Master template index:
Module:
apache
Layer:
services
apache_content_template(
prefix
)
Create a set of derived types for apache
web content.
Module:
apache
Layer:
services
apache_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the apache module.
Module:
apache
Layer:
services
apache_read_user_content(
domain_prefix
,
domain
)
Module:
apache
Layer:
services
apache_read_user_scripts(
domain_prefix
,
domain
)
Read httpd user scripts executables.
Module:
authlogin
Layer:
system
auth_domtrans_user_chk_passwd(
userdomain_prefix
,
domain
)
Run unix_chkpwd to check a password
for a user domain.
Module:
authlogin
Layer:
system
authlogin_common_auth_domain_template(
userdomain_prefix
)
Common template to create a domain for authentication.
Module:
authlogin
Layer:
system
authlogin_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the authlogin module.
Module:
cdrecord
Layer:
apps
cdrecord_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the cdrecord module.
Module:
clockspeed
Layer:
services
clockspeed_run_cli(
domain
,
role
,
terminal
)
Allow the specified role the clockspeed_cli domain.
Module:
courier
Layer:
services
courier_domain_template(
prefix
)
Template for creating courier server processes.
Module:
cron
Layer:
services
cron_admin_template(
userdomain_prefix
)
The administrative functions template for the cron module.
Module:
cron
Layer:
services
cron_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the cron module.
Module:
dbus
Layer:
services
dbus_connectto_user_bus(
domain_prefix
,
domain
)
connectto a message on user/application specific DBUS.
Module:
dbus
Layer:
services
dbus_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the dbus module.
Module:
dbus
Layer:
services
dbus_send_user_bus(
domain_prefix
,
domain
)
Send a message on user/application specific DBUS.
Module:
dbus
Layer:
services
dbus_system_bus_client_template(
domain_prefix
,
domain
)
Template for creating connections to
the system DBUS.
Module:
dbus
Layer:
services
dbus_user_bus_client_template(
user_prefix
,
domain_prefix
,
domain
)
Template for creating connections to
a user DBUS.
Module:
djbdns
Layer:
services
djbdns_daemontools_domain_template(
prefix
)
Create a set of derived types for djbdns
components that are directly supervised by daemontools.
Module:
ethereal
Layer:
apps
ethereal_admin_template(
userdomain_prefix
,
user_domain
)
The administrative functions template for the ethereal module.
Module:
ethereal
Layer:
apps
ethereal_domtrans_tethereal(
domain
)
Run tethereal in the tethereal domain.
Module:
ethereal
Layer:
apps
ethereal_domtrans_user_ethereal(
userdomain_prefix
,
domain
)
Run ethereal in ethereal domain.
Module:
ethereal
Layer:
apps
ethereal_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the ethereal module.
Module:
evolution
Layer:
apps
evolution_home_filetrans(
prefix
,
domain
,
object
)
Create objects in users evolution home folders.
Module:
evolution
Layer:
apps
evolution_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the evolution module.
Module:
evolution
Layer:
apps
evolution_stream_connect(
userdomain_prefix
,
domain
)
Connect to user evolution unix stream socket.
Module:
ftp
Layer:
services
ftp_per_role_template(
userdomain_prefix
)
The per role template for the ftp module.
Module:
games
Layer:
apps
games_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the games module.
Module:
gift
Layer:
apps
gift_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the gift module.
Module:
gnome
Layer:
apps
gnome_domtrans_user_gconf(
userdomain_prefix
,
domain
)
Run gconfd in the role-specific gconfd domain.
Module:
gnome
Layer:
apps
gnome_gconf_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the gnome gconf module.
Module:
gnome
Layer:
apps
gnome_manage_user_gnome_config(
userdomain_prefix
,
user_domain
)
manage gnome homedir content (.config)
Module:
gnome
Layer:
apps
gnome_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the gnome module.
Module:
gnome
Layer:
apps
gnome_read_user_gnome_config(
userdomain_prefix
,
user_domain
)
read gnome homedir content (.config)
Module:
gnome
Layer:
apps
gnome_stream_connect_gconf_template(
userdomain_prefix
,
user_domain
)
gconf connection template.
Module:
gpg
Layer:
apps
gpg_domtrans_user_gpg(
userdomain_prefix
,
domain
)
Transition to a user gpg domain.
Module:
gpg
Layer:
apps
gpg_per_role_template(
userdomain_prefix
,
userdomain
,
role
)
The per role template for the gpg module.
Module:
gpg
Layer:
apps
gpg_signal_user_gpg(
userdomain_prefix
,
domain
)
Send generic signals to user gpg processes.
Module:
irc
Layer:
apps
irc_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the irc module.
Module:
java
Layer:
apps
java_domtrans_user_javaplugin(
userdomain_prefix
,
domain
)
Run java in javaplugin domain.
Module:
java
Layer:
apps
java_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the java module.
Module:
kerberos
Layer:
services
kerberos_keytab_template(
prefix
,
domain
)
Create a derived type for kerberos keytab
Module:
lockdev
Layer:
apps
lockdev_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the lockdev module.
Module:
lpd
Layer:
services
lpd_domtrans_user_lpr(
userdomain_prefix
,
domain
)
Transition to a user lpr domain.
Module:
lpd
Layer:
services
lpd_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the lpd module.
Module:
lpd
Layer:
services
lpr_admin_template(
userdomain_prefix
)
The administrative functions template for the lpd module.
Module:
mailman
Layer:
services
mailman_domain_template(
userdomain_prefix
)
The template to define a mailmain domain.
Module:
milter
Layer:
services
milter_template(
milter_name
)
Create a set of derived types for various
mail filter applications using the milter interface.
Module:
mozilla
Layer:
apps
mozilla_domtrans_user_mozilla(
userdomain_prefix
,
domain
)
Run mozilla in user mozilla domain.
Module:
mozilla
Layer:
apps
mozilla_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the mozilla module.
Module:
mozilla
Layer:
apps
mozilla_read_user_home_files(
userdomain_prefix
,
domain
)
Read mozilla per user homedir
Module:
mozilla
Layer:
apps
mozilla_rw_user_tcp_sockets(
userdomain_prefix
,
domain
)
read/write mozilla per user tcp_socket
Module:
mozilla
Layer:
apps
mozilla_write_user_home_files(
userdomain_prefix
,
domain
)
write mozilla per user homedir
Module:
mplayer
Layer:
apps
mplayer_domtrans_user_mplayer(
userdomain_prefix
,
domain
)
Run mplayer in mplayer domain.
Module:
mplayer
Layer:
apps
mplayer_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the mplayer module.
Module:
mplayer
Layer:
apps
mplayer_read_user_home_files(
userdomain_prefix
,
domain
)
Read mplayer per user homedir
Module:
mta
Layer:
services
mta_admin_template(
userdomain_prefix
,
user_domain
)
Provide extra permissions for admin users
mail domain.
Module:
mta
Layer:
services
mta_base_mail_template(
domain_prefix
)
Basic mail transfer agent domain template.
Module:
mta
Layer:
services
mta_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the mta module.
Module:
pki
Layer:
services
pki_ca_template(
prefix
)
Create a set of derived types for apache
web content.
Module:
pki
Layer:
services
pki_ra_template(
prefix
)
Create a set of derived types for apache
web content.
Module:
postfix
Layer:
services
postfix_domain_template(
prefix
)
Creates types and rules for a basic
postfix process domain.
Module:
postfix
Layer:
services
postfix_per_role_template(
prefix
,
user_domain
)
The per role template for the postfix module.
Module:
postfix
Layer:
services
postfix_server_domain_template(
prefix
)
Creates a postfix server process domain.
Module:
postfix
Layer:
services
postfix_user_domain_template(
prefix
)
Creates a process domain for programs
that are ran by users.
Module:
pyzor
Layer:
services
pyzor_per_role_template(
userdomain_prefix
)
The per role template for the pyzor module.
Module:
qemu
Layer:
apps
qemu_domain_template(
prefix
)
Creates types and rules for a basic
qemu process domain.
Module:
qemu
Layer:
apps
qemu_role(
userdomain_prefix
,
user_role
,
user_domain
)
The per role template for the qemu module.
Module:
qmail
Layer:
services
qmail_child_domain_template(
child_prefix
,
parent_domain
)
Template for qmail parent/sub-domain pairs
Module:
qmail
Layer:
services
qmail_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for qmail
Module:
razor
Layer:
services
razor_common_domain_template(
prefix
)
Template to create types and rules common to
all razor domains.
Module:
razor
Layer:
services
razor_manage_user_home_files(
userdomain_prefix
,
domain
)
Create, read, write, and delete razor files
in a user home subdirectory.
Module:
razor
Layer:
services
razor_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the razor module.
Module:
rhcs
Layer:
services
rhcs_domain_template(
prefix
)
Creates types and rules for a basic
cluster init daemon domain.
Module:
rpc
Layer:
services
rpc_domain_template(
userdomain_prefix
)
The template to define a rpc domain.
Module:
rssh
Layer:
apps
rssh_per_role_template(
userdomain_prefix
)
The per role template for the rssh module.
Module:
samba
Layer:
services
samba_per_role_template(
userdomain_prefix
)
The per role template for the samba module.
Module:
screen
Layer:
apps
screen_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the screen module.
Module:
spamassassin
Layer:
services
spamassassin_domtrans_user_client(
prefix
,
domain
)
Execute spamassassin client in the user spamassassin client domain.
Module:
spamassassin
Layer:
services
spamassassin_domtrans_user_local_client(
prefix
,
domain
)
Execute spamassassin in the user spamassassin domain.
Module:
spamassassin
Layer:
services
spamassassin_manage_user_home_files(
userdomain_prefix
,
domain
)
Read spamassassin per user homedir
Module:
spamassassin
Layer:
services
spamassassin_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the spamassassin module.
Module:
spamassassin
Layer:
services
spamassassin_read_user_home_files(
userdomain_prefix
,
domain
)
Read spamassassin per user homedir
Module:
ssh
Layer:
services
ssh_basic_client_template(
userdomain_prefix
,
user_domain
,
user_role
)
Basic SSH client template.
Module:
ssh
Layer:
services
ssh_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the ssh module.
Module:
ssh
Layer:
services
ssh_server_template(
userdomain_prefix
)
The template to define a ssh server.
Module:
su
Layer:
admin
su_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the su module.
Module:
su
Layer:
admin
su_restricted_domain_template(
userdomain_prefix
,
user_domain
,
user_role
)
Restricted su domain template.
Module:
sudo
Layer:
admin
sudo_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the sudo module.
Module:
thunderbird
Layer:
apps
thunderbird_domtrans_user_thunderbird(
userdomain_prefix
,
domain
)
Run thunderbird in user thunderbird domain.
Module:
thunderbird
Layer:
apps
thunderbird_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the thunderbird module.
Module:
tvtime
Layer:
apps
tvtime_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the tvtime module.
Module:
uml
Layer:
apps
uml_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the uml module.
Module:
userdomain
Layer:
system
userdom_admin_user_template(
userdomain_prefix
)
The template for creating an administrative user.
Module:
userdomain
Layer:
system
userdom_base_user_template(
userdomain_prefix
)
The template containing the most basic rules common to all users.
Module:
userdomain
Layer:
system
userdom_basic_networking_template(
userdomain_prefix
)
The template allowing the user basic
network permissions
Module:
userdomain
Layer:
system
userdom_change_password_template(
userdomain_prefix
)
The template for allowing the user to change passwords.
Module:
userdomain
Layer:
system
userdom_common_user_template(
userdomain_prefix
)
The template containing rules common to unprivileged
users and administrative users.
Module:
userdomain
Layer:
system
userdom_create_user_pty(
userdomain_prefix
,
domain
)
Module:
userdomain
Layer:
system
userdom_dontaudit_append_user_tmp_files(
userdomain_prefix
,
domain
)
Do not audit attempts to append users
temporary files.
Module:
userdomain
Layer:
system
userdom_dontaudit_exec_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to execute user home files.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_home_dirs(
userdomain_prefix
,
domain
)
Do not audit attempts to list user home subdirectories.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_tmp(
userdomain_prefix
,
domain
)
Do not audit attempts to list user
temporary directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_tmp_untrusted_content(
userdomain_prefix
,
domain
)
Do not audit attempts to list user
temporary untrusted directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_list_user_untrusted_content(
userdomain_prefix
,
domain
)
Do not audit attempts to list user
untrusted directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_manage_user_home_content_dirs(
userdomain_prefix
,
domain
)
Do not audit attempts to create, read, write, and delete directories
in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_dontaudit_manage_user_tmp_dirs(
userdomain_prefix
,
domain
)
Do not audit attempts to manage users
temporary directories.
Module:
userdomain
Layer:
system
userdom_dontaudit_manage_user_tmp_files(
userdomain_prefix
,
domain
)
Do not audit attempts to manage users
temporary files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read user home files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_tmp_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read users
temporary files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_tmp_untrusted_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read users
temporary untrusted files.
Module:
userdomain
Layer:
system
userdom_dontaudit_read_user_untrusted_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to read users
untrusted files.
Module:
userdomain
Layer:
system
userdom_dontaudit_setattr_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to set the
attributes of user home files.
Module:
userdomain
Layer:
system
userdom_dontaudit_use_user_terminals(
userdomain_prefix
,
domain
)
Do not audit attempts to read and write
a user domain tty and pty.
Module:
userdomain
Layer:
system
userdom_dontaudit_write_user_home_content_files(
userdomain_prefix
,
domain
)
Do not audit attempts to write user home files.
Module:
userdomain
Layer:
system
userdom_exec_generic_pgms_template(
userdomain_prefix
)
The template allowing the user to execute
generic programs, such as those found in /bin,
/sbin, /usr/bin, and /usr/sbin.
Module:
userdomain
Layer:
system
userdom_exec_home_template(
userdomain_prefix
)
The template for allowing the user
to execute files in their home directory.
Module:
userdomain
Layer:
system
userdom_exec_tmp_template(
userdomain_prefix
)
The template for execute access to the user temporary files.
Module:
userdomain
Layer:
system
userdom_exec_user_home_content_files(
userdomain_prefix
,
domain
)
Module:
userdomain
Layer:
system
userdom_list_user_home_dirs(
userdomain_prefix
,
domain
)
List user home directories.
Module:
userdomain
Layer:
system
userdom_list_user_tmp(
userdomain_prefix
,
domain
)
List user temporary directories.
Module:
userdomain
Layer:
system
userdom_list_user_tmp_untrusted_content(
userdomain_prefix
,
domain
)
List users temporary untrusted directories.
Module:
userdomain
Layer:
system
userdom_list_user_untrusted_content(
userdomain_prefix
,
domain
)
List users untrusted directories.
Module:
userdomain
Layer:
system
userdom_login_user_template(
userdomain_prefix
)
The template for creating a login user.
Module:
userdomain
Layer:
system
userdom_manage_home_template(
userdomain_prefix
)
The template for creating a home directory
that the user has full access.
Module:
userdomain
Layer:
system
userdom_manage_tmp_template(
userdomain_prefix
)
The template for full access to the temporary directories.
Module:
userdomain
Layer:
system
userdom_manage_tmpfs_template(
userdomain_prefix
)
The template for creating a tmpfs type
that the user has full access.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_dirs(
userdomain_prefix
,
domain
)
Create, read, write, and delete directories
in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_files(
userdomain_prefix
,
domain
)
Create, read, write, and delete files
in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_pipes(
userdomain_prefix
,
domain
)
Create, read, write, and delete named pipes
in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_sockets(
userdomain_prefix
,
domain
)
Create, read, write, and delete named sockets
in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_home_content_symlinks(
userdomain_prefix
,
domain
)
Create, read, write, and delete symbolic links
in a user home subdirectory.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_dirs(
userdomain_prefix
,
domain
)
Create, read, write, and delete user
temporary directories.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_files(
userdomain_prefix
,
domain
)
Create, read, write, and delete user
temporary files.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_pipes(
userdomain_prefix
,
domain
)
Create, read, write, and delete user
temporary named pipes.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_sockets(
userdomain_prefix
,
domain
)
Create, read, write, and delete user
temporary named sockets.
Module:
userdomain
Layer:
system
userdom_manage_user_tmp_symlinks(
userdomain_prefix
,
domain
)
Create, read, write, and delete user
temporary symbolic links.
Module:
userdomain
Layer:
system
userdom_manage_user_untrusted_content_files(
userdomain_prefix
,
domain
)
Manage user untrusted files.
Module:
userdomain
Layer:
system
userdom_poly_home_template(
userdomain_prefix
)
The template for polyinstantiating
a user home directory.
Module:
userdomain
Layer:
system
userdom_poly_tmp_template(
userdomain_prefix
)
The template for a polyinstantiated temporary directory.
Module:
userdomain
Layer:
system
userdom_privhome_user_template(
userdomain_prefix
)
The template for creating a unprivileged user.
Module:
userdomain
Layer:
system
userdom_read_user_home_content_files(
userdomain_prefix
,
domain
)
Module:
userdomain
Layer:
system
userdom_read_user_home_content_symlinks(
userdomain_prefix
,
domain
)
Read user home subdirectory symbolic links.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_files(
userdomain_prefix
,
domain
)
Read user temporary files.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_symlinks(
userdomain_prefix
,
domain
)
Read user
temporary symbolic links.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_untrusted_content_files(
userdomain_prefix
,
domain
)
Read user temporary untrusted files.
Module:
userdomain
Layer:
system
userdom_read_user_tmp_untrusted_content_symlinks(
userdomain_prefix
,
domain
)
Read user temporary untrusted symbolic links.
Module:
userdomain
Layer:
system
userdom_read_user_tmpfs_files(
userdomain_prefix
)
The template for creating a tmpfs type
that the user has full access.
Module:
userdomain
Layer:
system
userdom_read_user_untrusted_content_files(
userdomain_prefix
,
domain
)
Read user untrusted files.
Module:
userdomain
Layer:
system
userdom_read_user_untrusted_content_symlinks(
userdomain_prefix
,
domain
)
Read user untrusted symbolic links.
Module:
userdomain
Layer:
system
userdom_restricted_user_template(
userdomain_prefix
)
The template for creating a unprivileged login user.
Module:
userdomain
Layer:
system
userdom_ro_home_template(
userdomain_prefix
)
The template for creating a home directory
that the user has read-only access.
Module:
userdomain
Layer:
system
userdom_role_change_auditadm(
prefix
)
Change to the auditadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_auditadm(
prefix
)
Change from the auditadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_generic_user(
prefix
)
Change from the generic user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_secadm(
prefix
)
Change from the secadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_staff(
prefix
)
Change from the staff user role.
Module:
userdomain
Layer:
system
userdom_role_change_from_sysadm(
prefix
)
Change from the sysadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_generic_user(
prefix
)
Change to the generic user role.
Module:
userdomain
Layer:
system
userdom_role_change_secadm(
prefix
)
Change to the secadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_staff(
prefix
)
Change to the staff user role.
Module:
userdomain
Layer:
system
userdom_role_change_sysadm(
prefix
)
Change to the sysadm user role.
Module:
userdomain
Layer:
system
userdom_role_change_template(
userdomain_prefix
)
The template for allowing the user to change roles.
Module:
userdomain
Layer:
system
userdom_rw_user_tmp_files(
userdomain_prefix
,
domain
)
Read and write user temporary files.
Module:
userdomain
Layer:
system
userdom_rw_user_tmpfs_files(
userdomain_prefix
,
domain
)
Module:
userdomain
Layer:
system
userdom_search_user_home_dirs(
userdomain_prefix
,
domain
)
Search user home directories.
Module:
userdomain
Layer:
system
userdom_security_administrator(
userdomain_prefix
,
domain
,
role
,
object_class
)
Allow user to run as a secadm
Module:
userdomain
Layer:
system
userdom_setattr_user_ptys(
userdomain_prefix
,
domain
)
Set the attributes of a user pty.
Module:
userdomain
Layer:
system
userdom_setattr_user_ttys(
userdomain_prefix
,
domain
)
Set the attributes of a user domain tty.
Module:
userdomain
Layer:
system
userdom_tmp_filetrans_user_tmp(
userdomain_prefix
,
domain
,
object_class
)
Create objects in the temporary directory
with an automatic type transition to
the user temporary type.
Module:
userdomain
Layer:
system
userdom_transition_user_tmp(
userdomain_prefix
,
domain
,
class
)
Manage and create all files in /tmp on behalf of the user
Module:
userdomain
Layer:
system
userdom_unpriv_user_template(
userdomain_prefix
)
The template for creating a unprivileged user.
Module:
userdomain
Layer:
system
userdom_untrusted_content_template(
userdomain_prefix
)
The template for creating a set of types
for untrusted content.
Module:
userdomain
Layer:
system
userdom_use_user_terminals(
userdomain_prefix
,
domain
)
Read and write a user domain tty and pty.
Module:
userdomain
Layer:
system
userdom_use_user_ttys(
userdomain_prefix
,
domain
)
Read and write a user domain tty.
Module:
userdomain
Layer:
system
userdom_user_home_content(
userdomain_prefix
,
type
)
Make the specified type usable in a
user home directory.
Module:
userdomain
Layer:
system
userdom_user_home_dir_filetrans(
userdomain_prefix
,
domain
,
private_type
,
object_class
)
Create objects in a user home directory
with an automatic type transition to
a specified private type.
Module:
userdomain
Layer:
system
userdom_user_home_dir_filetrans_user_home_content(
userdomain_prefix
,
domain
,
object_class
)
Create objects in a user home directory
with an automatic type transition to
the user home file type.
Module:
userdomain
Layer:
system
userdom_user_home_domtrans(
userdomain_prefix
,
source_domain
,
target_domain
)
Do a domain transition to the specified
domain when executing a program in the
user home directory.
Module:
userdomain
Layer:
system
userdom_user_tmp_filetrans(
userdomain_prefix
,
domain
,
private_type
,
object_class
)
Create objects in a user temporary directory
with an automatic type transition to
a specified private type.
Module:
userdomain
Layer:
system
userdom_write_user_tmp_sockets(
userdomain_prefix
,
domain
)
Write to user temporary named sockets.
Module:
userdomain
Layer:
system
userdom_xwindows_client_template(
userdomain_prefix
)
The template for creating a user xwindows client.
Module:
userhelper
Layer:
apps
userhelper_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the userhelper module.
Module:
userhelper
Layer:
apps
userhelper_sigchld_user(
prefix
,
domain
)
Allow domain to send sigchld to userhelper.
Module:
userhelper
Layer:
apps
userhelper_use_user_fd(
prefix
,
domain
)
Allow domain to use userhelper file descriptor.
Module:
virt
Layer:
services
virt_domain_template(
prefix
)
Creates types and rules for a basic
qemu process domain.
Module:
vmware
Layer:
apps
vmware_per_role_template(
userdomain_prefix
,
user_domain
,
user_role
)
The per role template for the vmware module.
Module:
xserver
Layer:
services
xserver_common_domain_template(
prefix
)
Template to create types and rules common to
all X server domains.
Module:
xserver
Layer:
services
xserver_domtrans_user_xauth(
userdomain_prefix
,
domain
)
Transition to a user Xauthority domain.
Module:
xserver
Layer:
services
xserver_per_role_template(
prefix
,
user_domain
,
user_role
)
The per role template for the xserver module.
Module:
xserver
Layer:
services
xserver_read_user_iceauth(
userdomain_prefix
,
domain
)
Read a user Iceauthority domain.
Module:
xserver
Layer:
services
xserver_read_user_xauth(
userdomain_prefix
,
domain
)
Read a user Xauthority domain.
Module:
xserver
Layer:
services
xserver_ro_session_template(
prefix
,
domain
,
tmpfs_type
)
Template for creating sessions on a
prefix X server, with read-only
access to the X server shared
memory segments.
Module:
xserver
Layer:
services
xserver_rw_session_template(
prefix
,
domain
,
tmpfs_type
)
Template for creating sessions on a
prefix X server, with read and write
access to the X server shared
memory segments.
Module:
xserver
Layer:
services
xserver_use_user_fonts(
userdomain_prefix
,
domain
)
Read user fonts, user font configuration,
and manage the user font cache.
Module:
xserver
Layer:
services
xserver_user_client_template(
prefix
,
domain
,
tmpfs_type
)
Template for creating full client sessions
on a user X server.
Module:
xserver
Layer:
services
xserver_user_home_dir_filetrans_user_xauth(
userdomain_prefix
,
domain
)
Transition to a user Xauthority domain.