Layer: services

Module: samba

Interfaces Templates

Description:

SMB and CIFS client/server programs for UNIX and name Service Switch daemon for resolving names from Windows NT servers.

Interfaces:

samba_append_log( domain )
Summary

Allow the specified domain to append to samba's log files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_domtrans_net( domain )
Summary

Execute samba net in the samba_net domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_domtrans_nmb( domain )
Summary

Execute smbd net in the nmb domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_domtrans_smb( domain )
Summary

Execute smbd net in the smb domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_domtrans_smbcontrol( domain )
Summary

Execute a domain transition to run smbcontrol.

Parameters
Parameter:Description:Optional:
domain

Domain allowed to transition.

No
samba_domtrans_smbmount( domain )
Summary

Execute smbmount in the smbmount domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_domtrans_winbind_helper( domain )
Summary

Execute winbind_helper in the winbind_helper domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_dontaudit_use_fds( domain )
Summary

Do not audit attempts to use file descriptors from samba.

Parameters
Parameter:Description:Optional:
domain

Domain to not audit.

No
samba_exec_log( domain )
Summary

Execute samba log in the caller domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_initrc_domtrans( domain )
Summary

Execute samba server in the samba domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
samba_manage_var_files( domain )
Summary

Allow the specified domain to create, read and write samba /var files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_read_config( domain )
Summary

Allow the specified domain to read samba configuration files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_read_log( domain )
Summary

Allow the specified domain to read samba's log files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_read_secrets( domain )
Summary

Allow the specified domain to read samba's secrets.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_read_share_files( domain )
Summary

Allow the specified domain to read samba's shares

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_read_var_files( domain )
Summary

Allow the specified domain to read samba /var files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_read_winbind_pid( domain )
Summary

Allow the specified domain to read the winbind pid files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_run_net( domain , role , terminal )
Summary

Execute samba net in the samba_net domain, and allow the specified role the samba_net domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
role

The role to be allowed the samba_net domain.

No
terminal

The type of the terminal allow the samba_net domain to use.

No
samba_run_smbcontrol( domain , role , terminal )
Summary

Execute smbcontrol in the smbcontrol domain, and allow the specified role the smbcontrol domain.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access

No
role

The role to be allowed the smbcontrol domain.

No
terminal

The type of the role's terminal.

No
samba_run_winbind_helper( domain , role , terminal )
Summary

Execute winbind_helper in the winbind_helper domain, and allow the specified role the winbind_helper domain.

Parameters
Parameter:Description:Optional:
domain

The type of the process performing this action.

No
role

The role to be allowed the winbind_helper domain.

No
terminal

The type of the terminal allow the winbind_helper domain to use.

No
samba_rw_config( domain )
Summary

Allow the specified domain to read and write samba configuration files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_rw_smbmount_tcp_sockets( domain )
Summary

Allow the specified domain to read and write to smbmount tcp sockets.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_rw_var_files( domain )
Summary

Allow the specified domain to read and write samba /var files.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_search_var( domain )
Summary

Allow the specified domain to search samba /var directories.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_signal_nmbd( domain )
Summary

Allow domain to signal samba

Parameters
Parameter:Description:Optional:
domain

Domain to not audit.

No
samba_signal_smbd( domain )
Summary

Allow domain to signal samba

Parameters
Parameter:Description:Optional:
domain

Domain to not audit.

No
samba_stream_connect_winbind( domain )
Summary

Connect to winbind.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
samba_write_smbmount_tcp_sockets( domain )
Summary

Allow the specified domain to write to smbmount tcp sockets.

Parameters
Parameter:Description:Optional:
domain

Domain allowed access.

No
Return

Templates:

samba_per_role_template( userdomain_prefix )
Summary

The per role template for the samba module.

Description

This template allows smbd to manage files in a user home directory, creating files with the correct type.

This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.

Parameters
Parameter:Description:Optional:
userdomain_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

No
Return