +corenet_udp_receive_ftp_port( @@ -6625,7 +7305,7 @@ Layer: kernel

-corenet_udp_send_dns_port( +corenet_udp_receive_generic_if( @@ -6636,6 +7316,12 @@ kernel

)

+Receive UDP network traffic on generic interfaces. +

@@ -6645,7 +7331,7 @@ Layer: kernel

-corenet_udp_send_eth0( +corenet_udp_receive_generic_node( @@ -6656,6 +7342,12 @@ kernel

)

+Receive UDP network traffic on generic nodes. +

@@ -6665,7 +7357,7 @@ Layer: kernel

-corenet_udp_send_eth1( +corenet_udp_receive_generic_port( @@ -6676,6 +7368,12 @@ kernel

)

+Receive UDP network traffic on generic ports. +

@@ -6685,7 +7383,7 @@ Layer: kernel

-corenet_udp_send_eth2( +corenet_udp_receive_howl_port( @@ -6705,7 +7403,7 @@ Layer: kernel

-corenet_udp_send_fingerd_port( +corenet_udp_receive_http_cache_port( @@ -6725,7 +7423,7 @@ Layer: kernel

-corenet_udp_send_ftp_data_port( +corenet_udp_receive_http_port( @@ -6745,7 +7443,7 @@ Layer: kernel

-corenet_udp_send_ftp_port( +corenet_udp_receive_inaddr_any_node( @@ -6765,7 +7463,7 @@ Layer: kernel

-corenet_udp_send_howl_port( +corenet_udp_receive_inetd_child_port( @@ -6785,7 +7483,7 @@ Layer: kernel

-corenet_udp_send_http_cache_port( +corenet_udp_receive_innd_port( @@ -6805,7 +7503,7 @@ Layer: kernel

-corenet_udp_send_http_port( +corenet_udp_receive_ipp_port( @@ -6825,7 +7523,7 @@ Layer: kernel

-corenet_udp_send_inaddr_any_node( +corenet_udp_receive_ippp0( @@ -6845,7 +7543,7 @@ Layer: kernel

-corenet_udp_send_inetd_child_port( +corenet_udp_receive_ipsec0( @@ -6865,7 +7563,7 @@ Layer: kernel

-corenet_udp_send_innd_port( +corenet_udp_receive_ipsec1( @@ -6885,7 +7583,7 @@ Layer: kernel

-corenet_udp_send_ipp_port( +corenet_udp_receive_ipsec2( @@ -6905,7 +7603,7 @@ Layer: kernel

-corenet_udp_send_ippp0( +corenet_udp_receive_kerberos_admin_port( @@ -6925,7 +7623,7 @@ Layer: kernel

-corenet_udp_send_ipsec0( +corenet_udp_receive_kerberos_master_port( @@ -6945,7 +7643,7 @@ Layer: kernel

-corenet_udp_send_ipsec1( +corenet_udp_receive_kerberos_port( @@ -6965,7 +7663,7 @@ Layer: kernel

-corenet_udp_send_ipsec2( +corenet_udp_receive_ktalkd_port( @@ -6985,7 +7683,7 @@ Layer: kernel

-corenet_udp_send_kerberos_admin_port( +corenet_udp_receive_ldap_port( @@ -7005,7 +7703,7 @@ Layer: kernel

-corenet_udp_send_kerberos_master_port( +corenet_udp_receive_link_local_node( @@ -7025,7 +7723,7 @@ Layer: kernel

-corenet_udp_send_kerberos_port( +corenet_udp_receive_lo( @@ -7045,7 +7743,7 @@ Layer: kernel

-corenet_udp_send_ktalkd_port( +corenet_udp_receive_lo_node( @@ -7065,7 +7763,7 @@ Layer: kernel

-corenet_udp_send_ldap_port( +corenet_udp_receive_mail_port( @@ -7085,7 +7783,7 @@ Layer: kernel

-corenet_udp_send_link_local_node( +corenet_udp_receive_mapped_ipv4_node( @@ -7105,7 +7803,7 @@ Layer: kernel

-corenet_udp_send_lo( +corenet_udp_receive_multicast_node( @@ -7125,7 +7823,7 @@ Layer: kernel

-corenet_udp_send_lo_node( +corenet_udp_receive_mysqld_port( @@ -7145,7 +7843,7 @@ Layer: kernel

-corenet_udp_send_mail_port( +corenet_udp_receive_nmbd_port( @@ -7165,7 +7863,7 @@ Layer: kernel

-corenet_udp_send_mapped_ipv4_node( +corenet_udp_receive_pop_port( @@ -7185,7 +7883,7 @@ Layer: kernel

-corenet_udp_send_multicast_node( +corenet_udp_receive_portmap_port( @@ -7205,7 +7903,7 @@ Layer: kernel

-corenet_udp_send_mysqld_port( +corenet_udp_receive_postgresql_port( @@ -7225,7 +7923,7 @@ Layer: kernel

-corenet_udp_send_nmbd_port( +corenet_udp_receive_printer_port( @@ -7245,7 +7943,7 @@ Layer: kernel

-corenet_udp_send_pop_port( +corenet_udp_receive_pxe_port( @@ -7265,7 +7963,7 @@ Layer: kernel

-corenet_udp_send_portmap_port( +corenet_udp_receive_radacct_port( @@ -7285,7 +7983,7 @@ Layer: kernel

-corenet_udp_send_postgresql_port( +corenet_udp_receive_radius_port( @@ -7305,7 +8003,7 @@ Layer: kernel

-corenet_udp_send_printer_port( +corenet_udp_receive_reserved_port( @@ -7316,6 +8014,12 @@ kernel

)

+Receive UDP network traffic on generic reserved ports. +

@@ -7325,7 +8029,7 @@ Layer: kernel

-corenet_udp_send_pxe_port( +corenet_udp_receive_rsh_port( @@ -7345,7 +8049,7 @@ Layer: kernel

-corenet_udp_send_radacct_port( +corenet_udp_receive_rsync_port( @@ -7365,7 +8069,7 @@ Layer: kernel

-corenet_udp_send_radius_port( +corenet_udp_receive_site_local_node( @@ -7385,7 +8089,7 @@ Layer: kernel

-corenet_udp_send_rsh_port( +corenet_udp_receive_smbd_port( @@ -7405,7 +8109,7 @@ Layer: kernel

-corenet_udp_send_rsync_port( +corenet_udp_receive_smtp_port( @@ -7425,7 +8129,7 @@ Layer: kernel

-corenet_udp_send_site_local_node( +corenet_udp_receive_snmp_port( @@ -7445,7 +8149,7 @@ Layer: kernel

-corenet_udp_send_smbd_port( +corenet_udp_receive_ssh_port( @@ -7465,7 +8169,7 @@ Layer: kernel

-corenet_udp_send_smtp_port( +corenet_udp_receive_swat_port( @@ -7485,7 +8189,7 @@ Layer: kernel

-corenet_udp_send_snmp_port( +corenet_udp_receive_syslogd_port( @@ -7505,7 +8209,7 @@ Layer: kernel

-corenet_udp_send_ssh_port( +corenet_udp_receive_telnetd_port( @@ -7525,7 +8229,7 @@ Layer: kernel

-corenet_udp_send_swat_port( +corenet_udp_receive_tftp_port( @@ -7545,7 +8249,7 @@ Layer: kernel

-corenet_udp_send_syslogd_port( +corenet_udp_receive_unspec_node( @@ -7565,7 +8269,7 @@ Layer: kernel

-corenet_udp_send_telnetd_port( +corenet_udp_receive_vnc_port( @@ -7585,7 +8289,7 @@ Layer: kernel

-corenet_udp_send_tftp_port( +corenet_udp_receive_xserver_port( @@ -7605,7 +8309,7 @@ Layer: kernel

-corenet_udp_send_unspec_node( +corenet_udp_receive_zebra_port( @@ -7625,7 +8329,7 @@ Layer: kernel

-corenet_udp_send_vnc_port( +corenet_udp_send_all_if( @@ -7636,6 +8340,12 @@ kernel

)

+Send UDP network traffic on all interfaces. +

@@ -7645,7 +8355,7 @@ Layer: kernel

-corenet_udp_send_xserver_port( +corenet_udp_send_all_nodes( @@ -7656,6 +8366,12 @@ kernel

)

+Send UDP network traffic on all nodes. +

@@ -7665,7 +8381,7 @@ Layer: kernel

-corenet_udp_send_zebra_port( +corenet_udp_send_all_ports( @@ -7676,6 +8392,12 @@ kernel

)

+Send UDP network traffic on all ports. +

@@ -7685,7 +8407,7 @@ Layer: kernel

-corenet_udp_sendrecv_compat_ipv4_node( +corenet_udp_send_all_reserved_ports( @@ -7696,6 +8418,12 @@ kernel

)

+Send UDP network traffic on all reserved ports. +

@@ -7705,7 +8433,7 @@ Layer: kernel

-corenet_udp_sendrecv_inaddr_any_node( +corenet_udp_send_amanda_port( @@ -7725,7 +8453,7 @@ Layer: kernel

-corenet_udp_sendrecv_link_local_node( +corenet_udp_send_compat_ipv4_node( @@ -7745,7 +8473,7 @@ Layer: kernel

-corenet_udp_sendrecv_lo_node( +corenet_udp_send_dbskkd_port( @@ -7765,7 +8493,7 @@ Layer: kernel

-corenet_udp_sendrecv_mapped_ipv4_node( +corenet_udp_send_dhcpc_port( @@ -7785,7 +8513,7 @@ Layer: kernel

-corenet_udp_sendrecv_multicast_node( +corenet_udp_send_dhcpd_port( @@ -7805,7 +8533,7 @@ Layer: kernel

-corenet_udp_sendrecv_site_local_node( +corenet_udp_send_dict_port( @@ -7825,7 +8553,7 @@ Layer: kernel

-corenet_udp_sendrecv_unspec_node( +corenet_udp_send_dns_port( @@ -7845,7 +8573,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_amanda_port( +corenet_udp_send_eth0( @@ -7865,7 +8593,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_dbskkd_port( +corenet_udp_send_eth1( @@ -7885,7 +8613,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_dhcpc_port( +corenet_udp_send_eth2( @@ -7905,7 +8633,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_dhcpd_port( +corenet_udp_send_fingerd_port( @@ -7925,7 +8653,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_dict_port( +corenet_udp_send_ftp_data_port( @@ -7945,7 +8673,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_dns_port( +corenet_udp_send_ftp_port( @@ -7965,7 +8693,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_eth0_interface( +corenet_udp_send_generic_if( @@ -7976,6 +8704,12 @@ kernel

)

+Send UDP network traffic on generic interfaces. +

@@ -7985,7 +8719,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_eth1_interface( +corenet_udp_send_generic_node( @@ -7996,6 +8730,12 @@ kernel

)

+Send UDP network traffic on generic nodes. +

@@ -8005,7 +8745,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_eth2_interface( +corenet_udp_send_generic_port( @@ -8016,6 +8756,12 @@ kernel

)

+Send UDP network traffic on generic ports. +

@@ -8025,7 +8771,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_fingerd_port( +corenet_udp_send_howl_port( @@ -8045,7 +8791,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ftp_data_port( +corenet_udp_send_http_cache_port( @@ -8065,7 +8811,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ftp_port( +corenet_udp_send_http_port( @@ -8085,7 +8831,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_howl_port( +corenet_udp_send_inaddr_any_node( @@ -8105,7 +8851,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_http_cache_port( +corenet_udp_send_inetd_child_port( @@ -8125,7 +8871,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_http_port( +corenet_udp_send_innd_port( @@ -8145,7 +8891,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_inetd_child_port( +corenet_udp_send_ipp_port( @@ -8165,7 +8911,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_innd_port( +corenet_udp_send_ippp0( @@ -8185,7 +8931,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ipp_port( +corenet_udp_send_ipsec0( @@ -8205,7 +8951,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ippp0_interface( +corenet_udp_send_ipsec1( @@ -8225,7 +8971,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ipsec0_interface( +corenet_udp_send_ipsec2( @@ -8245,7 +8991,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ipsec1_interface( +corenet_udp_send_kerberos_admin_port( @@ -8265,7 +9011,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ipsec2_interface( +corenet_udp_send_kerberos_master_port( @@ -8285,7 +9031,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_kerberos_admin_port( +corenet_udp_send_kerberos_port( @@ -8305,7 +9051,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_kerberos_master_port( +corenet_udp_send_ktalkd_port( @@ -8325,7 +9071,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_kerberos_port( +corenet_udp_send_ldap_port( @@ -8345,7 +9091,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ktalkd_port( +corenet_udp_send_link_local_node( @@ -8365,7 +9111,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ldap_port( +corenet_udp_send_lo( @@ -8385,7 +9131,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_lo_interface( +corenet_udp_send_lo_node( @@ -8405,7 +9151,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_mail_port( +corenet_udp_send_mail_port( @@ -8425,7 +9171,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_mysqld_port( +corenet_udp_send_mapped_ipv4_node( @@ -8445,7 +9191,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_nmbd_port( +corenet_udp_send_multicast_node( @@ -8465,7 +9211,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_pop_port( +corenet_udp_send_mysqld_port( @@ -8485,7 +9231,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_portmap_port( +corenet_udp_send_nmbd_port( @@ -8505,7 +9251,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_postgresql_port( +corenet_udp_send_pop_port( @@ -8525,7 +9271,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_printer_port( +corenet_udp_send_portmap_port( @@ -8545,7 +9291,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_pxe_port( +corenet_udp_send_postgresql_port( @@ -8565,7 +9311,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_radacct_port( +corenet_udp_send_printer_port( @@ -8585,7 +9331,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_radius_port( +corenet_udp_send_pxe_port( @@ -8605,7 +9351,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_rsh_port( +corenet_udp_send_radacct_port( @@ -8625,7 +9371,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_rsync_port( +corenet_udp_send_radius_port( @@ -8645,7 +9391,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_smbd_port( +corenet_udp_send_reserved_port( @@ -8656,6 +9402,12 @@ kernel

)

+Send UDP network traffic on generic reserved ports. +

@@ -8665,7 +9417,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_smtp_port( +corenet_udp_send_rsh_port( @@ -8685,7 +9437,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_snmp_port( +corenet_udp_send_rsync_port( @@ -8705,7 +9457,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_ssh_port( +corenet_udp_send_site_local_node( @@ -8725,7 +9477,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_swat_port( +corenet_udp_send_smbd_port( @@ -8745,7 +9497,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_syslogd_port( +corenet_udp_send_smtp_port( @@ -8765,7 +9517,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_telnetd_port( +corenet_udp_send_snmp_port( @@ -8785,7 +9537,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_tftp_port( +corenet_udp_send_ssh_port( @@ -8805,7 +9557,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_vnc_port( +corenet_udp_send_swat_port( @@ -8825,7 +9577,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_xserver_port( +corenet_udp_send_syslogd_port( @@ -8845,7 +9597,7 @@ Layer: kernel

-corenetwork_sendrecv_udp_on_zebra_port( +corenet_udp_send_telnetd_port( @@ -8859,13 +9611,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_create_dev_node( +corenet_udp_send_tftp_port( @@ -8873,42 +9625,19 @@ kernel

domain - - , - - - - file - - - - , - - - - objectclass(es) - - )

- Create, read, and write device nodes. The node - will be transitioned to the type provided. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_create_dir( +corenet_udp_send_unspec_node( @@ -8919,22 +9648,16 @@ kernel

)

- Create a directory in the device directory. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_create_generic_chr_file( +corenet_udp_send_vnc_port( @@ -8945,22 +9668,16 @@ kernel

)

- Allow read, write, and create for generic character device files. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_del_generic_symlinks( +corenet_udp_send_xserver_port( @@ -8971,22 +9688,16 @@ kernel

)

- Delete symbolic links in device directories. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_delete_lvm_control( +corenet_udp_send_zebra_port( @@ -8997,22 +9708,16 @@ kernel

)

- Delete the lvm control device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_all_blk_files( +corenet_udp_sendrecv_all_if( @@ -9025,20 +9730,20 @@ kernel

- Dontaudit getattr on all block file device nodes. +Send and receive UDP network traffic on all interfaces.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_all_chr_files( +corenet_udp_sendrecv_all_nodes( @@ -9051,20 +9756,20 @@ kernel

- Dontaudit getattr on all character file device nodes. +Send and receive UDP network traffic on all nodes.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_generic_blk_file( +corenet_udp_sendrecv_all_ports( @@ -9077,20 +9782,20 @@ kernel

- Dontaudit getattr on generic block devices. +Send and receive UDP network traffic on all ports.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_generic_chr_file( +corenet_udp_sendrecv_all_reserved_ports( @@ -9103,20 +9808,20 @@ kernel

- Dontaudit getattr for generic character device files. +Send and receive UDP network traffic on all reserved ports.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_getattr_generic_pipe( +corenet_udp_sendrecv_amanda_port( @@ -9127,22 +9832,16 @@ kernel

)

- Dontaudit getattr on generic pipes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_list_all_dev_nodes( +corenet_udp_sendrecv_compat_ipv4_node( @@ -9153,22 +9852,16 @@ kernel

)

- Dontaudit attempts to list all device nodes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_rw_dri_dev( +corenet_udp_sendrecv_dbskkd_port( @@ -9179,22 +9872,16 @@ kernel

)

- Dontaudit read and write on the dri devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_dontaudit_rw_generic_dev_nodes( +corenet_udp_sendrecv_dhcpc_port( @@ -9205,22 +9892,16 @@ kernel

)

- Dontaudit getattr for generic device files. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_agp_dev( +corenet_udp_sendrecv_dhcpd_port( @@ -9231,22 +9912,16 @@ kernel

)

- Getattr the agp devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_all_blk_files( +corenet_udp_sendrecv_dict_port( @@ -9257,22 +9932,16 @@ kernel

)

- Getattr on all block file device nodes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_all_chr_files( +corenet_udp_sendrecv_dns_port( @@ -9283,22 +9952,16 @@ kernel

)

- Getattr on all character file device nodes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_generic_blk_file( +corenet_udp_sendrecv_eth0( @@ -9309,22 +9972,16 @@ kernel

)

- Allow getattr on generic block devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_getattr_generic_chr_file( +corenet_udp_sendrecv_eth1( @@ -9335,22 +9992,16 @@ kernel

)

- Allow getattr for generic character device files. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_list_all_dev_nodes( +corenet_udp_sendrecv_eth2( @@ -9361,22 +10012,16 @@ kernel

)

- List all of the device nodes in a device directory. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_list_usbfs( +corenet_udp_sendrecv_fingerd_port( @@ -9390,13 +10035,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_all_blk_files( +corenet_udp_sendrecv_ftp_data_port( @@ -9407,22 +10052,16 @@ kernel

)

- Read, write, create, and delete all block device files. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_all_chr_files( +corenet_udp_sendrecv_ftp_port( @@ -9433,22 +10072,16 @@ kernel

)

- Read, write, create, and delete all character device files. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_dev_nodes( +corenet_udp_sendrecv_generic_if( @@ -9461,20 +10094,20 @@ kernel

- Create, delete, read, and write device nodes in device directories. +Send and Receive UDP network traffic on generic interfaces.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_generic_blk_file( +corenet_udp_sendrecv_generic_node( @@ -9487,21 +10120,20 @@ kernel

- Allow read, write, create, and delete for generic - block files. +Send and receive UDP network traffic on generic nodes.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_generic_blk_file( +corenet_udp_sendrecv_generic_port( @@ -9514,20 +10146,20 @@ kernel

- Create, delete, read, and write block device files. +Send and receive UDP network traffic on generic ports.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_generic_chr_file( +corenet_udp_sendrecv_howl_port( @@ -9538,22 +10170,16 @@ kernel

)

- Create, delete, read, and write character device files. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_manage_generic_symlinks( +corenet_udp_sendrecv_http_cache_port( @@ -9564,49 +10190,36 @@ kernel

)

- Create, delete, read, and write symbolic links in device directories. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

 
-dev_node(
+corenet_udp_sendrecv_http_port(
 	
-		object_type
+		domain
 		
 	)

- Make the passed in type a type appropriate for - use on device nodes (usually files in /dev). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_cpuid( +corenet_udp_sendrecv_inaddr_any_node( @@ -9617,22 +10230,16 @@ kernel

)

- Read the multiplexed input device (/dev/input). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_framebuffer( +corenet_udp_sendrecv_inetd_child_port( @@ -9643,22 +10250,16 @@ kernel

)

- Read the framebuffer device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_input( +corenet_udp_sendrecv_innd_port( @@ -9669,22 +10270,16 @@ kernel

)

- Read the multiplexed input device (/dev/input). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_lvm_control( +corenet_udp_sendrecv_ipp_port( @@ -9695,22 +10290,16 @@ kernel

)

- Read the lvm comtrol device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_misc( +corenet_udp_sendrecv_ippp0( @@ -9721,22 +10310,16 @@ kernel

)

- Read miscellaneous devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_mouse( +corenet_udp_sendrecv_ipsec0( @@ -9747,22 +10330,16 @@ kernel

)

- Read the mouse devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_mtrr( +corenet_udp_sendrecv_ipsec1( @@ -9773,22 +10350,16 @@ kernel

)

- Read the mtrr device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_rand( +corenet_udp_sendrecv_ipsec2( @@ -9799,22 +10370,16 @@ kernel

)

- Read from random devices (e.g., /dev/random) -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_raw_memory( +corenet_udp_sendrecv_kerberos_admin_port( @@ -9825,22 +10390,16 @@ kernel

)

- Read raw memory devices (e.g. /dev/mem). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_realtime_clock( +corenet_udp_sendrecv_kerberos_master_port( @@ -9851,22 +10410,16 @@ kernel

)

- Read the realtime clock (/dev/rtc). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_snd_dev( +corenet_udp_sendrecv_kerberos_port( @@ -9877,22 +10430,16 @@ kernel

)

- Read the sound devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_snd_mixer_dev( +corenet_udp_sendrecv_ktalkd_port( @@ -9903,22 +10450,16 @@ kernel

)

- Read the sound mixer devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_sysfs( +corenet_udp_sendrecv_ldap_port( @@ -9932,13 +10473,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_urand( +corenet_udp_sendrecv_link_local_node( @@ -9949,22 +10490,16 @@ kernel

)

- Read from pseudo random devices (e.g., /dev/urandom) -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_read_usbfs( +corenet_udp_sendrecv_lo( @@ -9978,13 +10513,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_relabel_all_dev_nodes( +corenet_udp_sendrecv_lo_node( @@ -9995,22 +10530,16 @@ kernel

)

- Allow full relabeling (to and from) of all device nodes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_relabel_dev_dirs( +corenet_udp_sendrecv_mail_port( @@ -10021,22 +10550,16 @@ kernel

)

- Allow full relabeling (to and from) of directories in /dev. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_agp_dev( +corenet_udp_sendrecv_mapped_ipv4_node( @@ -10047,22 +10570,16 @@ kernel

)

- Read and write the agp devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_cpu_microcode( +corenet_udp_sendrecv_multicast_node( @@ -10073,23 +10590,16 @@ kernel

)

- Read and write the the cpu microcode device. This - is required to load cpu microcode. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_dri_dev( +corenet_udp_sendrecv_mysqld_port( @@ -10100,22 +10610,16 @@ kernel

)

- Read and write the dri devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_lvm_control( +corenet_udp_sendrecv_nmbd_port( @@ -10126,22 +10630,16 @@ kernel

)

- Read and write the lvm control device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_null_dev( +corenet_udp_sendrecv_pop_port( @@ -10152,22 +10650,16 @@ kernel

)

- Read and write to the null device (/dev/null). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_power_management( +corenet_udp_sendrecv_portmap_port( @@ -10178,22 +10670,16 @@ kernel

)

- Read and write the the power management device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_realtime_clock( +corenet_udp_sendrecv_postgresql_port( @@ -10204,22 +10690,16 @@ kernel

)

- Read the realtime clock (/dev/rtc). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_scanner( +corenet_udp_sendrecv_printer_port( @@ -10230,22 +10710,16 @@ kernel

)

- Read and write the the scanner device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_sysfs( +corenet_udp_sendrecv_pxe_port( @@ -10259,13 +10733,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_usbfs( +corenet_udp_sendrecv_radacct_port( @@ -10279,13 +10753,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rw_zero_dev( +corenet_udp_sendrecv_radius_port( @@ -10296,22 +10770,16 @@ kernel

)

- Read and write to the zero device (/dev/zero). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rwx_zero_dev( +corenet_udp_sendrecv_reserved_port( @@ -10324,20 +10792,20 @@ kernel

- Read, write, and execute the zero device (/dev/zero). +Send and receive UDP network traffic on generic reserved ports.

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_rx_raw_memory( +corenet_udp_sendrecv_rsh_port( @@ -10348,22 +10816,16 @@ kernel

)

- Read and execute raw memory devices (e.g. /dev/mem). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_search_sysfs( +corenet_udp_sendrecv_rsync_port( @@ -10377,13 +10839,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_search_usbfs( +corenet_udp_sendrecv_site_local_node( @@ -10397,13 +10859,13 @@ kernel

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_setattr_all_blk_files( +corenet_udp_sendrecv_smbd_port( @@ -10414,22 +10876,16 @@ kernel

)

- Setattr on all block file device nodes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_setattr_all_chr_files( +corenet_udp_sendrecv_smtp_port( @@ -10440,22 +10896,16 @@ kernel

)

- Setattr on all character file device nodes. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_framebuffer( +corenet_udp_sendrecv_snmp_port( @@ -10466,22 +10916,16 @@ kernel

)

- Write the framebuffer device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_misc( +corenet_udp_sendrecv_ssh_port( @@ -10492,22 +10936,16 @@ kernel

)

- Write miscellaneous devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_mtrr( +corenet_udp_sendrecv_swat_port( @@ -10518,22 +10956,16 @@ kernel

)

- Write the mtrr device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_rand( +corenet_udp_sendrecv_syslogd_port( @@ -10544,24 +10976,16 @@ kernel

)

- Write to the random device (e.g., /dev/random). This adds - entropy used to generate the random data read from the - random device. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_raw_memory( +corenet_udp_sendrecv_telnetd_port( @@ -10572,22 +10996,16 @@ kernel

)

- Write raw memory devices (e.g. /dev/mem). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_realtime_clock( +corenet_udp_sendrecv_tftp_port( @@ -10598,22 +11016,16 @@ kernel

)

- Read the realtime clock (/dev/rtc). -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_snd_dev( +corenet_udp_sendrecv_unspec_node( @@ -10624,22 +11036,16 @@ kernel

)

- Write the sound devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_snd_mixer_dev( +corenet_udp_sendrecv_vnc_port( @@ -10650,22 +11056,16 @@ kernel

)

- Write the sound mixer devices. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_write_urand( +corenet_udp_sendrecv_xserver_port( @@ -10676,23 +11076,16 @@ kernel

)

- Write to the pseudo random device (e.g., /dev/urandom). This - sets the random number generator seed. -

-Module: -devices

+Module: +corenetwork

Layer: kernel

-dev_wx_raw_memory( +corenet_udp_sendrecv_zebra_port( @@ -10703,22 +11096,16 @@ kernel

)

- Write and execute raw memory devices (e.g. /dev/mem). -

-Module: -dmesg

-Layer: -admin

+Module: +corenetwork

+Layer: +kernel

-dmesg_domtrans( +corenet_use_tun_tap_device( @@ -10729,16 +11116,22 @@ admin

)

+Read and write the TUN/TAP virtual network device. +

-Module: -dmesg

-Layer: -admin

+Module: +cron

+Layer: +services

-dmesg_exec( +cron_read_pipe( @@ -10749,16 +11142,22 @@ admin

)

+Read a cron daemon unnamed pipe +

-Module: -domain

-Layer: -system

+Module: +cron

+Layer: +services

-domain_dontaudit_getattr_all_tcp_sockets( +cron_rw_log( @@ -10769,16 +11168,22 @@ system

)

+Read and write the cron daemon log files. +

-Module: -domain

-Layer: -system

+Module: +cron

+Layer: +services

-domain_dontaudit_getattr_all_udp_sockets( +cron_search_spool( @@ -10789,16 +11194,22 @@ system

)

+Search the directory containing user cron tables. +

-Module: -domain

-Layer: -system

+Module: +cron

+Layer: +services

-domain_dontaudit_getattr_all_unix_dgram_sockets( +cron_system_entry( @@ -10806,19 +11217,34 @@ system

domain + + , + + + + entrypoint + + )

+Make the specified program domain accessable +from the system cron jobs. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_dontaudit_getattr_all_unnamed_pipes( +dev_create_dev_node( @@ -10826,19 +11252,42 @@ system

domain + + , + + + + file + + + + , + + + + objectclass(es) + + )

+Create, read, and write device nodes. The node +will be transitioned to the type provided. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_dontaudit_list_all_domains_proc( +dev_create_dir( @@ -10849,16 +11298,22 @@ system

)

+Create a directory in the device directory. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_getsession_all_domains( +dev_create_generic_chr_file( @@ -10869,16 +11324,22 @@ system

)

+Allow read, write, and create for generic character device files. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_kill_all_domains( +dev_del_generic_symlinks( @@ -10889,16 +11350,22 @@ system

)

+Delete symbolic links in device directories. +

-Module: -domain

-Layer: -system

+ +

+Module: +devices

+Layer: +kernel

-domain_obj_id_change_exempt( +dev_delete_lvm_control( @@ -10909,16 +11376,22 @@ system

)

+Delete the lvm control device. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_read_all_domains_state( +dev_dontaudit_getattr_all_blk_files( @@ -10929,16 +11402,22 @@ system

)

+Dontaudit getattr on all block file device nodes. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_role_change_exempt( +dev_dontaudit_getattr_all_chr_files( @@ -10949,16 +11428,22 @@ system

)

+Dontaudit getattr on all character file device nodes. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_sigchld_all_domains( +dev_dontaudit_getattr_apm_bios( @@ -10969,16 +11454,23 @@ system

)

+Do not audit attempts to get the attributes of +the apm bios device node. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_signal_all_domains( +dev_dontaudit_getattr_generic_blk_file( @@ -10989,16 +11481,22 @@ system

)

+Dontaudit getattr on generic block devices. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_signull_all_domains( +dev_dontaudit_getattr_generic_chr_file( @@ -11009,16 +11507,22 @@ system

)

+Dontaudit getattr for generic character device files. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_sigstop_all_domains( +dev_dontaudit_getattr_generic_pipe( @@ -11029,16 +11533,22 @@ system

)

+Dontaudit getattr on generic pipes. +

-Module: -domain

-Layer: -system

+Module: +devices

+Layer: +kernel

-domain_subj_id_change_exempt( +dev_dontaudit_getattr_misc( @@ -11049,16 +11559,23 @@ system

)

+Do not audit attempts to get the attributes +of miscellaneous devices. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_create_root( +dev_dontaudit_getattr_scanner( @@ -11066,43 +11583,53 @@ system

domain - - , - - - - [ - - private type - - ] - + )
+

+ +

+Do not audit attempts to get the attributes of +the scanner device. +

+ +

+Module: +devices

+Layer: +kernel

+
+dev_dontaudit_getattr_video_dev(
 	
-			,
-		
 		
-			[
-		
-		object
-		
-			]
+		domain
 		
 	)

+Do not audit attempts to get the attributes +of video4linux device nodes. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_delete_generic_etc_files( +dev_dontaudit_list_all_dev_nodes( @@ -11113,16 +11640,22 @@ system

)

+Dontaudit attempts to list all device nodes. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_dontaudit_ioctl_all_pids( +dev_dontaudit_read_framebuffer( @@ -11133,16 +11666,22 @@ system

)

+Do not audit attempts to read the framebuffer. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_dontaudit_write_all_pids( +dev_dontaudit_rw_dri_dev( @@ -11153,16 +11692,22 @@ system

)

+Dontaudit read and write on the dri devices. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_exec_usr_files( +dev_dontaudit_rw_generic_dev_nodes( @@ -11173,16 +11718,22 @@ system

)

+Dontaudit getattr for generic device files. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_list_home( +dev_dontaudit_search_sysfs( @@ -11193,16 +11744,22 @@ system

)

+Do not audit attempts to search sysfs. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_manage_all_files( +dev_dontaudit_setattr_apm_bios( @@ -11210,31 +11767,26 @@ system

domain - - , - - - - [ - - exception_types - - ] - - )

+Do not audit attempts to set the attributes of +the apm bios device node. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

-files_relabel_all_files( +dev_dontaudit_setattr_framebuffer( @@ -11242,111 +11794,132 @@ system

domain - - , - - - - [ - - exception_types - - ] - - )

+Dot not audit attempts to set the attributes +of the framebuffer device node. +

-Module: -files

-Layer: -system

+Module: +devices

+Layer: +kernel

 
-files_tmpfs_file(
+dev_dontaudit_setattr_generic_blk_file(
 	
-		type
+		domain
 		
 	)

+Dontaudit setattr on generic block devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

 
-fs_associate(
+dev_dontaudit_setattr_generic_chr_file(
 	
-		file_type
+		domain
 		
 	)

+Dontaudit setattr for generic character device files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

 
-fs_associate_noxattr(
+dev_dontaudit_setattr_misc(
 	
-		file_type
+		domain
 		
 	)

+Do not audit attempts to set the attributes +of miscellaneous devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

 
-fs_associate_tmpfs(
+dev_dontaudit_setattr_scanner(
 	
-		type
+		domain
 		
 	)

+Do not audit attempts to set the attributes of +the scanner device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_dontaudit_getattr_xattr_fs( +dev_dontaudit_setattr_video_dev( @@ -11357,16 +11930,23 @@ kernel

)

+Do not audit attempts to set the attributes +of video4linux device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_execute_cifs_files( +dev_getattr_agp_dev( @@ -11377,16 +11957,22 @@ kernel

)

+Getattr the agp devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_execute_nfs_files( +dev_getattr_all_blk_files( @@ -11397,16 +11983,22 @@ kernel

)

+Getattr on all block file device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_get_all_fs_quotas( +dev_getattr_all_chr_files( @@ -11417,16 +12009,22 @@ kernel

)

+Getattr on all character file device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_all_fs( +dev_getattr_apm_bios( @@ -11437,16 +12035,22 @@ kernel

)

+Get the attributes of the apm bios device node. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_autofs( +dev_getattr_framebuffer( @@ -11457,16 +12061,22 @@ kernel

)

+Get the attributes of the framebuffer device node. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_cifs( +dev_getattr_generic_blk_file( @@ -11477,16 +12087,22 @@ kernel

)

+Allow getattr on generic block devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_dos_fs( +dev_getattr_generic_chr_file( @@ -11497,16 +12113,22 @@ kernel

)

+Allow getattr for generic character device files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_nfs( +dev_getattr_misc( @@ -11517,16 +12139,22 @@ kernel

)

+Get the attributes of miscellaneous devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_nfsd_fs( +dev_getattr_mouse( @@ -11537,16 +12165,22 @@ kernel

)

+Get the attributes of the mouse devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_ramfs( +dev_getattr_power_management( @@ -11557,16 +12191,22 @@ kernel

)

+Get the attributes of the the power management device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_romfs( +dev_getattr_scanner( @@ -11577,16 +12217,22 @@ kernel

)

+Get the attributes of the scanner device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_rpc_pipefs( +dev_getattr_snd_dev( @@ -11597,16 +12243,22 @@ kernel

)

+Get the attributes of the sound devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_tmpfs( +dev_getattr_sysfs_dir( @@ -11617,16 +12269,22 @@ kernel

)

+Get the attributes of sysfs directories. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_getattr_xattr_fs( +dev_getattr_video_dev( @@ -11637,16 +12295,22 @@ kernel

)

+Get the attributes of video4linux devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_make_fs( +dev_list_all_dev_nodes( @@ -11657,16 +12321,22 @@ kernel

)

+List all of the device nodes in a device directory. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_make_noxattr_fs( +dev_list_usbfs( @@ -11677,16 +12347,22 @@ kernel

)

+Allow caller to get a list of usb hardware. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_cifs_dirs( +dev_manage_all_blk_files( @@ -11697,16 +12373,22 @@ kernel

)

+Read, write, create, and delete all block device files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_cifs_files( +dev_manage_all_chr_files( @@ -11717,16 +12399,22 @@ kernel

)

+Read, write, create, and delete all character device files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_cifs_named_pipes( +dev_manage_dev_nodes( @@ -11737,16 +12425,22 @@ kernel

)

+Create, delete, read, and write device nodes in device directories. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_cifs_named_sockets( +dev_manage_generic_blk_file( @@ -11757,16 +12451,23 @@ kernel

)

+Allow read, write, create, and delete for generic +block files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_cifs_symlinks( +dev_manage_generic_blk_file( @@ -11777,16 +12478,22 @@ kernel

)

+Create, delete, read, and write block device files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_nfs_dirs( +dev_manage_generic_chr_file( @@ -11797,16 +12504,22 @@ kernel

)

+Create, delete, read, and write character device files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_nfs_files( +dev_manage_generic_symlinks( @@ -11817,16 +12530,22 @@ kernel

)

+Create, delete, read, and write symbolic links in device directories. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_nfs_named_pipes( +dev_mount_usbfs( @@ -11837,36 +12556,49 @@ kernel

)

+Mount a usbfs filesystem. +

-Module: -filesystem

+Module: +devices

Layer: kernel

 
-fs_manage_nfs_named_sockets(
+dev_node(
 	
-		domain
+		object_type
 		
 	)

+Make the passed in type a type appropriate for +use on device nodes (usually files in /dev). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_nfs_symlinks( +dev_read_cpuid( @@ -11877,16 +12609,22 @@ kernel

)

+Read the multiplexed input device (/dev/input). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_tmpfs_block_devices( +dev_read_framebuffer( @@ -11897,16 +12635,22 @@ kernel

)

+Read the framebuffer. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_manage_tmpfs_character_devices( +dev_read_input( @@ -11917,16 +12661,22 @@ kernel

)

+Read the multiplexed input device (/dev/input). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_all_fs( +dev_read_lvm_control( @@ -11937,16 +12687,22 @@ kernel

)

+Read the lvm comtrol device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_autofs( +dev_read_misc( @@ -11957,16 +12713,22 @@ kernel

)

+Read miscellaneous devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_cifs( +dev_read_mouse( @@ -11977,16 +12739,22 @@ kernel

)

+Read the mouse devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_dos_fs( +dev_read_mtrr( @@ -11997,16 +12765,22 @@ kernel

)

+Read the mtrr device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_iso9660_fs( +dev_read_rand( @@ -12017,16 +12791,22 @@ kernel

)

+Read from random devices (e.g., /dev/random) +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_iso9660_fs( +dev_read_raw_memory( @@ -12037,16 +12817,22 @@ kernel

)

+Read raw memory devices (e.g. /dev/mem). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_nfs( +dev_read_realtime_clock( @@ -12057,16 +12843,22 @@ kernel

)

+Read the realtime clock (/dev/rtc). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_nfs( +dev_read_snd_dev( @@ -12077,16 +12869,22 @@ kernel

)

+Read the sound devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_nfsd_fs( +dev_read_snd_mixer_dev( @@ -12097,16 +12895,22 @@ kernel

)

+Read the sound mixer devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_ramfs( +dev_read_sysfs( @@ -12117,16 +12921,22 @@ kernel

)

+Allow caller to read hardware state information. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_romfs( +dev_read_urand( @@ -12137,16 +12947,22 @@ kernel

)

+Read from pseudo random devices (e.g., /dev/urandom) +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_rpc_pipefs( +dev_read_usbfs( @@ -12157,16 +12973,23 @@ kernel

)

+Read USB hardware information using +the usbfs filesystem interface. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_tmpfs( +dev_relabel_all_dev_nodes( @@ -12177,16 +13000,22 @@ kernel

)

+Allow full relabeling (to and from) of all device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_mount_xattr_fs( +dev_relabel_dev_dirs( @@ -12197,16 +13026,22 @@ kernel

)

+Allow full relabeling (to and from) of directories in /dev. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_register_binary_executable_type( +dev_relabel_generic_symlinks( @@ -12217,16 +13052,22 @@ kernel

)

+Relabel symbolic links in device directories. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_relabel_tmpfs_block_devices( +dev_rw_agp_dev( @@ -12237,16 +13078,22 @@ kernel

)

+Read and write the agp devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_relabel_tmpfs_character_devices( +dev_rw_apm_bios( @@ -12257,16 +13104,22 @@ kernel

)

+Read and write the apm bios. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_relabelfrom_dos_fs( +dev_rw_cpu_microcode( @@ -12277,16 +13130,23 @@ kernel

)

+Read and write the the cpu microcode device. This +is required to load cpu microcode. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_relabelfrom_xattr_fs( +dev_rw_dri_dev( @@ -12297,16 +13157,22 @@ kernel

)

+Read and write the dri devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_all_fs( +dev_rw_lvm_control( @@ -12317,16 +13183,22 @@ kernel

)

+Read and write the lvm control device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_autofs( +dev_rw_null_dev( @@ -12337,16 +13209,22 @@ kernel

)

+Read and write to the null device (/dev/null). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_cifs( +dev_rw_power_management( @@ -12357,16 +13235,22 @@ kernel

)

+Read and write the the power management device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_dos_fs( +dev_rw_realtime_clock( @@ -12377,16 +13261,22 @@ kernel

)

+Read the realtime clock (/dev/rtc). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_iso9660_fs( +dev_rw_scanner( @@ -12397,16 +13287,22 @@ kernel

)

+Read and write the scanner device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_nfs( +dev_rw_sysfs( @@ -12417,16 +13313,22 @@ kernel

)

+Allow caller to modify hardware state information. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_nfsd_fs( +dev_rw_usbfs( @@ -12437,16 +13339,22 @@ kernel

)

+Allow caller to modify usb hardware configuration files. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_ramfs( +dev_rw_zero_dev( @@ -12457,16 +13365,22 @@ kernel

)

+Read and write to the zero device (/dev/zero). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_romfs( +dev_rwx_zero_dev( @@ -12477,16 +13391,22 @@ kernel

)

+Read, write, and execute the zero device (/dev/zero). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_rpc_pipefs( +dev_rx_raw_memory( @@ -12497,16 +13417,22 @@ kernel

)

+Read and execute raw memory devices (e.g. /dev/mem). +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_tmpfs( +dev_search_sysfs( @@ -12517,16 +13443,22 @@ kernel

)

+Search sysfs. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_remount_xattr_fs( +dev_search_usbfs( @@ -12537,16 +13469,22 @@ kernel

)

+Search the directory containing USB hardware information. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_set_all_quotas( +dev_setattr_all_blk_files( @@ -12557,16 +13495,22 @@ kernel

)

+Setattr on all block file device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_all_fs( +dev_setattr_all_chr_files( @@ -12577,16 +13521,22 @@ kernel

)

+Setattr on all character file device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_autofs( +dev_setattr_apm_bios( @@ -12597,16 +13547,22 @@ kernel

)

+Set the attributes of the apm bios device node. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_cifs( +dev_setattr_framebuffer( @@ -12617,16 +13573,22 @@ kernel

)

+Set the attributes of the framebuffer device node. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_dos_fs( +dev_setattr_misc( @@ -12637,16 +13599,22 @@ kernel

)

+Set the attributes of miscellaneous devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_iso9660_fs( +dev_setattr_mouse( @@ -12657,16 +13625,22 @@ kernel

)

+Set the attributes of the mouse devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_nfsd_fs( +dev_setattr_power_management( @@ -12677,16 +13651,22 @@ kernel

)

+Set the attributes of the the power management device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_ramfs( +dev_setattr_scanner( @@ -12697,16 +13677,22 @@ kernel

)

+Set the attributes of the scanner device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_romfs( +dev_setattr_snd_dev( @@ -12717,16 +13703,22 @@ kernel

)

+Set the attributes of the sound devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_rpc_pipefs( +dev_setattr_video_dev( @@ -12737,16 +13729,22 @@ kernel

)

+Set the attributes of video4linux device nodes. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_tmpfs( +dev_write_framebuffer( @@ -12757,16 +13755,22 @@ kernel

)

+Write the framebuffer. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_unmount_xattr_fs( +dev_write_misc( @@ -12777,16 +13781,22 @@ kernel

)

+Write miscellaneous devices. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_use_tmpfs_block_devices( +dev_write_mtrr( @@ -12797,16 +13807,22 @@ kernel

)

+Write the mtrr device. +

-Module: -filesystem

+Module: +devices

Layer: kernel

-fs_use_tmpfs_character_devices( +dev_write_rand( @@ -12817,16 +13833,24 @@ kernel

)

+Write to the random device (e.g., /dev/random). This adds +entropy used to generate the random data read from the +random device. +

-Module: -getty

-Layer: -system

+Module: +devices

+Layer: +kernel

-getty_domtrans( +dev_write_raw_memory( @@ -12837,16 +13861,22 @@ system

)

+Write raw memory devices (e.g. /dev/mem). +

-Module: -getty

-Layer: -system

+Module: +devices

+Layer: +kernel

-getty_modify_config( +dev_write_realtime_clock( @@ -12857,16 +13887,22 @@ system

)

+Read the realtime clock (/dev/rtc). +

-Module: -getty

-Layer: -system

+Module: +devices

+Layer: +kernel

-getty_read_config( +dev_write_snd_dev( @@ -12877,16 +13913,22 @@ system

)

+Write the sound devices. +

-Module: -getty

-Layer: -system

+Module: +devices

+Layer: +kernel

-getty_read_log( +dev_write_snd_mixer_dev( @@ -12897,16 +13939,22 @@ system

)

+Write the sound mixer devices. +

-Module: -hostname

-Layer: -system

+Module: +devices

+Layer: +kernel

-hostname_domtrans( +dev_write_urand( @@ -12917,16 +13965,23 @@ system

)

+Write to the pseudo random device (e.g., /dev/urandom). This +sets the random number generator seed. +

-Module: -hostname

-Layer: -system

+Module: +devices

+Layer: +kernel

-hostname_exec( +dev_wx_raw_memory( @@ -12937,16 +13992,22 @@ system

)

+Write and execute raw memory devices (e.g. /dev/mem). +

-Module: -hostname

-Layer: -system

+Module: +dmesg

+Layer: +admin

-hostname_run( +dmesg_domtrans( @@ -12954,35 +14015,19 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Module: -hotplug

-Layer: -system

+Module: +dmesg

+Layer: +admin

-hotplug_read_config( +dmesg_exec( @@ -12996,33 +14041,39 @@ system

-Module: -init

+Module: +domain

Layer: system

 
-init_read_script_process_state(
+domain_base_domain_type(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -init

+Module: +domain

Layer: system

-init_rw_script_tmp_files( +domain_dontaudit_getattr_all_tcp_sockets( @@ -13036,13 +14087,13 @@ system

-Module: -iptables

+Module: +domain

Layer: system

-iptables_domtrans( +domain_dontaudit_getattr_all_udp_sockets( @@ -13056,13 +14107,13 @@ system

-Module: -iptables

+Module: +domain

Layer: system

-iptables_exec( +domain_dontaudit_getattr_all_unix_dgram_sockets( @@ -13076,13 +14127,13 @@ system

-Module: -iptables

+Module: +domain

Layer: system

-iptables_run( +domain_dontaudit_getattr_all_unnamed_pipes( @@ -13090,35 +14141,19 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_change_ring_buffer_level( +domain_dontaudit_list_all_domains_proc( @@ -13132,93 +14167,117 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_clear_ring_buffer(
+domain_dontaudit_use_wide_inherit_fd(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_dontaudit_getattr_core(
+domain_dyntrans_type(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_dontaudit_getattr_message_if(
+domain_entry_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_dontaudit_getattr_unlabeled_blk_dev(
+domain_exec_all_entry_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_dontaudit_read_ring_buffer( +domain_getsession_all_domains( @@ -13232,13 +14291,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_dontaudit_read_system_state( +domain_kill_all_domains( @@ -13252,13 +14311,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_dontaudit_search_network_sysctl_dir( +domain_obj_id_change_exempt( @@ -13272,13 +14331,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_dontaudit_search_sysctl_dir( +domain_read_all_domains_state( @@ -13292,33 +14351,39 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_dontaudit_use_fd(
+domain_read_all_entry_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_get_sysvipc_info( +domain_role_change_exempt( @@ -13332,33 +14397,39 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_getattr_core(
+domain_setpriority_all_domains(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_getattr_message_if( +domain_sigchld_all_domains( @@ -13372,13 +14443,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_kill_unlabeled( +domain_sigchld_wide_inherit_fd( @@ -13389,16 +14460,23 @@ kernel

)

+Send a SIGCHLD signal to domains whose file +discriptors are widely inheritable. +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_load_module( +domain_signal_all_domains( @@ -13412,13 +14490,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_read_all_sysctl( +domain_signull_all_domains( @@ -13432,13 +14510,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_read_device_sysctl( +domain_sigstop_all_domains( @@ -13452,13 +14530,13 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

-kernel_read_fs_sysctl( +domain_subj_id_change_exempt( @@ -13472,153 +14550,195 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_read_hotplug_sysctl(
+domain_type(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_read_irq_sysctl(
+domain_use_wide_inherit_fd(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +domain

+Layer: +system

 
-kernel_read_kernel_sysctl(
+domain_wide_inherit_fd(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_messages(
+files_create_boot_flag(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_modprobe_sysctl(
+files_create_etc_config(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_net_sysctl(
+files_create_lock(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_network_state(
+files_create_pid(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_read_ring_buffer( +files_create_root( @@ -13626,99 +14746,147 @@ kernel

domain + + , + + + + [ + + private type + + ] + + + + , + + + + [ + + object + + ] + + )

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_software_raid_state(
+files_create_tmp_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_system_state(
+files_delete_all_locks(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_unix_sysctl(
+files_delete_all_pids(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_read_vm_sysctl(
+files_delete_all_tmp_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_relabel_unlabeled( +files_delete_etc_files( @@ -13732,33 +14900,39 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rootfs_mountpoint(
+files_delete_root_dir_entry(
 	
-		directory_type
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_rw_all_sysctl( +files_dontaudit_ioctl_all_pids( @@ -13772,93 +14946,117 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_device_sysctl(
+files_dontaudit_read_root_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_fs_sysctl(
+files_dontaudit_rw_root_chr_dev(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_hotplug_sysctl(
+files_dontaudit_rw_root_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_irq_sysctl(
+files_dontaudit_search_all_dirs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_rw_kernel_sysctl( +files_dontaudit_search_isid_type_dir( @@ -13869,56 +15067,75 @@ kernel

)

+Do not audit attempts to search directories on new filesystems +that have not yet been labeled. +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_modprobe_sysctl(
+files_dontaudit_search_pids(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_net_sysctl(
+files_dontaudit_search_var(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_rw_unix_sysctl( +files_dontaudit_write_all_pids( @@ -13932,33 +15149,39 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_rw_vm_sysctl(
+files_exec_etc_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_share_state( +files_exec_usr_files( @@ -13972,93 +15195,117 @@ kernel

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_sigchld_unlabeled(
+files_getattr_all_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_signal_unlabeled(
+files_getattr_generic_locks(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_signull_unlabeled(
+files_list_all_dirs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_sigstop_unlabeled(
+files_list_etc(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

-kernel_use_fd( +files_list_home( @@ -14069,124 +15316,152 @@ kernel

)

+Get listing of home directories. +

-Module: -kernel

-Layer: -kernel

+Module: +files

+Layer: +system

 
-kernel_userland_entry(
-	
-		
-		
-		
-		domain
-		
+files_list_mnt(
 	
 		
-			,
-		
 		
 		
-		entrypoint
+		?
 		
 	
 	)

 

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_domtrans_ldconfig(
+files_list_pids(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_exec_ld_so(
+files_list_root(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_exec_lib_files(
+files_list_spool(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_legacy_use_ld_so(
+files_lock_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

-libs_legacy_use_shared_libs( +files_manage_all_files( @@ -14194,135 +15469,161 @@ system

domain - )
-

+ + , + + + + [ + + exception_types + + ] + + + )
+

-Module: -libraries

+Module: +files

Layer: system

 
-libs_read_lib(
+files_manage_etc_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_run_ldconfig(
-	
-		
-		
-		
-		domain
-		
-	
-		
-			,
-		
-		
-		
-		role
-		
+files_manage_etc_runtime_files(
 	
 		
-			,
-		
 		
 		
-		terminal
+		?
 		
 	
 	)

 

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_rw_ld_so_cache(
+files_manage_generic_locks(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_use_ld_so(
+files_manage_generic_spool_dirs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -libraries

+Module: +files

Layer: system

 
-libs_use_shared_libs(
+files_manage_generic_spools(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -locallogin

+Module: +files

Layer: system

-locallogin_domtrans( +files_manage_isid_type_blk_node( @@ -14333,16 +15634,23 @@ system

)

+Create, read, write, and delete block device nodes +on new filesystems that have not yet been labeled. +

-Module: -locallogin

+Module: +files

Layer: system

-locallogin_use_fd( +files_manage_isid_type_chr_node( @@ -14353,16 +15661,23 @@ system

)

+Create, read, write, and delete character device nodes +on new filesystems that have not yet been labeled. +

-Module: -logging

+Module: +files

Layer: system

-logging_search_logs( +files_manage_isid_type_dir( @@ -14373,16 +15688,23 @@ system

)

+Create, read, write, and delete directories +on new filesystems that have not yet been labeled. +

-Module: -lvm

+Module: +files

Layer: system

-lvm_domtrans( +files_manage_isid_type_file( @@ -14393,16 +15715,23 @@ system

)

+Create, read, write, and delete files +on new filesystems that have not yet been labeled. +

-Module: -lvm

+Module: +files

Layer: system

-lvm_read_config( +files_manage_isid_type_symlink( @@ -14413,16 +15742,23 @@ system

)

+Create, read, write, and delete symbolic links +on new filesystems that have not yet been labeled. +

-Module: -lvm

+Module: +files

Layer: system

-lvm_run( +files_manage_lost_found( @@ -14430,271 +15766,338 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

+Create, read, write, and delete objects in +lost+found directories. +

-Module: -miscfiles

+Module: +files

Layer: system

 
-miscfiles_legacy_read_localization(
+files_manage_urandom_seed(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -miscfiles

+Module: +files

Layer: system

 
-miscfiles_read_fonts(
+files_mount_all_file_type_fs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -miscfiles

+Module: +files

Layer: system

 
-miscfiles_read_localization(
+files_mounton_all_mountpoints(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -miscfiles

+Module: +files

Layer: system

 
-miscfiles_read_man_pages(
+files_mountpoint(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -miscfiles

+Module: +files

Layer: system

 
-miscfiles_rw_man_cache(
+files_pid_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_domtrans_depmod(
+files_read_all_pids(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_domtrans_insmod(
+files_read_etc_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_domtrans_update_mods(
+files_read_etc_runtime_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_read_kernel_module_dependencies(
+files_read_generic_spools(
 	
-		domain
+		?
 		
 	)

- +

+Summary is missing! +

+ +

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_read_module_conf(
+files_read_usr_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_run_depmod(
+files_read_usr_src_files(
 	
 		
 		
 		
-		domain
+		?
 		
 	
-		
-			,
-		
-		
-		
-		role
-		
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +files

+Layer: +system

+
+files_read_var_files(
 	
-			,
-		
 		
-		terminal
+		domain
 		
 	)

+Read files in the /var directory. +

-Module: -modutils

+Module: +files

Layer: system

-modutils_run_insmod( +files_relabel_all_files( @@ -14707,15 +16110,11 @@ system

- role - - - - , - + [ + exception_types - terminal + ] )
@@ -14724,69 +16123,91 @@ system

-Module: -modutils

+Module: +files

Layer: system

 
-modutils_run_update_mods(
+files_relabelto_all_file_type_fs(
 	
 		
 		
 		
-		domain
+		?
 		
 	
-		
-			,
-		
-		
-		
-		role
-		
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +files

+Layer: +system

+
+files_rw_etc_files(
 	
-			,
-		
 		
-		terminal
+		?
 		
 	)

+Summary is missing! +

-Module: -mount

+Module: +files

Layer: system

 
-mount_domtrans(
+files_rw_generic_pids(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -mount

+Module: +files

Layer: system

-mount_run( +files_rw_isid_type_blk_node( @@ -14794,35 +16215,26 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

+Read and write block device nodes on new filesystems +that have not yet been labeled. +

-Module: -mount

+Module: +files

Layer: system

-mount_send_nfs_client_request( +files_rw_isid_type_dir( @@ -14833,76 +16245,101 @@ system

)

+Read and write directories on new filesystems +that have not yet been labeled. +

-Module: -mount

+Module: +files

Layer: system

 
-mount_use_fd(
+files_search_all_dirs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -mta

-Layer: -services

+Module: +files

+Layer: +system

 
-mta_read_aliases(
+files_search_etc(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -remotelogin

-Layer: -services

+Module: +files

+Layer: +system

 
-remotelogin_domtrans(
+files_search_generic_locks(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -rpm

-Layer: -admin

+Module: +files

+Layer: +system

-rpm_domtrans( +files_search_home( @@ -14913,132 +16350,178 @@ admin

)

+Search home directories. +

-Module: -rpm

-Layer: -admin

+Module: +files

+Layer: +system

 
-rpm_read_db(
+files_search_mnt(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -rpm

-Layer: -admin

+Module: +files

+Layer: +system

 
-rpm_read_pipe(
+files_search_pids(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -rpm

-Layer: -admin

+Module: +files

+Layer: +system

 
-rpm_run(
+files_search_spool(
 	
 		
 		
 		
-		domain
+		?
 		
 	
-		
-			,
-		
-		
-		
-		role
-		
+	)

+

+ +

+Summary is missing! +

+ +

+Module: +files

+Layer: +system

+
+files_search_tmp(
 	
-			,
-		
 		
-		terminal
+		domain
 		
 	)

+Search the tmp directory (/tmp) +

-Module: -rpm

-Layer: -admin

+Module: +files

+Layer: +system

 
-rpm_use_fd(
+files_search_usr(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

 
-selinux_compute_access_vector(
+files_search_var(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

-selinux_compute_create_context( +files_search_var_lib( @@ -15052,38 +16535,44 @@ kernel

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

 
-selinux_compute_relabel_context(
+files_tmp_file(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

-selinux_compute_user_contexts( +files_tmpfs_file( - domain + type )
@@ -15092,90 +16581,96 @@ kernel

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

 
-selinux_get_enforce_mode(
+files_type(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

 
-selinux_get_fs_mount(
+files_unmount_all_file_type_fs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinux

-Layer: -kernel

+Module: +files

+Layer: +system

 
-selinux_load_policy(
+files_unmount_rootfs(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinux

+Module: +filesystem

Layer: kernel

-selinux_set_boolean( - - - - - domain - +fs_associate( - , - - - [ - - booltype - ] + file_type )
@@ -15184,18 +16679,18 @@ kernel

-Module: -selinux

+Module: +filesystem

Layer: kernel

-selinux_set_enforce_mode( +fs_associate_noxattr( - domain + file_type )
@@ -15204,18 +16699,18 @@ kernel

-Module: -selinux

+Module: +filesystem

Layer: kernel

-selinux_set_parameters( +fs_associate_tmpfs( - domain + type )
@@ -15224,33 +16719,39 @@ kernel

-Module: -selinux

+Module: +filesystem

Layer: kernel

 
-selinux_validate_context(
+fs_create_tmpfs_data(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -sendmail

-Layer: -services

+Module: +filesystem

+Layer: +kernel

-sendmail_domtrans( +fs_dontaudit_getattr_all_fs( @@ -15264,13 +16765,13 @@ services

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_domtrans_checkpol( +fs_dontaudit_getattr_xattr_fs( @@ -15284,13 +16785,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_domtrans_loadpol( +fs_dontaudit_rw_cifs_files( @@ -15304,13 +16805,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_domtrans_newrole( +fs_dontaudit_rw_nfs_files( @@ -15324,13 +16825,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_domtrans_restorecon( +fs_execute_cifs_files( @@ -15344,13 +16845,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_domtrans_runinit( +fs_execute_nfs_files( @@ -15364,13 +16865,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_domtrans_setfiles( +fs_get_all_fs_quotas( @@ -15384,33 +16885,39 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

 
-seutil_dontaudit_newrole_signal(
+fs_getattr_all_files(
 	
-		domain
+		?
 		
 	)

+Summary is missing! +

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_relabelto_binary_pol( +fs_getattr_all_fs( @@ -15424,13 +16931,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_run_checkpol( +fs_getattr_autofs( @@ -15438,35 +16945,19 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_run_loadpol( +fs_getattr_cifs( @@ -15474,35 +16965,19 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_run_newrole( +fs_getattr_dos_fs( @@ -15510,35 +16985,19 @@ system

domain - - , - - - - role - - - - , - - - - terminal - - )

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_run_restorecon( +fs_getattr_iso9660_fs( @@ -15546,20 +17005,24 @@ system

domain - - , - - - - role - + )
+

+ +

+Module: +filesystem

+Layer: +kernel

+ +fs_getattr_nfs( - , - - terminal + domain )
@@ -15568,13 +17031,13 @@ system

-Module: -selinuxutil

-Layer: -system

+Module: +filesystem

+Layer: +kernel

-seutil_run_runinit( +fs_getattr_nfsd_fs( @@ -15582,20 +17045,24 @@ system

domain - - , - - - - role - + )
+

+ +

+Module: +filesystem

+Layer: +kernel

+ +fs_getattr_ramfs( - , - - terminal + domain )
@@ -15604,13 +17071,13 @@ system

-Module:

-Layer: -system

+Module: +filesystem

+Layer: +kernel

+ +

+Module:

+Layer: +kernel

bootloader

-Policy for kernel threads, proc filesystem, +Policy for kernel threads, proc filesystem, and unlabeled processes and objects.

- The type of the process performing this action. +The type of the process performing this action.

No @@ -131,7 +145,7 @@ No

Description

- Install a system.map into the /boot directory. +Install a system.map into the /boot directory.

Parameters

@@ -142,7 +156,48 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ + +

+
+bootloader_create_modules(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

@@ -612,7 +667,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -622,7 +677,7 @@ No role

- The role to be allowed the bootloader domain. +The role to be allowed the bootloader domain.

@@ -758,7 +813,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -773,7 +828,7 @@ No

-bootloader_search_boot_dir( +bootloader_search_boot( @@ -788,7 +843,7 @@ No

Description

- Search the /boot directory. +Search the /boot directory.

Parameters

@@ -799,7 +854,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -829,7 +884,7 @@ No

Description

- Write kernel module files. +Write kernel module files.

Parameters

@@ -840,7 +895,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -851,6 +906,9 @@ No +Return + + diff --git a/www/api-docs/kernel_corenetwork.html b/www/api-docs/kernel_corenetwork.html index 04f0ba2..aac2e08 100644 --- a/www/api-docs/kernel_corenetwork.html +++ b/www/api-docs/kernel_corenetwork.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -59,15 +65,23 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: corenetwork

+ + +

Description:

Policy controlling access to network objects

+ +

Interfaces:

@@ -75,7 +89,2385 @@

 
-corenet_raw_receive_compat_ipv4_node(
+corenet_dontaudit_tcp_bind_all_reserved_ports(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Do not audit attempts to bind TCP sockets to all reserved ports. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to not audit. + +	+No +

+ +

+ + +

+
+corenet_dontaudit_udp_bind_all_reserved_ports(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Do not audit attempts to bind UDP sockets to all reserved ports. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to not audit. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_all_if(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Receive raw IP packets on all interfaces. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_all_nodes(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Receive raw IP packets on all nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_compat_ipv4_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the compat_ipv4 node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_eth0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the eth0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_eth1(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the eth1 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_eth2(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the eth2 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_generic_if(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Receive raw IP packets on generic interfaces. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_generic_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Receive raw IP packets on generic nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_inaddr_any_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the inaddr_any node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_ippp0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the ippp0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_ipsec0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the ipsec0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_ipsec1(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the ipsec1 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_ipsec2(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the ipsec2 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_link_local_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the link_local node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_lo(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the lo interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_lo_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the lo node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_mapped_ipv4_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the mapped_ipv4 node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_multicast_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the multicast node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_site_local_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the site_local node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_receive_unspec_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Receive raw IP packets on the unspec node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_all_if(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send raw IP packets on all interfaces. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_all_nodes(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send raw IP packets on all nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_compat_ipv4_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the compat_ipv4 node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_eth0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the eth0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_eth1(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the eth1 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_eth2(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the eth2 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_generic_if(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send raw IP packets on generic interfaces. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_generic_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send raw IP packets on generic nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_inaddr_any_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the inaddr_any node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_ippp0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the ippp0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_ipsec0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the ipsec0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_ipsec1(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the ipsec1 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_ipsec2(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the ipsec2 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_link_local_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the link_local node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_lo(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the lo interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_lo_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the lo node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_mapped_ipv4_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the mapped_ipv4 node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_multicast_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the multicast node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_site_local_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the site_local node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_send_unspec_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send raw IP packets on the unspec node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_all_if(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send and receive raw IP packets on all interfaces. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_all_nodes(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send and receive raw IP packets on all nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_compat_ipv4_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the compat_ipv4 node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_eth0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the eth0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_eth1(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the eth1 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_eth2(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the eth2 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_generic_if(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send and receive raw IP packets on generic interfaces. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_generic_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send and receive raw IP packets on generic nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_inaddr_any_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the inaddr_any node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_ippp0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the ippp0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_ipsec0(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the ipsec0 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_ipsec1(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the ipsec1 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_ipsec2(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the ipsec2 interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_link_local_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the link_local node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_lo(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the lo interface. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corenet_raw_sendrecv_lo_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send and receive raw IP packets on the lo node. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

- The type of the process performing this action. +The type of the process performing this action.

No @@ -239,7 +2631,7 @@ No

 
-corenet_raw_receive_inaddr_any_node(
+corenet_tcp_bind_all_nodes(
 	
@@ -251,12 +2643,12 @@ No

- -

Description

Summary

- Receive raw IP packets on the inaddr_any node. +Bind TCP sockets to all nodes.

Parameters

@@ -265,7 +2657,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -280,7 +2672,7 @@ No

 
-corenet_raw_receive_ippp0(
+corenet_tcp_bind_all_ports(
 	
@@ -292,12 +2684,12 @@ No

- -

Description

Summary

- Receive raw IP packets on the ippp0 interface. +Bind TCP sockets to all ports.

Parameters

@@ -306,7 +2698,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -321,7 +2713,7 @@ No

 
-corenet_raw_receive_ipsec0(
+corenet_tcp_bind_all_reserved_ports(
 	
@@ -333,12 +2725,12 @@ No

- -

Description

Summary

- Receive raw IP packets on the ipsec0 interface. +Bind TCP sockets to all reserved ports.

Parameters

@@ -347,7 +2739,7 @@ No domain

@@ -757,7 +3149,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -772,7 +3164,7 @@ No

 
-corenet_raw_send_eth0(
+corenet_tcp_bind_generic_node(
 	
@@ -784,12 +3176,12 @@ No

- -

Description

Summary

- Send raw IP packets on the eth0 interface. +Bind TCP sockets to generic nodes.

Parameters

@@ -798,7 +3190,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -813,7 +3205,7 @@ No

 
-corenet_raw_send_eth1(
+corenet_tcp_bind_generic_port(
 	
@@ -825,12 +3217,12 @@ No

- -

Description

Summary

- Send raw IP packets on the eth1 interface. +Bind TCP sockets to generic ports.

Parameters

@@ -839,7 +3231,7 @@ No domain

@@ -1905,7 +4297,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -1920,7 +4312,7 @@ No

 
-corenet_raw_sendrecv_multicast_node(
+corenet_tcp_bind_reserved_port(
 	
@@ -1932,12 +4324,12 @@ No

- -

Description

Summary

- Send and receive raw IP packets on the multicast node. +Bind TCP sockets to generic reserved ports.

Parameters

@@ -1946,7 +4338,7 @@ No domain

@@ -2561,7 +4953,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -2576,7 +4968,7 @@ No

 
-corenet_tcp_bind_inaddr_any_node(
+corenet_tcp_sendrecv_all_if(
 	
@@ -2588,12 +4980,12 @@ No

- -

Description

Summary

- Bind TCP sockets to node inaddr_any. +Send and receive TCP network traffic on all interfaces.

Parameters

@@ -2602,7 +4994,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -2617,7 +5009,7 @@ No

 
-corenet_tcp_bind_inetd_child_port(
+corenet_tcp_sendrecv_all_nodes(
 	
@@ -2629,12 +5021,12 @@ No

- -

Description

Summary

- Bind TCP sockets to the inetd_child port. +Send and receive TCP network traffic on all nodes.

Parameters

@@ -2643,7 +5035,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -2658,7 +5050,7 @@ No

 
-corenet_tcp_bind_innd_port(
+corenet_tcp_sendrecv_all_ports(
 	
@@ -2670,12 +5062,12 @@ No

- -

Description

Summary

- Bind TCP sockets to the innd port. +Send and receive TCP network traffic on all ports.

Parameters

@@ -2684,7 +5076,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -2699,7 +5091,7 @@ No

 
-corenet_tcp_bind_ipp_port(
+corenet_tcp_sendrecv_all_reserved_ports(
 	
@@ -2711,12 +5103,12 @@ No

- -

Description

Summary

- Bind TCP sockets to the ipp port. +Send and receive TCP network traffic on all reserved ports.

Parameters

@@ -2725,7 +5117,7 @@ No domain

@@ -3258,7 +5650,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -3273,7 +5665,7 @@ No

 
-corenet_tcp_bind_portmap_port(
+corenet_tcp_sendrecv_generic_if(
 	
@@ -3285,12 +5677,12 @@ No

- -

Description

Summary

- Bind TCP sockets to the portmap port. +Send and receive TCP network traffic on the generic interfaces.

Parameters

@@ -3299,7 +5691,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -3314,7 +5706,7 @@ No

 
-corenet_tcp_bind_postgresql_port(
+corenet_tcp_sendrecv_generic_node(
 	
@@ -3326,12 +5718,12 @@ No

- -

Description

Summary

- Bind TCP sockets to the postgresql port. +Send and receive TCP network traffic on generic nodes.

Parameters

@@ -3340,7 +5732,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -3355,7 +5747,7 @@ No

 
-corenet_tcp_bind_printer_port(
+corenet_tcp_sendrecv_generic_port(
 	
@@ -3367,12 +5759,12 @@ No

- -

Description

Summary

- Bind TCP sockets to the printer port. +Send and receive TCP network traffic on generic ports.

Parameters

@@ -3381,7 +5773,7 @@ No domain

@@ -4652,7 +7044,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -4667,7 +7059,7 @@ No

 
-corenet_tcp_sendrecv_generic_if(
+corenet_tcp_sendrecv_reserved_port(
 	
@@ -4679,12 +7071,12 @@ No

- -

Description

Summary

- Send and receive TCP network traffic on the general interfaces. +Send and receive TCP network traffic on generic reserved ports.

Parameters

@@ -4693,7 +7085,7 @@ No domain

@@ -5308,7 +7700,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -5323,7 +7715,7 @@ No

 
-corenet_tcp_sendrecv_ldap_port(
+corenet_udp_bind_all_nodes(
 	
@@ -5335,12 +7727,12 @@ No

- -

Description

Summary

- Send and receive TCP traffic on the ldap port. +Bind UDP sockets to all nodes.

Parameters

@@ -5349,7 +7741,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -5364,7 +7756,7 @@ No

 
-corenet_tcp_sendrecv_link_local_node(
+corenet_udp_bind_all_ports(
 	
@@ -5376,12 +7768,12 @@ No

- -

Description

Summary

- Send and receive TCP traffic on the link_local node. +Bind UDP sockets to all ports.

Parameters

@@ -5390,7 +7782,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -5405,7 +7797,7 @@ No

 
-corenet_tcp_sendrecv_lo(
+corenet_udp_bind_all_reserved_ports(
 	
@@ -5417,12 +7809,12 @@ No

- -

Description

Summary

- Send and receive TCP network traffic on the lo interface. +Bind UDP sockets to all reserved ports.

Parameters

@@ -5431,7 +7823,7 @@ No domain

@@ -5841,7 +8233,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -5856,7 +8248,7 @@ No

 
-corenet_tcp_sendrecv_pxe_port(
+corenet_udp_bind_generic_node(
 	
@@ -5868,12 +8260,12 @@ No

- -

Description

Summary

- Send and receive TCP traffic on the pxe port. +Bind UDP sockets to generic nodes.

Parameters

@@ -5882,7 +8274,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -5897,7 +8289,7 @@ No

 
-corenet_tcp_sendrecv_radacct_port(
+corenet_udp_bind_generic_port(
 	
@@ -5909,12 +8301,12 @@ No

- -

Description

Summary

- Send and receive TCP traffic on the radacct port. +Bind UDP sockets to generic ports.

Parameters

@@ -5923,7 +8315,7 @@ No domain

@@ -6989,7 +9381,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -7004,7 +9396,7 @@ No

 
-corenet_udp_bind_howl_port(
+corenet_udp_bind_reserved_port(
 	
@@ -7016,12 +9408,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the howl port. +Bind UDP sockets to generic reserved ports.

Parameters

@@ -7030,7 +9422,7 @@ No domain

@@ -7645,7 +10037,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -7660,7 +10052,7 @@ No

 
-corenet_udp_bind_multicast_node(
+corenet_udp_receive_all_if(
 	
@@ -7672,12 +10064,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the multicast node. +Receive UDP network traffic on all interfaces.

Parameters

@@ -7686,7 +10078,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -7701,7 +10093,7 @@ No

 
-corenet_udp_bind_mysqld_port(
+corenet_udp_receive_all_nodes(
 	
@@ -7713,12 +10105,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the mysqld port. +Receive UDP network traffic on all nodes.

Parameters

@@ -7727,7 +10119,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -7742,7 +10134,7 @@ No

 
-corenet_udp_bind_nmbd_port(
+corenet_udp_receive_all_ports(
 	
@@ -7754,12 +10146,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the nmbd port. +Receive UDP network traffic on all ports.

Parameters

@@ -7768,7 +10160,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -7783,7 +10175,7 @@ No

 
-corenet_udp_bind_pop_port(
+corenet_udp_receive_all_reserved_ports(
 	
@@ -7795,12 +10187,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the pop port. +Receive UDP network traffic on all reserved ports.

Parameters

@@ -7809,7 +10201,7 @@ No domain

@@ -8342,7 +10734,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -8357,7 +10749,7 @@ No

 
-corenet_udp_bind_swat_port(
+corenet_udp_receive_generic_if(
 	
@@ -8369,12 +10761,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the swat port. +Receive UDP network traffic on generic interfaces.

Parameters

@@ -8383,7 +10775,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -8398,7 +10790,7 @@ No

 
-corenet_udp_bind_syslogd_port(
+corenet_udp_receive_generic_node(
 	
@@ -8410,12 +10802,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the syslogd port. +Receive UDP network traffic on generic nodes.

Parameters

@@ -8424,7 +10816,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -8439,7 +10831,7 @@ No

 
-corenet_udp_bind_telnetd_port(
+corenet_udp_receive_generic_port(
 	
@@ -8451,12 +10843,12 @@ No

- -

Description

Summary

- Bind UDP sockets to the telnetd port. +Receive UDP network traffic on generic ports.

Parameters

@@ -8465,7 +10857,7 @@ No domain

@@ -9736,7 +12128,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -9751,7 +12143,7 @@ No

 
-corenet_udp_receive_kerberos_port(
+corenet_udp_receive_reserved_port(
 	
@@ -9763,12 +12155,12 @@ No

- -

Description

Summary

- Receive UDP traffic on the kerberos port. +Receive UDP network traffic on generic reserved ports.

Parameters

@@ -9777,7 +12169,7 @@ No domain

@@ -10392,7 +12784,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -10407,7 +12799,7 @@ No

 
-corenet_udp_receive_radacct_port(
+corenet_udp_send_all_if(
 	
@@ -10419,12 +12811,12 @@ No

- -

Description

Summary

- Receive UDP traffic on the radacct port. +Send UDP network traffic on all interfaces.

Parameters

@@ -10433,7 +12825,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -10448,7 +12840,7 @@ No

 
-corenet_udp_receive_radius_port(
+corenet_udp_send_all_nodes(
 	
@@ -10460,12 +12852,12 @@ No

- -

Description

Summary

- Receive UDP traffic on the radius port. +Send UDP network traffic on all nodes.

Parameters

@@ -10474,7 +12866,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -10489,7 +12881,7 @@ No

 
-corenet_udp_receive_rsh_port(
+corenet_udp_send_all_ports(
 	
@@ -10501,12 +12893,12 @@ No

- -

Description

Summary

- Receive UDP traffic on the rsh port. +Send UDP network traffic on all ports.

Parameters

@@ -10515,7 +12907,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -10530,7 +12922,7 @@ No

 
-corenet_udp_receive_rsync_port(
+corenet_udp_send_all_reserved_ports(
 	
@@ -10542,12 +12934,12 @@ No

- -

Description

Summary

- Receive UDP traffic on the rsync port. +Send UDP network traffic on all reserved ports.

Parameters

@@ -10556,7 +12948,7 @@ No domain

@@ -11089,7 +13481,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -11104,7 +13496,7 @@ No

 
-corenet_udp_send_amanda_port(
+corenet_udp_send_generic_if(
 	
@@ -11116,12 +13508,12 @@ No

- -

Description

Summary

- Send UDP traffic on the amanda port. +Send UDP network traffic on generic interfaces.

Parameters

@@ -11130,7 +13522,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -11145,7 +13537,7 @@ No

 
-corenet_udp_send_compat_ipv4_node(
+corenet_udp_send_generic_node(
 	
@@ -11157,12 +13549,12 @@ No

- -

Description

Summary

- Send UDP traffic on the compat_ipv4 node. +Send UDP network traffic on generic nodes.

Parameters

@@ -11171,7 +13563,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -11186,7 +13578,7 @@ No

 
-corenet_udp_send_dbskkd_port(
+corenet_udp_send_generic_port(
 	
@@ -11198,12 +13590,12 @@ No

- -

Description

Summary

- Send UDP traffic on the dbskkd port. +Send UDP network traffic on generic ports.

Parameters

@@ -11212,7 +13604,7 @@ No domain

@@ -12483,7 +14875,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -12498,7 +14890,7 @@ No

 
-corenet_udp_send_multicast_node(
+corenet_udp_send_reserved_port(
 	
@@ -12510,12 +14902,12 @@ No

- -

Description

Summary

- Send UDP traffic on the multicast node. +Send UDP network traffic on generic reserved ports.

Parameters

@@ -12524,7 +14916,7 @@ No domain

@@ -13139,7 +15531,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13154,7 +15546,7 @@ No

 
-corenet_udp_send_ssh_port(
+corenet_udp_sendrecv_all_if(
 	
@@ -13166,12 +15558,12 @@ No

- -

Description

Summary

- Send UDP traffic on the ssh port. +Send and receive UDP network traffic on all interfaces.

Parameters

@@ -13180,7 +15572,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13195,7 +15587,7 @@ No

 
-corenet_udp_send_swat_port(
+corenet_udp_sendrecv_all_nodes(
 	
@@ -13207,12 +15599,12 @@ No

- -

Description

Summary

- Send UDP traffic on the swat port. +Send and receive UDP network traffic on all nodes.

Parameters

@@ -13221,7 +15613,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13236,7 +15628,7 @@ No

 
-corenet_udp_send_syslogd_port(
+corenet_udp_sendrecv_all_ports(
 	
@@ -13248,12 +15640,12 @@ No

- -

Description

Summary

- Send UDP traffic on the syslogd port. +Send and receive UDP network traffic on all ports.

Parameters

@@ -13262,7 +15654,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13277,7 +15669,7 @@ No

 
-corenet_udp_send_telnetd_port(
+corenet_udp_sendrecv_all_reserved_ports(
 	
@@ -13289,12 +15681,12 @@ No

- -

Description

Summary

- Send UDP traffic on the telnetd port. +Send and receive UDP network traffic on all reserved ports.

Parameters

@@ -13303,7 +15695,7 @@ No domain

@@ -13836,7 +16228,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13851,7 +16243,7 @@ No

 
-corenetwork_sendrecv_udp_on_amanda_port(
+corenet_udp_sendrecv_generic_if(
 	
@@ -13863,12 +16255,12 @@ No

- -

Description

Summary

- Send and receive UDP traffic on the amanda port. +Send and Receive UDP network traffic on generic interfaces.

Parameters

@@ -13877,7 +16269,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13892,7 +16284,7 @@ No

 
-corenetwork_sendrecv_udp_on_dbskkd_port(
+corenet_udp_sendrecv_generic_node(
 	
@@ -13904,12 +16296,12 @@ No

- -

Description

Summary

- Send and receive UDP traffic on the dbskkd port. +Send and receive UDP network traffic on generic nodes.

Parameters

@@ -13918,7 +16310,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -13933,7 +16325,7 @@ No

 
-corenetwork_sendrecv_udp_on_dhcpc_port(
+corenet_udp_sendrecv_generic_port(
 	
@@ -13945,12 +16337,12 @@ No

- -

Description

Summary

- Send and receive UDP traffic on the dhcpc port. +Send and receive UDP network traffic on generic ports.

Parameters

@@ -13959,7 +16351,7 @@ No domain

@@ -15230,7 +17622,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -15245,7 +17637,7 @@ No

 
-corenetwork_sendrecv_udp_on_printer_port(
+corenet_udp_sendrecv_reserved_port(
 	
@@ -15257,12 +17649,12 @@ No

- -

Description

Summary

- Send and receive UDP traffic on the printer port. +Send and receive UDP network traffic on generic reserved ports.

Parameters

@@ -15271,7 +17663,7 @@ No domain

@@ -15886,7 +18278,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -15901,7 +18293,7 @@ No

 
-corenetwork_sendrecv_udp_on_zebra_port(
+corenet_use_tun_tap_device(
 	
@@ -15913,12 +18305,12 @@ No

- -

Description

Summary

- Send and receive UDP traffic on the zebra port. +Read and write the TUN/TAP virtual network device.

Parameters

@@ -15927,7 +18319,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +The domain allowed access.

No @@ -15938,6 +18330,9 @@ No +Return + + diff --git a/www/api-docs/kernel_devices.html b/www/api-docs/kernel_devices.html index 14a1a9d..c899619 100644 --- a/www/api-docs/kernel_devices.html +++ b/www/api-docs/kernel_devices.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -59,11 +65,17 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: devices

+ + +

Description:

@@ -80,10 +92,12 @@ are used to label device nodes should use the dev_node macro.

Additionally, this module controls access to three things: -

the device directories containing device nodes
device nodes as a group
individual access to specific device nodes covered by - this module.

the device directories containing device nodes
device nodes as a group
individual access to specific device nodes covered by + this module.

+ +

Interfaces:

@@ -121,8 +135,8 @@ Additionally, this module controls access to three things:

Summary

- Create, read, and write device nodes. The node - will be transitioned to the type provided. +Create, read, and write device nodes. The node +will be transitioned to the type provided.

@@ -134,7 +148,7 @@ Additionally, this module controls access to three things: domain

- Domain allowed access. +Domain allowed access.

No @@ -144,7 +158,7 @@ No file

- Dontaudit getattr on all character file device nodes. +Dontaudit getattr on all character file device nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain to dontaudit access. + +	+No +

+ + + +

+ + +

+
+dev_dontaudit_getattr_apm_bios(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Do not audit attempts to get the attributes of +the apm bios device node.

@@ -401,7 +457,7 @@ No domain

- Domain to dontaudit access. +Domain to not audit.

No @@ -430,7 +486,7 @@ No

Summary

- Dontaudit getattr on generic block devices. +Dontaudit getattr on generic block devices.

@@ -442,7 +498,7 @@ No domain

- Domain to dontaudit access. +Domain to dontaudit access.

No @@ -471,7 +527,7 @@ No

- List all of the device nodes in a device directory. +Do not audit attempts to set the attributes of +the apm bios device node.

@@ -893,7 +953,7 @@ No domain

- Domain allowed to list device nodes. +Domain to not audit.

No @@ -908,7 +968,7 @@ No

 
-dev_list_usbfs(
+dev_dontaudit_setattr_framebuffer(
 	
@@ -920,12 +980,13 @@ No

- -

Description

Summary

- Allow caller to get a list of usb hardware. +Dot not audit attempts to set the attributes +of the framebuffer device node.

Parameters

@@ -934,7 +995,7 @@ No domain

Parameter:

- Make the passed in type a type appropriate for - use on device nodes (usually files in /dev). +Getattr on all character file device nodes.

@@ -1261,10 +1323,10 @@ No

Parameter:

Description:

- Read the sound mixer devices. +List all of the device nodes in a device directory.

@@ -1756,7 +1818,7 @@ No domain

- Domain allowed access. +Domain allowed to list device nodes.

No @@ -1771,7 +1833,7 @@ No

 
-dev_read_sysfs(
+dev_list_usbfs(
 	
@@ -1783,12 +1845,12 @@ No

- -

Description

Summary

- Allow caller to read hardware state information. +Allow caller to get a list of usb hardware.

Parameters

@@ -1797,7 +1859,7 @@ No domain

Parameter:

Description:

Optional:

- The process type reading hardware state information. +The process type getting the list.

No @@ -1812,7 +1874,7 @@ No

-dev_read_urand( +dev_manage_all_blk_files( @@ -1826,7 +1888,7 @@ No

Summary

- Read from pseudo random devices (e.g., /dev/urandom) +Read, write, create, and delete all block device files.

@@ -1838,7 +1900,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -1853,7 +1915,7 @@ No

 
-dev_read_usbfs(
+dev_manage_all_chr_files(
 	
@@ -1865,13 +1927,12 @@ No

- -

Description

Summary

- Read USB hardware information using - the usbfs filesystem interface. +Read, write, create, and delete all character device files.

Parameters

@@ -1880,7 +1941,7 @@ No domain

Parameter:

- Read and write the lvm control device. +Mount a usbfs filesystem.

@@ -2127,7 +2188,7 @@ No domain

- Domain allowed access. +The type of the process performing this action.

No @@ -2142,7 +2203,49 @@ No

 
-dev_rw_null_dev(
+dev_node(
+	
+		
+		
+		
+		object_type
+		
+	
+	)

+

+ +

Summary

+Make the passed in type a type appropriate for +use on device nodes (usually files in /dev). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+object_type +	+ +The object type that will be used on device nodes. + +	+No +

+ + +

+ +dev_read_cpuid( @@ -2156,7 +2259,7 @@ No

Summary

- Read and write to the null device (/dev/null). +Read the multiplexed input device (/dev/input).

@@ -2168,7 +2271,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2183,7 +2286,7 @@ No

-dev_rw_power_management( +dev_read_framebuffer( @@ -2197,7 +2300,7 @@ No

Summary

- Read and write the the power management device. +Read the framebuffer.

@@ -2209,7 +2312,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2224,7 +2327,7 @@ No

-dev_rw_realtime_clock( +dev_read_input( @@ -2238,7 +2341,7 @@ No

Summary

- Read the realtime clock (/dev/rtc). +Read the multiplexed input device (/dev/input).

@@ -2250,7 +2353,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2265,7 +2368,7 @@ No

-dev_rw_scanner( +dev_read_lvm_control( @@ -2279,7 +2382,7 @@ No

Summary

- Read and write the the scanner device. +Read the lvm comtrol device.

@@ -2291,7 +2394,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2306,7 +2409,7 @@ No

 
-dev_rw_sysfs(
+dev_read_misc(
 	
@@ -2318,12 +2421,12 @@ No

- -

Description

Summary

- Allow caller to modify hardware state information. +Read miscellaneous devices.

Parameters

@@ -2332,7 +2435,7 @@ No domain

Parameter:

Description:

Optional:

- The process type modifying hardware state information. +Domain allowed access.

No @@ -2347,7 +2450,7 @@ No

 
-dev_rw_usbfs(
+dev_read_mouse(
 	
@@ -2359,12 +2462,12 @@ No

- -

Description

Summary

- Allow caller to modify usb hardware configuration files. +Read the mouse devices.

Parameters

@@ -2373,7 +2476,7 @@ No domain

Parameter:

Description:

Optional:

- The process type modifying the options. +Domain allowed access.

No @@ -2388,7 +2491,7 @@ No

-dev_rw_zero_dev( +dev_read_mtrr( @@ -2402,7 +2505,7 @@ No

Summary

- Read and write to the zero device (/dev/zero). +Read the mtrr device.

@@ -2414,7 +2517,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2429,7 +2532,7 @@ No

-dev_rwx_zero_dev( +dev_read_rand( @@ -2443,7 +2546,7 @@ No

Summary

- Read, write, and execute the zero device (/dev/zero). +Read from random devices (e.g., /dev/random)

@@ -2455,7 +2558,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2470,7 +2573,7 @@ No

-dev_rx_raw_memory( +dev_read_raw_memory( @@ -2484,7 +2587,7 @@ No

Summary

- Read and execute raw memory devices (e.g. /dev/mem). +Read raw memory devices (e.g. /dev/mem).

@@ -2496,7 +2599,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -2511,7 +2614,7 @@ No

 
-dev_search_sysfs(
+dev_read_realtime_clock(
 	
@@ -2523,12 +2626,12 @@ No

- -

Description

Summary

- Search the directory containing hardware information. +Read the realtime clock (/dev/rtc).

Parameters

@@ -2537,7 +2640,7 @@ No domain

Parameter:

Description:

Optional:

- The type of the process performing this action. +Domain allowed access.

No @@ -2552,7 +2655,7 @@ No

 
-dev_search_usbfs(
+dev_read_snd_dev(
 	
@@ -2564,12 +2667,53 @@ No

Summary

+Read the sound devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ + +

+
+dev_read_snd_mixer_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

Description

Summary

- Search the directory containing USB hardware information. +Read the sound mixer devices.

Parameters

@@ -2578,7 +2722,7 @@ No domain

Parameter:

- Write and execute raw memory devices (e.g. /dev/mem). +Read and write to the null device (/dev/null).

@@ -3073,7 +3216,7 @@ No domain

- Domain allowed access. +Domain allowed access.

No @@ -3083,6 +3226,1242 @@ No +

+ + +

+
+dev_rw_power_management(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write the the power management device. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_rw_realtime_clock(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read the realtime clock (/dev/rtc). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_rw_scanner(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write the scanner device. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_rw_sysfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Allow caller to modify hardware state information. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The process type modifying hardware state information. + +	+No +

+ +

+ + +

+
+dev_rw_usbfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Allow caller to modify usb hardware configuration files. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The process type modifying the options. + +	+No +

+ +

+ + +

+
+dev_rw_zero_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write to the zero device (/dev/zero). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_rwx_zero_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read, write, and execute the zero device (/dev/zero). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_rx_raw_memory(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and execute raw memory devices (e.g. /dev/mem). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_search_sysfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Search sysfs. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+dev_search_usbfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Search the directory containing USB hardware information. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+dev_setattr_all_blk_files(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Setattr on all block file device nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_all_chr_files(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Setattr on all character file device nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_apm_bios(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of the apm bios device node. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_framebuffer(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of the framebuffer device node. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_misc(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of miscellaneous devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_mouse(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of the mouse devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_power_management(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of the the power management device. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_scanner(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of the scanner device. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_snd_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of the sound devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_setattr_video_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Set the attributes of video4linux device nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_framebuffer(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write the framebuffer. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_misc(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write miscellaneous devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_mtrr(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write the mtrr device. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_rand(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write to the random device (e.g., /dev/random). This adds +entropy used to generate the random data read from the +random device. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_raw_memory(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write raw memory devices (e.g. /dev/mem). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_realtime_clock(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read the realtime clock (/dev/rtc). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_snd_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write the sound devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_snd_mixer_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write the sound mixer devices. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_write_urand(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write to the pseudo random device (e.g., /dev/urandom). This +sets the random number generator seed. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+dev_wx_raw_memory(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Write and execute raw memory devices (e.g. /dev/mem). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ + +Return + diff --git a/www/api-docs/kernel_filesystem.html b/www/api-docs/kernel_filesystem.html index 1974c09..f9f1667 100644 --- a/www/api-docs/kernel_filesystem.html +++ b/www/api-docs/kernel_filesystem.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -59,15 +65,23 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: filesystem

+ + +

Description:

Policy for filesystems.

@@ -190,7 +204,7 @@ No type

- The type of the object to be associated. +The type of the object to be associated.

No @@ -205,7 +219,48 @@ No

 
-fs_dontaudit_getattr_xattr_fs(
+fs_create_tmpfs_data(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

No @@ -503,7 +555,48 @@ No

 
-fs_getattr_dos_fs(
+fs_getattr_all_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

No @@ -3066,7 +3166,49 @@ No

 
-fs_unmount_romfs(
+fs_search_auto_mountpoints(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Search automount filesystem to use automatically +mounted filesystems. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain performing this action. + +	+No +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_nfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a NFS filesystem. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_nfsd_fs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a NFS server pseudo filesystem. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_ramfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a RAM filesystem. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_romfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a ROM filesystem. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_rpc_pipefs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a RPC pipe filesystem. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_tmpfs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a tmpfs filesystem. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_unmount_xattr_fs(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Unmount a persistent filesystem which +has extended attributes, such as +ext3, JFS, or XFS. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain unmounting the filesystem. + +	+No +

+ +

+ + +

+
+fs_use_tmpfs_blk_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Read and write block nodes on tmpfs filesystems. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+fs_use_tmpfs_chr_dev(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Read and write character nodes on tmpfs filesystems. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + +Return + diff --git a/www/api-docs/kernel_kernel.html b/www/api-docs/kernel_kernel.html index 7b67c42..cb23abc 100644 --- a/www/api-docs/kernel_kernel.html +++ b/www/api-docs/kernel_kernel.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -59,18 +65,26 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: kernel

+ + +

Description:

-Policy for kernel threads, proc filesystem, +Policy for kernel threads, proc filesystem, and unlabeled processes and objects.

+ +

Interfaces:

@@ -90,12 +104,12 @@ and unlabeled processes and objects.

- -

Description

Summary

- +Change the level of kernel messages logged to the console.

Parameters

@@ -104,7 +118,7 @@ and unlabeled processes and objects. domain

Parameter:

Description:

+
+kernel_read_rpc_sysctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:

@@ -1712,7 +1767,48 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+kernel_rw_rpc_sysctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

Description:

Optional:

Parameters

@@ -1837,8 +1933,49 @@ No domain + +

- The type of the process with which to share state information. +The type of the process with which to share state information. + +

+No +

+ + + +

+ + +

+
+kernel_sigchld(
 	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Send a SIGCHLD signal to kernel threads. +

+ +

Parameters

+ + + + @@ -1867,7 +2004,7 @@ No

Description

- Send a child terminated signal to unlabeled processes. +Send a child terminated signal to unlabeled processes.

Parameters

@@ -1878,7 +2015,7 @@ No domain

Parameter:

Description:

Optional:

+domain +

Parameters

@@ -2042,8 +2179,8 @@ No domain @@ -2080,9 +2217,9 @@ No

Description

- Allows to start userland processes - by transitioning to the specified domain. -

+Allows to start userland processes +by transitioning to the specified domain. +

Parameters

- The type of the process using the descriptors. - +The type of the process using the descriptors. +

@@ -2092,8 +2229,8 @@ No domain @@ -2102,8 +2239,8 @@ No entrypoint @@ -2113,6 +2250,9 @@ No +Return + + diff --git a/www/api-docs/kernel_selinux.html b/www/api-docs/kernel_selinux.html index 4174128..4d7cd7a 100644 --- a/www/api-docs/kernel_selinux.html +++ b/www/api-docs/kernel_selinux.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -59,17 +65,25 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: selinux

+ + +

Description:

Policy for kernel security interface, in particular, selinuxfs.

+ +

Interfaces:

@@ -92,7 +106,7 @@ Policy for kernel security interface, in particular, selinuxfs.

Description

- Allows caller to compute an access vector. +Allows caller to compute an access vector.

Parameters

@@ -103,7 +117,7 @@ Policy for kernel security interface, in particular, selinuxfs. domain

+ +

- The process type entered by kernel. - +The process type entered by kernel. +

+ + kernel

@@ -59,15 +65,23 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: storage

+ + +

Description:

Policy controlling access to storage devices

@@ -185,7 +199,91 @@ No domain

- The type of the process to not audit. +The type of the process to not audit. + +

+No +

+ + + +

+ + +

+
+storage_dontaudit_setattr_fixed_disk(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Do not audit attempts made by the caller to set +the attributes of fixed disk device nodes. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to not audit. + +	+No +

+ +

+ + +

+
+storage_dontaudit_setattr_removable_device(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Do not audit attempts made by the caller to set +the attributes of removable devices device nodes. +

+ +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

@@ -311,7 +409,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -326,7 +424,7 @@ No

-storage_getattr_tape_device( +storage_getattr_scsi_generic( @@ -341,8 +439,8 @@ No

Description

- Allow the caller to get the attributes - of device nodes of tape devices. +Get attributes of the device nodes +for the SCSI generic inerface.

Parameters

@@ -353,7 +451,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -368,7 +466,7 @@ No

-storage_manage_fixed_disk( +storage_getattr_tape_device( @@ -383,7 +481,8 @@ No

Description

- Create, read, write, and delete fixed disk device nodes. +Allow the caller to get the attributes +of device nodes of tape devices.

Parameters

@@ -394,7 +493,48 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+storage_manage_fixed_disk(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete fixed disk device nodes. +

+ + +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

@@ -571,7 +711,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -601,10 +741,10 @@ No

- Allow the caller to directly read - a tape device. +Allow the caller to directly read +a tape device. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + + +

+ + +

+
+storage_relabel_fixed_disk(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Relabel fixed disk device nodes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+storage_set_scsi_generic_attributes(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

No @@ -903,10 +1126,51 @@ No

Description

- Allow the caller to set the attributes - of device nodes of tape devices. +Allow the caller to set the attributes +of device nodes of tape devices. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + + +

+ + +

+
+storage_swapon_fixed_disk(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Enable a fixed disk device as swap space

Parameters

@@ -915,7 +1179,7 @@ No domain + +

Parameter:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -945,11 +1209,11 @@ No

Description

- Allow the caller to directly write, in a - generic fashion, from any SCSI device. - This is extremly dangerous as it can bypass the - SELinux protections for filesystem objects, and - should only be used by trusted domains. +Allow the caller to directly write, in a +generic fashion, from any SCSI device. +This is extremly dangerous as it can bypass the +SELinux protections for filesystem objects, and +should only be used by trusted domains.

Parameters

@@ -960,7 +1224,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -990,8 +1254,8 @@ No

Description

- Allow the caller to directly read - a tape device. +Allow the caller to directly read +a tape device.

Parameters

@@ -1002,7 +1266,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -1013,6 +1277,9 @@ No +Return + + diff --git a/www/api-docs/kernel_terminal.html b/www/api-docs/kernel_terminal.html index f667828..4547c70 100644 --- a/www/api-docs/kernel_terminal.html +++ b/www/api-docs/kernel_terminal.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -59,15 +65,23 @@

* Interface Index +

+ * Template Index

Layer: kernel

Module: terminal

+ + +

Description:

Policy for terminals.

+ +

Interfaces:

@@ -98,7 +112,7 @@

Description

@@ -625,7 +639,49 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+term_login_pty(
+	
+		
+		
+		
+		pty_type
+		
+	
+	)

+

+ + +

Description

+Transform specified type into a pty type +used by login programs, such as sshd. +

+ +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

+pty_type +

+ +An object type that will applied to a pty.

No @@ -655,7 +711,7 @@ No

Description

- Transform specified type into a pty type. +Transform specified type into a pty type.

Parameters

@@ -666,7 +722,49 @@ No pty_type

- An object type that will applied to a pty. +An object type that will applied to a pty. + +

+No +

+ +

+ + +

+
+term_relabel_all_user_ptys(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Relabel from and to all user +user pty device nodes. +

+ +

Parameters

+ + + + + + + + + + + + + + + + + + + @@ -75,6 +121,11 @@ sendmail + + + diff --git a/www/api-docs/services_cron.html b/www/api-docs/services_cron.html new file mode 100644 index 0000000..a940957 --- /dev/null +++ b/www/api-docs/services_cron.html @@ -0,0 +1,392 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: services

Module: cron

+ + +Interfaces +Templates + + +

Description:

+ +

Periodic execution of scheduled commands.

+ + + +

Interfaces:

+ +

+ + +

+
+cron_read_pipe(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read a cron daemon unnamed pipe +

+ + +

Parameters

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action.	No @@ -696,8 +794,8 @@ No Description - Relabel from and to all user - user tty device nodes. +Relabel from and to all user +user tty device nodes. Parameters @@ -708,7 +806,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -738,8 +836,8 @@ No Description - Relabel from and to the unallocated - tty type. +Relabel from and to the unallocated +tty type. Parameters @@ -750,7 +848,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -780,8 +878,8 @@ No Description - Relabel from all user tty types to - the unallocated tty type. +Relabel from all user tty types to +the unallocated tty type. Parameters @@ -792,7 +890,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -822,8 +920,8 @@ No Description - Set the attributes of all user tty - device nodes. +Set the attributes of all user tty +device nodes. Parameters @@ -834,7 +932,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -864,8 +962,8 @@ No Description - Set the attributes of the console - device node. +Set the attributes of the console +device node. Parameters @@ -876,7 +974,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -906,8 +1004,8 @@ No Description - Set the attributes of all unallocated - tty device nodes. +Set the attributes of all unallocated +tty device nodes. Parameters @@ -918,7 +1016,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -948,7 +1046,7 @@ No Description - Transform specified type into a tty type. +Transform specified type into a tty type. Parameters @@ -959,7 +1057,7 @@ No tty_type	- An object type that will applied to a tty. +An object type that will applied to a tty.	No @@ -989,8 +1087,8 @@ No Description - Read and write the console, all - ttys and all ptys. +Read and write the console, all +ttys and all ptys. Parameters @@ -1001,7 +1099,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1031,7 +1129,7 @@ No Description - Read and write all user ptys. +Read and write all user ptys. Parameters @@ -1042,7 +1140,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1072,7 +1170,7 @@ No Description - Read and write all user to all user ttys. +Read and write all user to all user ttys. Parameters @@ -1083,7 +1181,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1113,7 +1211,7 @@ No Description - Read from and write to the console. +Read from and write to the console. Parameters @@ -1124,7 +1222,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1154,8 +1252,8 @@ No Description - Read and write the controlling - terminal (/dev/tty). +Read and write the controlling +terminal (/dev/tty). Parameters @@ -1166,7 +1264,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1196,9 +1294,9 @@ No Description - Read and write the generic pty - type. This is generally only used in - the targeted policy. +Read and write the generic pty +type. This is generally only used in +the targeted policy. Parameters @@ -1209,7 +1307,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1239,7 +1337,7 @@ No Description - Read and write unallocated ttys. +Read and write unallocated ttys. Parameters @@ -1250,7 +1348,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1288,9 +1386,9 @@ No Description - Transform specified type into an user - pty type. This allows it to be relabeled via - type change by login programs such as ssh. +Transform specified type into an user +pty type. This allows it to be relabeled via +type change by login programs such as ssh. Parameters @@ -1301,8 +1399,8 @@ No userdomain	- The type of the user domain associated with - this pty. +The type of the user domain associated with +this pty.	No @@ -1312,7 +1410,7 @@ No object_type	- An object type that will applied to a pty. +An object type that will applied to a pty.	No @@ -1342,7 +1440,7 @@ No Description - Write to all user ttys. +Write to all user ttys. Parameters @@ -1353,7 +1451,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1383,7 +1481,7 @@ No Description - Write to the console. +Write to the console. Parameters @@ -1394,7 +1492,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1424,7 +1522,7 @@ No Description - Write to unallocated ttys. +Write to unallocated ttys. Parameters @@ -1435,7 +1533,7 @@ No domain	- The type of the process performing this action. +The type of the process performing this action.	No @@ -1446,6 +1544,9 @@ No +Return + + diff --git a/www/api-docs/services.html b/www/api-docs/services.html index 3fdfb39..72329aa 100644 --- a/www/api-docs/services.html +++ b/www/api-docs/services.html @@ -15,6 +15,12 @@ + + + apps + + + + + kernel @@ -25,15 +31,30 @@ services + - + cron + + - + inetd + + - + kerberos + - mta + - + nis + - remotelogin - sendmail + - + ssh + + @@ -44,6 +65,8 @@ * Interface Index + + * Template Index @@ -60,12 +83,35 @@
+ + cron	Periodic execution of scheduled commands.
+ + inetd	Internet services daemon.
+ + kerberos	MIT Kerberos admin and KDC
mta	Policy common to all email tranfer agents.
+ + nis	Policy for NIS (YP) servers and clients
remotelogin	Policy for rshd, rlogind, and telnetd.	Policy for sendmail.
+ + ssh	Secure shell client and server policy.

+ + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to performing this action. + +	+No +

+ +

+ + +

+
+cron_rw_log(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write the cron daemon log files. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to performing this action. + +	+No +

+ +

+ + +

+
+cron_search_spool(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Search the directory containing user cron tables. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to performing this action. + +	+No +

+ +

+ + +

+
+cron_system_entry(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		entrypoint
+		
+	
+	)

+

+ +

Summary

+Make the specified program domain accessable +from the system cron jobs. +

+ + +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process to transition to. + +	+No +
+entrypoint +	+ +The type of the file used as an entrypoint to this domain. + +	+No +

+ + +Return + + + +

Templates:

+ +

+ + +

+
+cron_admin_template(
+	
+		
+		
+		
+		userdomain_prefix
+		
+	
+	)

+

+ +

Summary

+The administrative functions template for the cron module. +

+ + +

Description

+This template creates rules for administrating the cron service, +allowing the specified user to manage other user crontabs. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+userdomain_prefix +	+ +The prefix of the user domain (e.g., user +is the prefix for user_t). + +	+No +

+ +

+ + +

+
+cron_per_userdomain_template(
+	
+		
+		
+		
+		userdomain_prefix
+		
+	
+	)

+

+ +

Summary

+The per user domain template for the cron module. +

+ + +

Description

+This template creates a derived domains which are used +for running programs on behalf of the user, from cron. +A type for the user crontab is also created. +

+This template is invoked automatically for each user, and +generally does not need to be invoked directly +by policy writers. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+userdomain_prefix +	+ +The prefix of the user domain (e.g., user +is the prefix for user_t). + +	+No +

+ + +Return + + + + + diff --git a/www/api-docs/services_inetd.html b/www/api-docs/services_inetd.html new file mode 100644 index 0000000..74c94b2 --- /dev/null +++ b/www/api-docs/services_inetd.html @@ -0,0 +1,339 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: services

Module: inetd

+ + + +

Description:

+ +

Internet services daemon.

+ + + +

Interfaces:

+ +

+ + +

+
+inetd_core_service_domain(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		entrypoint
+		
+	
+	)

+

+ +

Summary

+Define the specified domain as a inetd service. +

+ + +

Description

+Define the specified domain as a inetd service. The +inetd_service_domain(), inetd_tcp_service_domain(), +or inetd_udp_service_domain() interfaces should be used +instead of this interface, as this interface only provides +the common rules to these three interfaces. +

+ +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type associated with the inetd service process. + +	+No +
+entrypoint +	+ +The type associated with the process program. + +	+No +

+ +

+ + +

+
+inetd_service_domain(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		entrypoint
+		
+	
+	)

+

+ +

Summary

+Define the specified domain as a TCP and UDP inetd service. +

+ + +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type associated with the inetd service process. + +	+No +
+entrypoint +	+ +The type associated with the process program. + +	+No +

+ +

+ + +

+
+inetd_tcp_service_domain(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		entrypoint
+		
+	
+	)

+

+ +

Summary

+Define the specified domain as a TCP inetd service. +

+ + +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type associated with the inetd service process. + +	+No +
+entrypoint +	+ +The type associated with the process program. + +	+No +

+ +

+ + +

+
+inetd_udp_service_domain(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		entrypoint
+		
+	
+	)

+

+ +

Summary

+Define the specified domain as a UDP inetd service. +

+ + +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type associated with the inetd service process. + +	+No +
+entrypoint +	+ +The type associated with the process program. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/services_kerberos.html b/www/api-docs/services_kerberos.html new file mode 100644 index 0000000..d25efc4 --- /dev/null +++ b/www/api-docs/services_kerberos.html @@ -0,0 +1,186 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: services

Module: kerberos

+ + + +

Description:

+ +

+This policy supports: +

+Servers: +

kadmind
krb5kdc

+Clients: +

kinit
kdestroy
klist
ksu (incomplete)

+ + + +

Interfaces:

+ +

+ + +

+
+kerberos_read_conf(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read the kerberos configuration file (/etc/krb5.conf). +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ +

+ + +

+
+kerberos_use(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Use kerberos services +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +Domain allowed access. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/services_mta.html b/www/api-docs/services_mta.html index 8ad08cd..949e72d 100644 --- a/www/api-docs/services_mta.html +++ b/www/api-docs/services_mta.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -25,15 +31,30 @@ services

+    - + cron
+ +    - + inetd
+ +    - + kerberos
+    - mta
+    - + nis
+    - remotelogin
   - sendmail
+    - + ssh
+

+ @@ -44,15 +65,26 @@

* Interface Index +

+ * Template Index

Layer: services

Module: mta

+ + +Interfaces +Templates + +

Description:

Policy common to all email tranfer agents.

+ +

Interfaces:

@@ -60,6 +92,211 @@

 
+mta_exec(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_getattr_spool(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_mailserver(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_manage_queue(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_manage_spool(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+ mta_read_aliases( @@ -75,7 +312,7 @@

Description

- Read mail address aliases. +Read mail address aliases.

Parameters

@@ -86,7 +323,219 @@ domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+mta_rw_aliases(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_rw_spool(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_send_mail(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+mta_sendmail_mailserver(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +Return + + + +

Templates:

+ +

+ + +

+
+mta_per_userdomain_template(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + + + @@ -148,6 +162,11 @@ Basic filesystem types and interfaces.

+ + + diff --git a/www/api-docs/system_authlogin.html b/www/api-docs/system_authlogin.html index fc043f2..bcd8a82 100644 --- a/www/api-docs/system_authlogin.html +++ b/www/api-docs/system_authlogin.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,26 @@

* Interface Index +

+ * Template Index

Layer: system

Module: authlogin

+ + +Interfaces +Templates + +

Description:

Common policy for authentication and user login.

+ +

Interfaces:

@@ -129,7 +149,7 @@

Description

- +Delete pam PID files.

Parameters

@@ -140,7 +160,7 @@ domain

+ +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -97,6 +546,8 @@ No +Return + diff --git a/www/api-docs/services_nis.html b/www/api-docs/services_nis.html new file mode 100644 index 0000000..5997c42 --- /dev/null +++ b/www/api-docs/services_nis.html @@ -0,0 +1,217 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: services

Module: nis

+ + + +

Description:

+ +

Policy for NIS (YP) servers and clients

+ + + +

Interfaces:

+ +

+ + +

+
+nis_list_var_yp(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send UDP network traffic to NIS clients. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+nis_udp_sendto_ypbind(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send UDP network traffic to NIS clients. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+nis_use_ypbind(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Use the ypbind service to access NIS services. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/services_remotelogin.html b/www/api-docs/services_remotelogin.html index 3ca1c03..8bd22ed 100644 --- a/www/api-docs/services_remotelogin.html +++ b/www/api-docs/services_remotelogin.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -25,15 +31,30 @@ services

+    - + cron
+ +    - + inetd
+ +    - + kerberos
+    - mta
+    - + nis
+    - remotelogin
   - sendmail
+    - + ssh
+

+ @@ -44,15 +65,23 @@

* Interface Index +

+ * Template Index

Layer: services

Module: remotelogin

+ + +

Description:

Policy for rshd, rlogind, and telnetd.

+ +

Interfaces:

@@ -75,7 +104,7 @@

Description

- Domain transition to the remote login domain. +Domain transition to the remote login domain.

Parameters

@@ -86,7 +115,7 @@ domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -97,6 +126,9 @@ No +Return + + diff --git a/www/api-docs/services_sendmail.html b/www/api-docs/services_sendmail.html index a671847..a8561ad 100644 --- a/www/api-docs/services_sendmail.html +++ b/www/api-docs/services_sendmail.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -25,15 +31,30 @@ services

+    - + cron
+ +    - + inetd
+ +    - + kerberos
+    - mta
+    - + nis
+    - remotelogin
   - sendmail
+    - + ssh
+

+ @@ -44,15 +65,23 @@

* Interface Index +

+ * Template Index

Layer: services

Module: sendmail

+ + +

Description:

Policy for sendmail.

+ +

Interfaces:

@@ -75,7 +104,7 @@

Description

- Domain transition to sendmail. +Domain transition to sendmail.

Parameters

@@ -86,7 +115,7 @@ domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -97,6 +126,9 @@ No +Return + + diff --git a/www/api-docs/services_ssh.html b/www/api-docs/services_ssh.html new file mode 100644 index 0000000..2eadd26 --- /dev/null +++ b/www/api-docs/services_ssh.html @@ -0,0 +1,251 @@ + + + + Security Enhanced Linux Reference Policy + + + + + + + +

+ +

Layer: services

Module: ssh

+ + +Interfaces +Templates + + +

Description:

+ +

Secure shell client and server policy.

+ + + +

Interfaces:

+ +

+ + +

+
+ssh_dontaudit_read_server_keys(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

Read ssh server keys

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + +Return + + + +

Templates:

+ +

+ + +

+
+ssh_per_userdomain_template(
+	
+		
+		
+		
+		userdomain_prefix
+		
+	
+	)

+

+ +

Summary

+The per user domain template for the ssh module. +

+ + +

Description

+This template creates a derived domains which are used +for ssh client sessions and user ssh agents. A derived +type is also created to protect the user ssh keys. +

+This template is invoked automatically for each user, and +generally does not need to be invoked directly +by policy writers. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+userdomain_prefix +	+ +The prefix of the user domain (e.g., user +is the prefix for user_t). + +	+No +

+ +

+ + +

+
+ssh_server_template(
+	
+		
+		
+		
+		userdomain_prefix
+		
+	
+	)

+

+ +

Summary

+The template to define a ssh server. +

+ + +

Description

+This template creates a domains to be used for +creating a ssh server. This is typically done +to have multiple ssh servers of different sensitivities, +such as for an internal network-facing ssh server, and +a external network-facing ssh server. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+userdomain_prefix +	+ +The prefix of the server domain (e.g., sshd +is the prefix for sshd_t). + +	+No +

+ + +Return + + +

+ + diff --git a/www/api-docs/style.css b/www/api-docs/style.css index 9571722..9bac0d9 100644 --- a/www/api-docs/style.css +++ b/www/api-docs/style.css @@ -124,6 +124,30 @@ a:hover {background-color:#eee;} text-decoration:none; font-family:verdana, arial, helvetica, sans-serif; } +#Template { + margin:5px 0px 25px 5px; + padding:5px 0px 5px 5px; + border-style:solid; + border-color:black; + border-width:1px 1px 1px 1px; + background-color:#fafafa; + font-size:14px; + font-weight:400; + text-decoration:none; + font-family:verdana, arial, helvetica, sans-serif; +} +#Templatesmall { + margin:0px 0px 5px 0px; + padding:5px 0px 0px 5px; + border-style:solid; + border-color:black; + border-width:1px 1px 1px 1px; + background-color:#fafafa; + font-size:14px; + font-weight:400; + text-decoration:none; + font-family:verdana, arial, helvetica, sans-serif; +} #Description { margin:0px 0px 0px 5px; padding:0px 0px 0px 5px; diff --git a/www/api-docs/system.html b/www/api-docs/system.html index 64bb8c6..3002695 100644 --- a/www/api-docs/system.html +++ b/www/api-docs/system.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,6 +107,8 @@

* Interface Index +

+ * Template Index

@@ -117,6 +128,9 @@

authlogin

+ + fstools

Tools for filesystem management, such as mkfs and fsck.

getty

- Execute pam programs in the pam domain. +Execute pam programs in the pam domain.

Parameters

@@ -281,7 +301,48 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+auth_domtrans_pam_console(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

Description:

Optional:

@@ -404,7 +466,7 @@ No domain

- +The type of the domain to not audit.

No @@ -424,28 +486,28 @@ No - domain + ? )

- -

Description

Summary

- +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- +Parameter descriptions are missing!

No @@ -475,7 +537,7 @@ No

Description

- +Execute the pam program.

Parameters

@@ -486,7 +548,7 @@ No domain

- +The type of the process performing this action.

No @@ -506,28 +568,28 @@ No - domain + ? )

- -

Description

Summary

- +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- +Parameter descriptions are missing!

No @@ -557,7 +619,7 @@ No

Description

- +Use the login program as an entry point program.

Parameters

@@ -568,7 +630,7 @@ No domain

- +The type of process using the login program as entry point.

No @@ -610,8 +672,8 @@ No

Description

- Manage all files on the filesystem, except - the shadow passwords and listed exceptions. +Manage all files on the filesystem, except +the shadow passwords and listed exceptions.

Parameters

@@ -622,7 +684,7 @@ No domain

- The type of the domain perfoming this action. +The type of the domain perfoming this action.

No @@ -632,8 +694,8 @@ No exception_types

- The types to be excluded. Each type or attribute - must be negated by the caller. +The types to be excluded. Each type or attribute +must be negated by the caller.

yes @@ -648,33 +710,238 @@ yes

 
-auth_read_login_records(
+auth_manage_login_records(
 	
-		domain
+		?
 		
 	)

Summary

+Summary is missing! +

Description

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +

+
+auth_manage_pam_console_data(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+auth_manage_shadow(
 	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing!

Parameters

+ +

Parameter:	Description:	Optional:
-domain +? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+auth_read_login_records(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+auth_read_pam_console_data(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! +	+No +

+ +

+
+auth_read_pam_pid(
+	
+		
+		
+		
+		?
+		
 	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -704,7 +971,7 @@ No

Description

- +Read the shadow passwords file (/etc/shadow)

Parameters

@@ -715,7 +982,7 @@ No domain

- +The type of the process performing this action.

No @@ -757,8 +1024,8 @@ No

Description

- Relabel all files on the filesystem, except - the shadow passwords and listed exceptions. +Relabel all files on the filesystem, except +the shadow passwords and listed exceptions.

Parameters

@@ -769,7 +1036,7 @@ No domain

- The type of the domain perfoming this action. +The type of the domain perfoming this action.

No @@ -779,8 +1046,8 @@ No exception_types

- The types to be excluded. Each type or attribute - must be negated by the caller. +The types to be excluded. Each type or attribute +must be negated by the caller.

yes @@ -795,6 +1062,47 @@ yes

 
+auth_relabelto_shadow(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +

+ auth_run_pam( @@ -826,7 +1134,7 @@ yes

Description

- Execute pam programs in the PAM domain. +Execute pam programs in the PAM domain.

Parameters

@@ -837,7 +1145,7 @@ yes domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -847,7 +1155,7 @@ No role

- The role to allow the PAM domain. +The role to allow the PAM domain.

No @@ -857,7 +1165,7 @@ No terminal

- The type of the terminal allow the PAM domain to use. +The type of the terminal allow the PAM domain to use.

No @@ -903,7 +1211,7 @@ No

Description

- Execute utempter programs in the utempter domain. +Execute utempter programs in the utempter domain.

Parameters

@@ -914,7 +1222,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -924,7 +1232,7 @@ No role

- The role to allow the utempter domain. +The role to allow the utempter domain.

No @@ -934,7 +1242,130 @@ No terminal

- The type of the terminal allow the utempter domain to use. +The type of the terminal allow the utempter domain to use. + +

+No +

+ +

+ + +

+
+auth_rw_faillog(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+auth_rw_lastlog(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+auth_rw_login_records(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -964,7 +1395,7 @@ No

Description

- +Read and write the shadow password file (/etc/shadow).

Parameters

@@ -975,7 +1406,7 @@ No domain

- +The type of the process performing this action.

No @@ -985,7 +1416,14 @@ No -

+ +Return + + + +

Templates:

+ +

@@ -1002,10 +1440,25 @@ No

Summary

+The per user domain template for the authlogin module. +

Description

- +

+This template creates a derived domain which is allowed +to authenticate users by using PAM unix_chkpwd support. +This domain will be used by any programs running in the +user domain which use PAM to authenticate. +

+This template is invoked automatically for each user, and +generally does not need to be invoked directly +by policy writers. +

Parameters

@@ -1016,7 +1469,8 @@ No userdomain_prefix

- +The prefix of the user domain (e.g., user +is the prefix for user_t).

No @@ -1027,6 +1481,8 @@ No +Return + diff --git a/www/api-docs/system_clock.html b/www/api-docs/system_clock.html index d7b6154..3301e7c 100644 --- a/www/api-docs/system_clock.html +++ b/www/api-docs/system_clock.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,23 @@

* Interface Index +

+ * Template Index

Layer: system

Module: clock

+ + +

Description:

Policy for reading and setting the hardware clock.

No @@ -249,7 +266,7 @@ No role

- The role to be allowed the clock domain. +The role to be allowed the clock domain.

No @@ -259,7 +276,7 @@ No terminal

- The type of the terminal allow the clock domain to use. +The type of the terminal allow the clock domain to use.

No @@ -311,6 +328,9 @@ No +Return + + diff --git a/www/api-docs/system_corecommands.html b/www/api-docs/system_corecommands.html index 2f90aa6..7d065e9 100644 --- a/www/api-docs/system_corecommands.html +++ b/www/api-docs/system_corecommands.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,11 +107,17 @@

* Interface Index +

+ * Template Index

Layer: system

Module: corecommands

+ + +

Description:

@@ -110,6 +125,8 @@ Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin.

+ +

Interfaces:

@@ -117,6 +134,47 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.

 
+corecmd_chroot_exec_chroot(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+ corecmd_domtrans_shell( @@ -140,7 +198,7 @@ in /bin, /sbin, /usr/bin, and /usr/sbin.

Description

- Execute a shell in the target domain. +Execute a shell in the target domain.

Parameters

@@ -151,7 +209,7 @@ in /bin, /sbin, /usr/bin, and /usr/sbin. domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -161,7 +219,7 @@ No target_domain

- The type of the shell process. +The type of the shell process.

No @@ -176,34 +234,229 @@ No

 
-corecmd_shell_spec_domtrans(
+corecmd_dontaudit_getattr_sbin_file(
 	
-		domain
+		?
 		
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +

+
+corecmd_exec_bin(
+	
 		
-			,
 		
 		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_exec_ls(
+	
+		
 		
-		target_domain
+		
+		?
 		
 	
 	)

 

Summary

+Summary is missing! +

Description

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_exec_sbin(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_exec_shell(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_getattr_bin_file(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

- Execute a shell in the target domain. This - is an explicit transition, requiring the - caller to use setexeccon(). +Get the attributes of files in bin directories.

Parameters

@@ -212,17 +465,48 @@ No domain +

Parameter:	Description:	Optional:
- The type of the process performing this action. +The type of the process performing this action.	No

+ +

+ + +

+
+corecmd_getattr_sbin_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + +

Parameter:

Description:

Optional:

-target_domain +?

- The type of the shell process. +Parameter descriptions are missing!

No @@ -232,6 +516,357 @@ No +

+ + +

+
+corecmd_list_bin(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_list_sbin(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_read_bin_symlink(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read symbolic links in bin directories. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corecmd_read_sbin_symlink(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read symbolic links in sbin directories. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+corecmd_search_bin(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_search_sbin(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+corecmd_shell_entry_type(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Make the shell an entrypoint for the specified domain. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The domain for which the shell is an entrypoint. + +	+No +

+ +

+ + +

+
+corecmd_shell_spec_domtrans(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		target_domain
+		
+	
+	)

+

+ + +

Description

+Execute a shell in the target domain. This +is an explicit transition, requiring the +caller to use setexeccon(). +

+ +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +
+target_domain +	+ +The type of the shell process. + +	+No +

+ + +Return + diff --git a/www/api-docs/system_domain.html b/www/api-docs/system_domain.html index b30ed44..f02e5b7 100644 --- a/www/api-docs/system_domain.html +++ b/www/api-docs/system_domain.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,26 @@

* Interface Index +

+ * Template Index

Layer: system

Module: domain

+ + +Interfaces +Templates + +

Description:

Core policy for domains.

+ +

Interfaces:

@@ -114,6 +134,47 @@

 
+domain_base_domain_type(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

@@ -309,7 +370,171 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+domain_dontaudit_use_wide_inherit_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+domain_dyntrans_type(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+domain_entry_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+domain_exec_all_entry_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

@@ -474,7 +699,48 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+domain_read_all_entry_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -504,8 +770,8 @@ No

Description

- Makes caller an exception to the constraint preventing - changing of role. +Makes caller an exception to the constraint preventing +changing of role.

Parameters

@@ -516,7 +782,48 @@ No domain

- The process type to make an exception to the constraint. +The process type to make an exception to the constraint. + +

+No +

+ +

+ + +

+
+domain_setpriority_all_domains(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -546,7 +853,7 @@ No

Description

- Send a child terminated signal to all domains. +Send a child terminated signal to all domains.

Parameters

@@ -557,7 +864,49 @@ No domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+domain_sigchld_wide_inherit_fd(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send a SIGCHLD signal to domains whose file +discriptors are widely inheritable. +

+ + +

Parameters

+ + + + + +

Parameter:

Description:

Optional:

@@ -722,7 +1071,48 @@ No domain

- The process type to make an exception to the constraint. +The process type to make an exception to the constraint. + +

+No +

+ +

+ + +

+
+domain_type(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -732,6 +1122,179 @@ No +

+ + +

+
+domain_use_wide_inherit_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+domain_wide_inherit_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +Return + + + +

Templates:

+ +

+ + +

+
+domain_auto_trans(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+domain_trans(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +Return diff --git a/www/api-docs/system_files.html b/www/api-docs/system_files.html index bbe0fea..cdfd1f7 100644 --- a/www/api-docs/system_files.html +++ b/www/api-docs/system_files.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,22 +107,30 @@

* Interface Index +

+ * Template Index

Layer: system

Module: files

+ + +

Description:

- This module contains basic filesystem types and interfaces. This +This module contains basic filesystem types and interfaces. This includes:

The concept of different file types including basic - files, mount points, tmp files, etc.
Access to groups of files and all files.
Types and interfaces for the basic filesystem layout - (/, /etc, /tmp, /usr, etc.).

+files, mount points, tmp files, etc.

Access to groups of files and all files.

Types and interfaces for the basic filesystem layout +(/, /etc, /tmp, /usr, etc.).

+ +

Interfaces:

@@ -121,6 +138,170 @@ includes:

 
+files_create_boot_flag(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_create_etc_config(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_create_lock(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_create_pid(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+ files_create_root( @@ -160,9 +341,9 @@ includes:

Description

- Create an object in the root directory, with a private - type. If no object class is specified, the - default is file. +Create an object in the root directory, with a private +type. If no object class is specified, the +default is file.

Parameters

@@ -173,7 +354,7 @@ includes: domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -183,9 +364,9 @@ No private type

- The type of the object to be created. If no type - is specified, the type of the root directory will - be used. +The type of the object to be created. If no type +is specified, the type of the root directory will +be used.

yes @@ -195,8 +376,8 @@ yes object

- The object class of the object being created. If - no class is specified, file will be used. +The object class of the object being created. If +no class is specified, file will be used.

yes @@ -211,33 +392,33 @@ yes

 
-files_delete_generic_etc_files(
+files_create_tmp_files(
 	
-		domain
+		?
 		
 	)

- -

Description

Summary

- Delete system configuration files in /etc. +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- The type of the process performing this action. +Parameter descriptions are missing!

No @@ -252,33 +433,33 @@ No

 
-files_dontaudit_ioctl_all_pids(
+files_delete_all_locks(
 	
-		domain
+		?
 		
 	)

- -

Description

Summary

- Do not audit attempts to ioctl daemon runtime data files. +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- The type of the process performing this action. +Parameter descriptions are missing!

No @@ -293,33 +474,33 @@ No

 
-files_dontaudit_write_all_pids(
+files_delete_all_pids(
 	
-		domain
+		?
 		
 	)

- -

Description

Summary

- Do not audit attempts to write to daemon runtime data files. +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- The type of the process performing this action. +Parameter descriptions are missing!

No @@ -334,33 +515,33 @@ No

 
-files_exec_usr_files(
+files_delete_all_tmp_files(
 	
-		domain
+		?
 		
 	)

- -

Description

Summary

- Execute programs in /usr/src in the caller domain. +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- The type of the process performing this action. +Parameter descriptions are missing!

No @@ -375,7 +556,7 @@ No

-files_list_home( +files_delete_etc_files( @@ -390,7 +571,7 @@ No

Description

- Get listing home home directories. +Delete system configuration files in /etc.

Parameters

@@ -401,7 +582,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -416,62 +597,38 @@ No

 
-files_manage_all_files(
-	
-		
-		
-		
-		domain
-		
+files_delete_root_dir_entry(
 	
 		
-			,
-		
-		
 		
-			[
-		
-		exception_types
 		
-			]
+		?
 		
 	
 	)

 

- -

Description

Summary

- Manage all files on the filesystem, except - the listed exceptions. +Summary is missing!

Parameters

- -

Parameter:	Description:	Optional:
-domain +?	- The type of the domain perfoming this action. +Parameter descriptions are missing!	No
-exception_types -	- - The types to be excluded. Each type or attribute - must be negated by the caller. - -	-yes -

@@ -481,7 +638,7 @@ yes

 
-files_relabel_all_files(
+files_dontaudit_ioctl_all_pids(
 	
 		
 		
@@ -489,18 +646,6 @@ yes
 		domain
 		
 	
-		
-			,
-		
-		
-		
-			[
-		
-		exception_types
-		
-			]
-		
-	
 	)

 

@@ -508,8 +653,7 @@ yes

Description

- Relabel all files on the filesystem, except - the listed exceptions. +Do not audit attempts to ioctl daemon runtime data files.

Parameters

@@ -520,21 +664,51 @@ yes domain

- The type of the domain perfoming this action. +The type of the process performing this action.

+ + +

+
+files_dontaudit_read_root_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + +

Parameter:	Description:	Optional:
-exception_types +?	- The types to be excluded. Each type or attribute - must be negated by the caller. +Parameter descriptions are missing!	-yes +No

@@ -546,34 +720,33 @@ yes

 
-files_tmpfs_file(
+files_dontaudit_rw_root_chr_dev(
 	
-		type
+		?
 		
 	)

- -

Description

Summary

- Transform the type into a file, for use on a - virtual memory filesystem (tmpfs). +Summary is missing!

Parameters

+ +

Parameter:

Description:

Optional:

-type +?

- The type to be transformed. +Parameter descriptions are missing!

No @@ -583,6 +756,2691 @@ No +

+ + +

+
+files_dontaudit_rw_root_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_dontaudit_search_all_dirs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_dontaudit_search_isid_type_dir(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Do not audit attempts to search directories on new filesystems +that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_dontaudit_search_pids(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_dontaudit_search_var(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_dontaudit_write_all_pids(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Do not audit attempts to write to daemon runtime data files. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_exec_etc_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_exec_usr_files(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Execute programs in /usr/src in the caller domain. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_getattr_all_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_getattr_generic_locks(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_list_all_dirs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_list_etc(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_list_home(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Get listing of home directories. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_list_mnt(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_list_pids(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_list_root(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_list_spool(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_lock_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_manage_all_files(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+			[
+		
+		exception_types
+		
+			]
+		
+	
+	)

+

+ + +

Description

+Manage all files on the filesystem, except +the listed exceptions. +

+ +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain perfoming this action. + +	+No +
+exception_types +	+ +The types to be excluded. Each type or attribute +must be negated by the caller. + +	+yes +

+ +

+ + +

+
+files_manage_etc_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_manage_etc_runtime_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_manage_generic_locks(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_manage_generic_spool_dirs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_manage_generic_spools(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_manage_isid_type_blk_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete block device nodes +on new filesystems that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_manage_isid_type_chr_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete character device nodes +on new filesystems that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_manage_isid_type_dir(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete directories +on new filesystems that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_manage_isid_type_file(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete files +on new filesystems that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_manage_isid_type_symlink(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete symbolic links +on new filesystems that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_manage_lost_found(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Create, read, write, and delete objects in +lost+found directories. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_manage_urandom_seed(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_mount_all_file_type_fs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_mounton_all_mountpoints(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_mountpoint(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_pid_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_all_pids(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_etc_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_etc_runtime_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_generic_spools(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_usr_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_usr_src_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_read_var_files(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read files in the /var directory. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_relabel_all_files(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+			[
+		
+		exception_types
+		
+			]
+		
+	
+	)

+

+ + +

Description

+Relabel all files on the filesystem, except +the listed exceptions. +

+ +

Parameters

+ + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the domain perfoming this action. + +	+No +
+exception_types +	+ +The types to be excluded. Each type or attribute +must be negated by the caller. + +	+yes +

+ +

+ + +

+
+files_relabelto_all_file_type_fs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_rw_etc_files(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_rw_generic_pids(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_rw_isid_type_blk_node(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write block device nodes on new filesystems +that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_rw_isid_type_dir(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write directories on new filesystems +that have not yet been labeled. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_search_all_dirs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_etc(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_generic_locks(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_home(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Search home directories. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_search_mnt(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_pids(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_spool(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_tmp(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Search the tmp directory (/tmp) +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_search_usr(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_var(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_search_var_lib(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Search the /var/lib directory. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+files_tmp_file(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_tmpfs_file(
+	
+		
+		
+		
+		type
+		
+	
+	)

+

+ + +

Description

+Transform the type into a file, for use on a +virtual memory filesystem (tmpfs). +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+type +	+ +The type to be transformed. + +	+No +

+ +

+ + +

+
+files_type(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_unmount_all_file_type_fs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+files_unmount_rootfs(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +Return + diff --git a/www/api-docs/system_fstools.html b/www/api-docs/system_fstools.html new file mode 100644 index 0000000..6475699 --- /dev/null +++ b/www/api-docs/system_fstools.html @@ -0,0 +1,296 @@ + + + + Security Enhanced Linux Reference Policy + + + + + +

+ + + + admin
+

+ +

+ + + + apps
+

+ +

+ + + + kernel
+

+ +

+ + + + services
+

+ +

+ + + + system
+

+ +    - + authlogin
+ +    - + clock
+ +    - + corecommands
+ +    - + domain
+ +    - + files
+ +    - + fstools
+ +    - + getty
+ +    - + hostname
+ +    - + hotplug
+ +    - + init
+ +    - + iptables
+ +    - + libraries
+ +    - + locallogin
+ +    - + logging
+ +    - + lvm
+ +    - + miscfiles
+ +    - + modutils
+ +    - + mount
+ +    - + selinuxutil
+ +    - + sysnetwork
+ +    - + udev
+ +    - + userdomain
+ +

+ +

+ * Interface Index +

+ * Template Index +

+ +

Layer: system

Module: fstools

+ + + +

Description:

+ +

Tools for filesystem management, such as mkfs and fsck.

+ + + +

Interfaces:

+ +

+ + +

+
+fstools_domtrans(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+Execute fs tools in the fstools domain. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+fstools_exec(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ + +

Description

+ Execute fsadm in the caller domain. +

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ + The type of the process performing this action. + +	+No +

+ +

+ + +

+
+fstools_run(
+	
+		
+		
+		
+		domain
+		
+	
+		
+			,
+		
+		
+		
+		role
+		
+	
+		
+			,
+		
+		
+		
+		terminal
+		
+	
+	)

+

+ + +

Description

+Execute fs tools in the fstools domain, and +allow the specified role the fs tools domain. +

+ +

Parameters

+ + + + + + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +
+role +	+ +The role to be allowed the fs tools domain. + +	+No +
+terminal +	+ +The type of the terminal allow the fs tools domain to use. + +	+No +

+ + +Return + + + +

+ + diff --git a/www/api-docs/system_getty.html b/www/api-docs/system_getty.html index ab6ddf5..eb97234 100644 --- a/www/api-docs/system_getty.html +++ b/www/api-docs/system_getty.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,23 @@

* Interface Index +

+ * Template Index

Layer: system

Module: getty

+ + +

Description:

Policy for getty.

+ +

Interfaces:

@@ -274,6 +291,9 @@ No

+Return + +

diff --git a/www/api-docs/system_hostname.html b/www/api-docs/system_hostname.html index 75d7a53..a45d686 100644 --- a/www/api-docs/system_hostname.html +++ b/www/api-docs/system_hostname.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,23 @@

* Interface Index +

+ * Template Index

Layer: system

Module: hostname

+ + +

Description:

Policy for changing the system host name.

+ +

Interfaces:

@@ -129,7 +146,7 @@

Description

- Execute hostname in the hostname domain. +Execute hostname in the hostname domain.

Parameters

@@ -140,8 +157,8 @@ domain

- The type of the process performing this action. - Has a sigchld signal backchannel. +The type of the process performing this action. +Has a sigchld signal backchannel.

No @@ -229,9 +246,9 @@ No

Description

- Execute hostname in the hostname domain, and - allow the specified role the hostname domain. - Has a sigchld signal backchannel. +Execute hostname in the hostname domain, and +allow the specified role the hostname domain. +Has a sigchld signal backchannel.

Parameters

@@ -242,7 +259,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -252,7 +269,7 @@ No role

- The role to be allowed the hostname domain. +The role to be allowed the hostname domain.

No @@ -262,7 +279,7 @@ No terminal

- The type of the terminal allow the hostname domain to use. +The type of the terminal allow the hostname domain to use.

No @@ -273,6 +290,9 @@ No +Return + + diff --git a/www/api-docs/system_hotplug.html b/www/api-docs/system_hotplug.html index 2c50044..c517d4b 100644 --- a/www/api-docs/system_hotplug.html +++ b/www/api-docs/system_hotplug.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,11 +107,17 @@

* Interface Index +

+ * Template Index

Layer: system

Module: hotplug

+ + +

Description:

@@ -110,6 +125,8 @@ Policy for hotplug system, for supporting the connection and disconnection of devices at runtime.

+ +

Interfaces:

@@ -117,6 +134,170 @@ connection and disconnection of devices at runtime.

 
+hotplug_domtrans(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+hotplug_dontaudit_search_config(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+hotplug_dontaudit_use_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+hotplug_exec(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+ hotplug_read_config( @@ -132,7 +313,7 @@ connection and disconnection of devices at runtime.

Description

- Read the configuration files for hotplug. +Read the configuration files for hotplug.

Parameters

@@ -143,7 +324,48 @@ connection and disconnection of devices at runtime. domain

- The type of the process performing this action. +The type of the process performing this action. + +

+No +

+ +

+ + +

+
+hotplug_use_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

Description:

Optional:

+? +

+ +Parameter descriptions are missing!

No @@ -154,6 +376,9 @@ No +Return + + diff --git a/www/api-docs/system_init.html b/www/api-docs/system_init.html index 843f34c..6c086fc 100644 --- a/www/api-docs/system_init.html +++ b/www/api-docs/system_init.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,23 @@

* Interface Index +

+ * Template Index

Layer: system

Module: init

+ + +

Description:

System initialization programs (init and init scripts).

+ +

Interfaces:

@@ -114,33 +131,74 @@

 
-init_read_script_process_state(
+init_daemon_domain(
 	
-		domain
+		?
 		
 	)

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_domain(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

Description

Summary

- Read the process state (/proc/pid) of the init scripts. +Summary is missing!

Parameters

Parameter:

Description:

Optional:

-domain +?

- The type of the process performing this action. +Parameter descriptions are missing!

No @@ -155,33 +213,238 @@ No

 
-init_rw_script_tmp_files(
+init_domtrans(
 	
-		domain
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +

+
+init_domtrans_script(
+	
+		
+		
+		
+		?
 		
 	
 	)

 

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! - Description +	+No +

+ +

+ + +

+
+init_dontaudit_getattr_initctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

- Read and write init script temporary data. +Summary is missing!

Parameters

+ +

Parameter:	Description:	Optional:
-domain +? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_dontaudit_rw_script_pid(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_dontaudit_use_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_dontaudit_use_initctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + +

Parameter:

Description:

Optional:

- The type of the process performing this action. +Parameter descriptions are missing!

No @@ -191,6 +454,829 @@ No +

+ + +

+
+init_dontaudit_use_script_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_dontaudit_use_script_pty(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_dontaudit_write_script_pid(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_exec_script(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_get_process_group(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_get_script_process_group(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_getattr_initctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_read_script_pid(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_read_script_process_state(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read the process state (/proc/pid) of the init scripts. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+init_rw_script_pid(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_rw_script_pipe(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write init script unnamed pipes. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+init_rw_script_tmp_files(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Read and write init script temporary data. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+init_sigchld(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_system_domain(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_udp_sendto_script(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

+Send UDP network traffic to init scripts. +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ +

+ + +

+
+init_use_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_use_initctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_use_script_fd(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_use_script_pty(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ +

+ + +

+
+init_write_initctl(
+	
+		
+		
+		
+		?
+		
+	
+	)

+

+ +

Summary

+Summary is missing! +

+ + +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+? +	+ +Parameter descriptions are missing! + +	+No +

+ + +Return + diff --git a/www/api-docs/system_iptables.html b/www/api-docs/system_iptables.html index 43ffa91..d0cff12 100644 --- a/www/api-docs/system_iptables.html +++ b/www/api-docs/system_iptables.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,23 @@

* Interface Index +

+ * Template Index

Layer: system

Module: iptables

+ + +

Description:

Policy for iptables.

@@ -239,7 +256,7 @@ No domain

- The type of the process performing this action. +The type of the process performing this action.

No @@ -249,7 +266,7 @@ No role

- The role to be allowed the iptables domain. +The role to be allowed the iptables domain.

No @@ -259,7 +276,7 @@ No terminal

- The type of the terminal allow the iptables domain to use. +The type of the terminal allow the iptables domain to use.

No @@ -270,6 +287,9 @@ No +Return + + diff --git a/www/api-docs/system_libraries.html b/www/api-docs/system_libraries.html index 5a1cf56..73686d5 100644 --- a/www/api-docs/system_libraries.html +++ b/www/api-docs/system_libraries.html @@ -15,6 +15,12 @@ + + + apps
+

+ +

+ + kernel

@@ -46,6 +52,9 @@    - files
+    - + fstools
+    - getty
@@ -98,15 +107,23 @@

* Interface Index +

+ * Template Index

Layer: system

Module: libraries

+ + +

Description:

Description:

Optional:

- The type of the process performing this action. +The type of the process performing this action.

No @@ -420,7 +432,7 @@ No role

- The role to allow the ldconfig domain. +The role to allow the ldconfig domain.

No @@ -430,7 +442,7 @@ No terminal

- The type of the terminal allow the ldconfig domain to use. +The type of the terminal allow the ldconfig domain to use.

No @@ -457,13 +469,54 @@ No

Summary

+Modify the dynamic link/loader's cached listing +of shared libraries. +

Description

+ +

Parameters

+ + + + + +

Parameter:	Description:	Optional:
+domain +	+ +The type of the process performing this action. + +	+No +

+ + +

+
+libs_search_lib(
+	
+		
+		
+		
+		domain
+		
+	
+	)

+

+ +

Summary

- Modify the dynamic link/loader's cached listing - of shared libraries. +Search lib directories.

Parameters

@@ -472,7 +525,7 @@ No domain