Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/share/doc/selinux-policy-2.4.6/html/ drwxr-xr-x | |
| Viewing file: Select action/file-type: Security Enhanced Linux Reference Policy
+
admin
-
application
- authlogin - clock - daemontools - fstools - getty - hostname - hotplug - init - ipsec - iptables - iscsi - libraries - locallogin - logging - lvm - miscfiles - modutils - mount - netlabel - pcmcia - raid - selinuxutil - setrans - sysnetwork - tzdata - udev - unconfined - userdomain - virtual - xen * Global Booleans * Global Tunables * Layer Index * Interface Index * Template Index Layer: systemModule: userdomainInterfaces TemplatesDescription:Policy for user domains Interfaces:
userdom_append_generic_user_home_content_files(
domain
)
SummaryAppend files in a user home subdirectory. Parameters
userdom_bin_spec_domtrans_sysadm(
domain
)
SummaryExecute a generic bin program in the sysadm domain. Parameters
userdom_bin_spec_domtrans_unpriv_users(
domain
)
SummaryExecute bin_t in the unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_create_all_users_keys(
domain
)
SummaryCreate keys for all user domains. Parameters
userdom_dbus_send_all_users(
domain
)
SummarySend a dbus message to all user domains. Parameters
userdom_delete_all_users_home_content_dirs(
domain
)
Summarydelete all directories in all users home directories. Parameters
userdom_delete_all_users_home_content_files(
domain
)
SummaryDelete all files in all users home directories. Parameters
userdom_delete_all_users_home_content_symlinks(
domain
)
SummaryDelete all symlinks in all users home directories. Parameters
userdom_dontaudit_append_staff_home_content_files(
domain
)
SummaryDo not audit attempts to append to the staff users home directory. Parameters
userdom_dontaudit_getattr_sysadm_home_dirs(
domain
)
SummaryDo not audit attempts to get the attributes of the sysadm users home directory. Parameters
userdom_dontaudit_getattr_sysadm_ttys(
domain
)
SummaryDo not audit attepts to get the attributes of sysadm ttys. Parameters
userdom_dontaudit_list_sysadm_home_dirs(
domain
)
SummaryDo not audit attempts to list the sysadm users home directory. Parameters
userdom_dontaudit_list_user_files(
domain
)
Summarydontaudit getattr all user file type Parameters
userdom_dontaudit_read_sysadm_home_content_files(
domain
)
SummaryDo not audit attempts to search the sysadm users home directory. Parameters
userdom_dontaudit_relabel_generic_user_home_content_files(
domain
)
Summarydontaudit relabel of generic user home files. Parameters
userdom_dontaudit_relabelfrom_unpriv_users_ptys(
domain
)
SummaryDo not audit attempts to relabel files from unprivileged user pty types. Parameters
userdom_dontaudit_search_all_users_home_content(
domain
)
SummaryDo not audit attempts to search all users home directories. Parameters
userdom_dontaudit_search_generic_user_home_dirs(
domain
)
SummaryDon't audit search on the user home subdirectory. Parameters
userdom_dontaudit_search_staff_home_dirs(
domain
)
SummaryDo not audit attempts to search the staff users home directory. Parameters
userdom_dontaudit_search_sysadm_home_dirs(
domain
)
SummaryDo not audit attempts to search the sysadm users home directory. Parameters
userdom_dontaudit_use_all_users_fds(
domain
)
SummaryDo not audit attempts to inherit the file descriptors from any user domains. Parameters
userdom_dontaudit_use_sysadm_ptys(
domain
)
SummaryDont audit attempts to read and write sysadm ptys. Parameters
userdom_dontaudit_use_sysadm_terms(
domain
)
SummaryDo not audit attempts to use sysadm ttys and ptys. Parameters
userdom_dontaudit_use_sysadm_ttys(
domain
)
SummaryDo not audit attempts to use sysadm ttys. Parameters
userdom_dontaudit_use_unpriv_user_fds(
domain
)
SummaryDo not audit attempts to inherit the file descriptors from all user domains. Parameters
userdom_dontaudit_use_unpriv_users_ptys(
domain
)
SummaryDo not audit attempts to use unprivileged user ptys. Parameters
userdom_dontaudit_use_unpriv_users_ttys(
domain
)
SummaryDo not audit attempts to use unprivileged user ttys. Parameters
userdom_dontaudit_write_unpriv_user_home_content_files(
domain
)
Summarydontaudit attempts to write to user home dir files Parameters
userdom_entry_spec_domtrans_sysadm(
domain
)
SummaryExecute all entrypoint files in the sysadm domain. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_entry_spec_domtrans_unpriv_users(
domain
)
SummaryExecute all entrypoint files in unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_exec(
type
)
SummaryExecute user executables in the caller domain. Parameters
userdom_executable_file(
type
)
SummaryMake the specified type usable for files that are exectuables, such as binary programs. This does not include shared libraries. Parameters
userdom_execute_generic_user_home_content_files(
domain
)
Summaryallow execute of generic user home files. Parameters
userdom_generic_user_home_dir_filetrans_generic_user_home_content(
domain
,
object_class
)
SummaryCreate objects in generic user home directories with automatic file type transition. Parameters
userdom_getattr_all_executables(
domain
)
Summarygetattr all executables Parameters
userdom_getattr_all_users(
domain
)
SummaryGet the attributes of all user domains. Parameters
userdom_getattr_sysadm_home_dirs(
domain
)
SummaryGet the attributes of the sysadm users home directory. Parameters
userdom_home_filetrans_generic_user_home_dir(
domain
)
SummaryCreate generic user home directories with automatic file type transition. Parameters
userdom_list_all_users_home_dirs(
domain
)
SummaryList all users home directories. Parameters
userdom_list_sysadm_home_dirs(
domain
)
SummaryList the sysadm users home directory. Parameters
userdom_list_unpriv_users_tmp(
domain
)
SummaryRead all unprivileged users temporary directories. Parameters
userdom_list_user_files(
domain
)
Summaryallow getattr all user file type Parameters
userdom_manage_all_users_home_content_dirs(
domain
)
SummaryCreate, read, write, and delete all directories in all users home directories. Parameters
userdom_manage_all_users_home_content_files(
domain
)
SummaryCreate, read, write, and delete all files in all users home directories. Parameters
userdom_manage_all_users_home_content_symlinks(
domain
)
SummaryCreate, read, write, and delete all symlinks in all users home directories. Parameters
userdom_manage_generic_user_home_content_dirs(
domain
)
SummaryCreate, read, write, and delete subdirectories of generic user home directories. Parameters
userdom_manage_generic_user_home_content_files(
domain
)
SummaryCreate, read, write, and delete files in generic user home directories. Parameters
userdom_manage_generic_user_home_content_pipes(
domain
)
SummaryCreate, read, write, and delete named pipes in generic user home directories. Parameters
userdom_manage_generic_user_home_content_sockets(
domain
)
SummaryCreate, read, write, and delete named sockets in generic user home directories. Parameters
userdom_manage_generic_user_home_content_symlinks(
domain
)
SummaryCreate, read, write, and delete symbolic links in generic user home directories. Parameters
userdom_manage_generic_user_home_dirs(
domain
)
SummaryCreate, read, write, and delete generic user home directories. Parameters
userdom_manage_staff_home_content_dirs(
domain
)
SummaryCreate, read, write, and delete subdirectories of generic staff home directories. Parameters
userdom_manage_staff_home_dirs(
domain
)
SummaryCreate, read, write, and delete staff home directories. Parameters
userdom_manage_unpriv_user_semaphores(
domain
)
SummaryManage unpriviledged user SysV sempaphores. Parameters
userdom_manage_unpriv_user_shared_mem(
domain
)
SummaryManage unpriviledged user SysV shared memory segments. Parameters
userdom_manage_unpriv_users_home_content_dirs(
domain
)
SummaryCreate, read, write, and delete directories in unprivileged users home directories. Parameters
userdom_manage_unpriv_users_home_content_files(
domain
)
SummaryCreate, read, write, and delete files in unprivileged users home directories. Parameters
userdom_manage_user_executables(
domain
)
SummaryCreate, read, write, and all executable files. Parameters
userdom_manage_user_home_content(
userdomain
)
SummaryManage all files/directories in the homedir Parameters
userdom_mmap_all_executables(
domain
)
SummaryMmap all executables as executable. Parameters
userdom_priveleged_home_dir_manager(
domain
)
SummaryMake the specified domain a privileged home directory manager. Description
Make the specified domain a privileged home directory manager. This domain will be able to manage the contents of all users general home directory content, and create files with the correct context.
Parameters
userdom_read_all_tmp_untrusted_content(
domain
)
SummaryRead all user temporary untrusted content files. Parameters
userdom_read_all_untrusted_content(
domain
)
SummaryRead all user untrusted content files. Parameters
userdom_read_all_users_home_content_files(
domain
)
SummaryRead all files in all users home directories. Parameters
userdom_read_all_users_home_dirs_symlinks(
domain
)
SummaryRead all users home directories symlinks. Parameters
userdom_read_all_users_state(
domain
)
SummaryRead the process state of all user domains. Parameters
userdom_read_generic_user_home_content_files(
domain
)
SummaryRead files in generic user home directories. Parameters
userdom_read_staff_home_content_files(
domain
)
SummaryRead files in the staff users home directory. Parameters
userdom_read_sysadm_home_content_files(
domain
)
SummaryRead files in the sysadm users home directory. Parameters
userdom_read_sysadm_tmp_files(
domain
)
SummaryAllow to read sysadm tmp files. Parameters
userdom_read_unpriv_users_home_content_files(
domain
)
SummaryRead all unprivileged users home directory files. Parameters
userdom_read_unpriv_users_tmp_files(
domain
)
SummaryRead all unprivileged users temporary files. Parameters
userdom_read_unpriv_users_tmp_symlinks(
domain
)
SummaryRead all unprivileged users temporary symbolic links. Parameters
userdom_relabel_all_executables(
domain
)
SummaryRelabel to and from the bin type. Parameters
userdom_relabel_generic_user_home_dirs(
domain
)
Summaryallow relabel of staff home directories. Parameters
userdom_relabel_staff_home_dirs(
domain
)
Summaryallow relabel of staff home directories. Parameters
userdom_relabel_user_home_content_dirs(
domain
)
Summaryallow relabel of home type directories. Parameters
userdom_relabelto_unpriv_users_ptys(
domain
)
SummaryRelabel files to unprivileged user pty types. Parameters
userdom_rw_sysadm_pipes(
domain
)
SummaryRead and write sysadm user unnamed pipes. Parameters
userdom_sbin_spec_domtrans_sysadm(
domain
)
SummaryExecute a generic sbin program in the sysadm domain. Parameters
userdom_sbin_spec_domtrans_unpriv_users(
domain
)
SummaryExecute generic sbin programs in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_search_all_users_home_content(
domain
)
SummarySearch all users home directories. Parameters
userdom_search_all_users_home_dirs(
domain
)
SummarySearch all users home directories. Parameters
userdom_search_generic_user_home_dirs(
domain
)
SummarySearch generic user home directories. Parameters
userdom_search_staff_home_dirs(
domain
)
SummarySearch the staff users home directory. Parameters
userdom_search_sysadm_home_content_dirs(
domain
)
SummarySearch the sysadm users home sub directories. Parameters
userdom_search_sysadm_home_dirs(
domain
)
SummarySearch the sysadm users home directory. Parameters
userdom_search_unpriv_users_home_dirs(
domain
)
SummarySearch all unprivileged users home directories. Parameters
userdom_search_user_home_content(
domain
)
SummarySearch users home directories. Parameters
userdom_set_rlimitnh(
domain
)
SummaryAllow apps to set rlimits on userdomain Parameters
userdom_setattr_unpriv_users_ptys(
domain
)
SummarySet the attributes of user ptys. Parameters
userdom_shell_domtrans_sysadm(
domain
)
SummaryExecute a shell in the sysadm domain. Parameters
userdom_sigchld_all_users(
domain
)
SummarySend a SIGCHLD signal to all user domains. Parameters
userdom_sigchld_sysadm(
domain
)
SummarySend a SIGCHLD signal to sysadm users. Parameters
userdom_signal_all_users(
domain
)
SummarySend general signals to all user domains. Parameters
userdom_signal_unpriv_users(
domain
)
SummarySend general signals to unprivileged user domains. Parameters
userdom_signull_unpriv_users(
domain
)
SummarySend signull to unprivileged user domains. Parameters
userdom_spec_domtrans_all_users(
domain
)
SummaryExecute a shell in all user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_spec_domtrans_unpriv_users(
domain
)
SummaryExecute a shell in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_staff_home_dir_filetrans_staff_home_content(
domain
,
object_class
)
SummaryCreate objects in staff home directories with automatic file type transition. Parameters
userdom_sysadm_bin_spec_domtrans_to(
domain
)
SummaryAllow sysadm to execute a generic bin program in a specified domain. This is an explicit transition, requiring the caller to use setexeccon(). Description
Allow sysadm to execute a generic bin program in a specified domain.
This is a interface to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_sysadm_entry_spec_domtrans_to(
domain
)
SummaryAllow sysadm to execute all entrypoint files in the specified domain. This is an explicit transition, requiring the caller to use setexeccon(). Description
Allow sysadm to execute all entrypoint files in the specified domain. This is an explicit transition, requiring the caller to use setexeccon().
This is a interface to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_sysadm_home_dir_filetrans(
domain
,
private type
,
object_class
)
SummaryCreate objects in sysadm home directories with automatic file type transition. Parameters
userdom_sysadm_sbin_spec_domtrans_to(
domain
)
SummaryAllow sysadm to execute a generic sbin program in a specified domain. This is an explicit transition, requiring the caller to use setexeccon(). Description
Allow sysadm to execute a generic sbin program in a specified domain.
This is a interface to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_unconfined(
domain
)
SummaryUnconfined access to user domains. Parameters
userdom_use_all_users_fds(
domain
)
SummaryInherit the file descriptors from all user domains Parameters
userdom_use_sysadm_fds(
domain
)
SummaryInherit and use sysadm file descriptors Parameters
userdom_use_sysadm_ptys(
domain
)
SummaryRead and write sysadm ptys. Parameters
userdom_use_sysadm_terms(
domain
)
SummaryRead and write sysadm ttys and ptys. Parameters
userdom_use_sysadm_ttys(
domain
)
SummaryRead and write sysadm ttys. Parameters
userdom_use_unpriv_users_fds(
domain
)
SummaryInherit the file descriptors from unprivileged user domains. Parameters
userdom_use_unpriv_users_ptys(
domain
)
SummaryRead and write unprivileged user ptys. Parameters
userdom_use_unpriv_users_ttys(
domain
)
SummaryRead and write unprivileged user ttys. Parameters
userdom_write_unpriv_users_tmp_files(
domain
)
SummaryWrite all unprivileged users files in /tmp Parameters
userdom_xsession_spec_domtrans_all_users(
domain
)
SummaryExecute an Xserver session in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
userdom_xsession_spec_domtrans_unpriv_users(
domain
)
SummaryExecute an Xserver session in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). Parameters
Templates:
userdom_admin_user_template(
userdomain_prefix
)
SummaryThe template for creating an administrative user. Description
This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.
The privileges given to administrative users are:
Parameters
userdom_base_user_template(
userdomain_prefix
)
SummaryThe template containing the most basic rules common to all users. Description
The template containing the most basic rules common to all users.
This template creates a user domain, types, and rules for the user's tty and pty.
Parameters
userdom_basic_networking_template(
userdomain_prefix
)
SummaryThe template allowing the user basic network permissions Parameters
userdom_change_password_template(
userdomain_prefix
)
SummaryThe template for allowing the user to change passwords. Parameters
userdom_common_user_template(
userdomain_prefix
)
SummaryThe template containing rules common to unprivileged users and administrative users. Description
This template creates a user domain, types, and rules for the user's tty, pty, tmp, and tmpfs files.
Parameters
userdom_create_user_pty(
userdomain_prefix
,
domain
)
SummaryCreate a user pty. Description
Create a user pty.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_append_user_tmp_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to append users temporary files. Description
Do not audit attempts to append users temporary files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_exec_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to execute user home files. Description
Do not audit attempts to execute user home files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_list_user_home_dirs(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to list user home subdirectories. Description
Do not audit attempts to list user home subdirectories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_list_user_tmp(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to list user temporary directories. Description
Do not audit attempts to list user temporary directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_list_user_tmp_untrusted_content(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to list user temporary untrusted directories. Description
Do not audit attempts to list user temporary directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_list_user_untrusted_content(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to list user untrusted directories. Description
Do not audit attempts to read user untrusted directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_manage_user_home_content_dirs(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to create, read, write, and delete directories in a user home subdirectory. Description
Do not audit attempts to create, read, write, and delete directories in a user home subdirectory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_manage_user_tmp_dirs(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to manage users temporary directories. Description
Do not audit attempts to manage users temporary directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_manage_user_tmp_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to manage users temporary files. Description
Do not audit attempts to manage users temporary files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_read_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to read user home files. Description
Do not audit attempts to read user home files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_read_user_tmp_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to read users temporary files. Description
Do not audit attempts to read users temporary files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_read_user_tmp_untrusted_content_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to read users temporary untrusted files. Description
Do not audit attempts to read users temporary untrusted files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_read_user_untrusted_content_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to read users untrusted files. Description
Do not audit attempts to read users untrusted files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_setattr_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to set the attributes of user home files. Description
Do not audit attempts to set the attributes of user home files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_use_user_terminals(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to read and write a user domain tty and pty. Description
Do not audit attempts to read and write a user domain tty and pty.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_dontaudit_write_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryDo not audit attempts to write user home files. Description
Do not audit attempts to write user home files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_exec_generic_pgms_template(
userdomain_prefix
)
SummaryThe template allowing the user to execute generic programs, such as those found in /bin, /sbin, /usr/bin, and /usr/sbin. Parameters
userdom_exec_home_template(
userdomain_prefix
)
SummaryThe template for allowing the user to execute files in their home directory. Parameters
userdom_exec_tmp_template(
userdomain_prefix
)
SummaryThe template for execute access to the user temporary files. Parameters
userdom_exec_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryExecute user home files. Description
Execute user home files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_list_user_home_dirs(
userdomain_prefix
,
domain
)
SummaryList user home directories. Description
List user home directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_list_user_tmp(
userdomain_prefix
,
domain
)
SummaryList user temporary directories. Description
List user temporary directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_list_user_tmp_untrusted_content(
userdomain_prefix
,
domain
)
SummaryList users temporary untrusted directories. Description
List users temporary untrusted directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_list_user_untrusted_content(
userdomain_prefix
,
domain
)
SummaryList users untrusted directories. Description
List users untrusted directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_login_user_template(
userdomain_prefix
)
SummaryThe template for creating a login user. Description
This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.
Parameters
userdom_manage_home_template(
userdomain_prefix
)
SummaryThe template for creating a home directory that the user has full access. Description
The template for creating a home directory that the user has full access.
This does not allow execute access.
Parameters
userdom_manage_tmp_template(
userdomain_prefix
)
SummaryThe template for full access to the temporary directories. Description
The template for full access to the temporary directories. This creates a derived type for the user temporary type. Execute access is not given.
Parameters
userdom_manage_tmpfs_template(
userdomain_prefix
)
SummaryThe template for creating a tmpfs type that the user has full access. Description
The template for creating a tmpfs type that the user has full access.
This does not allow execute access.
Parameters
userdom_manage_user_home_content_dirs(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete directories in a user home subdirectory. Description
Create, read, write, and delete directories in a user home subdirectory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete files in a user home subdirectory. Description
Create, read, write, and delete files in a user home subdirectory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_home_content_pipes(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete named pipes in a user home subdirectory. Description
Create, read, write, and delete named pipes in a user home subdirectory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_home_content_sockets(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete named sockets in a user home subdirectory. Description
Create, read, write, and delete named sockets in a user home subdirectory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_home_content_symlinks(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete symbolic links in a user home subdirectory. Description
Create, read, write, and delete symbolic links in a user home subdirectory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_tmp_dirs(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete user temporary directories. Description
Create, read, write, and delete user temporary directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_tmp_files(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete user temporary files. Description
Create, read, write, and delete user temporary files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_tmp_pipes(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete user temporary named pipes. Description
Create, read, write, and delete user temporary named pipes.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_tmp_sockets(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete user temporary named sockets. Description
Create, read, write, and delete user temporary named sockets.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_tmp_symlinks(
userdomain_prefix
,
domain
)
SummaryCreate, read, write, and delete user temporary symbolic links. Description
Create, read, write, and delete user temporary symbolic links.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_manage_user_untrusted_content_files(
userdomain_prefix
,
domain
)
SummaryManage user untrusted files. Description
Create, read, write, and delete untrusted files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_poly_home_template(
userdomain_prefix
)
SummaryThe template for polyinstantiating a user home directory. Parameters
userdom_poly_tmp_template(
userdomain_prefix
)
SummaryThe template for a polyinstantiated temporary directory. Parameters
userdom_privhome_user_template(
userdomain_prefix
)
SummaryThe template for creating a unprivileged user. Description
This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.
Parameters
userdom_read_user_home_content_files(
userdomain_prefix
,
domain
)
SummaryRead user home files. Description
Read user home files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_home_content_symlinks(
userdomain_prefix
,
domain
)
SummaryRead user home subdirectory symbolic links. Description
Read user home subdirectory symbolic links.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_tmp_files(
userdomain_prefix
,
domain
)
SummaryRead user temporary files. Description
Read user temporary files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_tmp_symlinks(
userdomain_prefix
,
domain
)
SummaryRead user temporary symbolic links. Description
Read user temporary symbolic links.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_tmp_untrusted_content_files(
userdomain_prefix
,
domain
)
SummaryRead user temporary untrusted files. Description
Read user temporary untrusted files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_tmp_untrusted_content_symlinks(
userdomain_prefix
,
domain
)
SummaryRead user temporary untrusted symbolic links. Description
Read user temporary untrusted symbolic links.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_tmpfs_files(
userdomain_prefix
)
SummaryThe template for creating a tmpfs type that the user has full access. Description
The template for creating a tmpfs type that the user has full access.
This does not allow execute access.
Parameters
userdom_read_user_untrusted_content_files(
userdomain_prefix
,
domain
)
SummaryRead user untrusted files. Description
Read user untrusted files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_read_user_untrusted_content_symlinks(
userdomain_prefix
,
domain
)
SummaryRead user untrusted symbolic links. Description
Read user untrusted symbolic links.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_restricted_user_template(
userdomain_prefix
)
SummaryThe template for creating a unprivileged login user. Description
This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.
Parameters
userdom_ro_home_template(
userdomain_prefix
)
SummaryThe template for creating a home directory that the user has read-only access. Description
The template for creating a home directory that the user has read-only access.
This does not allow execute access.
Parameters
userdom_role_change_auditadm(
prefix
)
SummaryChange to the auditadm user role. Description
Change to the auditadm user role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_from_auditadm(
prefix
)
SummaryChange from the auditadm user role. Description
Change from the auditadm user role to the specified role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_from_generic_user(
prefix
)
SummaryChange from the generic user role. Description
Change from the generic user role to the specified role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_from_secadm(
prefix
)
SummaryChange from the secadm user role. Description
Change from the secadm user role to the specified role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_from_staff(
prefix
)
SummaryChange from the staff user role. Description
Change from the staff user role to the specified role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_from_sysadm(
prefix
)
SummaryChange from the sysadm user role. Description
Change from the sysadm user role to the specified role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_generic_user(
prefix
)
SummaryChange to the generic user role. Description
Change to the generic user role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_secadm(
prefix
)
SummaryChange to the secadm user role. Description
Change to the secadm user role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_staff(
prefix
)
SummaryChange to the staff user role. Description
Change to the staff user role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_sysadm(
prefix
)
SummaryChange to the sysadm user role. Description
Change to the sysadm user role.
This is a template to support third party modules and its use is not allowed in upstream reference policy.
Parameters
userdom_role_change_template(
userdomain_prefix
)
SummaryThe template for allowing the user to change roles. Parameters
userdom_rw_user_tmp_files(
userdomain_prefix
,
domain
)
SummaryRead and write user temporary files. Description
Read and write user temporary files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_rw_user_tmpfs_files(
userdomain_prefix
,
domain
)
SummaryRead user tmpfs files. Description
Read user tmpfs files.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_search_user_home_dirs(
userdomain_prefix
,
domain
)
SummarySearch user home directories. Description
Search user home directories.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_security_administrator(
userdomain_prefix
,
domain
,
role
,
object_class
)
SummaryAllow user to run as a secadm Description
Create objects in a user home directory with an automatic type transition to a specified private type.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_setattr_user_ptys(
userdomain_prefix
,
domain
)
SummarySet the attributes of a user pty. Description
Set the attributes of a user pty.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_setattr_user_ttys(
userdomain_prefix
,
domain
)
SummarySet the attributes of a user domain tty. Description
Set the attributes of a user domain tty.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_tmp_filetrans_user_tmp(
userdomain_prefix
,
domain
,
object_class
)
SummaryCreate objects in the temporary directory with an automatic type transition to the user temporary type. Description
Create objects in the temporary directory with an automatic type transition to the user temporary type.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_transition_user_tmp(
userdomain_prefix
,
domain
,
class
)
SummaryManage and create all files in /tmp on behalf of the user Description
The interface for full access to the temporary directories. This creates a derived type for the user temporary type. Execute access is not given.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_unpriv_user_template(
userdomain_prefix
)
SummaryThe template for creating a unprivileged user. Description
This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files.
Parameters
userdom_untrusted_content_template(
userdomain_prefix
)
SummaryThe template for creating a set of types for untrusted content. Parameters
userdom_use_user_terminals(
userdomain_prefix
,
domain
)
SummaryRead and write a user domain tty and pty. Description
Read and write a user domain tty and pty.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_use_user_ttys(
userdomain_prefix
,
domain
)
SummaryRead and write a user domain tty. Description
Read and write a user domain tty.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_user_home_content(
userdomain_prefix
,
type
)
SummaryMake the specified type usable in a user home directory. Description
Make the specified type usable in a user home directory.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_user_home_dir_filetrans(
userdomain_prefix
,
domain
,
private_type
,
object_class
)
SummaryCreate objects in a user home directory with an automatic type transition to a specified private type. Description
Create objects in a user home directory with an automatic type transition to a specified private type.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_user_home_dir_filetrans_user_home_content(
userdomain_prefix
,
domain
,
object_class
)
SummaryCreate objects in a user home directory with an automatic type transition to the user home file type. Description
Create objects in a user home directory with an automatic type transition to the user home file type.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_user_home_domtrans(
userdomain_prefix
,
source_domain
,
target_domain
)
SummaryDo a domain transition to the specified domain when executing a program in the user home directory. Description
Do a domain transition to the specified domain when executing a program in the user home directory.
No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_user_tmp_filetrans(
userdomain_prefix
,
domain
,
private_type
,
object_class
)
SummaryCreate objects in a user temporary directory with an automatic type transition to a specified private type. Description
Create objects in a user temporary directory with an automatic type transition to a specified private type.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_write_user_tmp_sockets(
userdomain_prefix
,
domain
)
SummaryWrite to user temporary named sockets. Description
Write to user temporary named sockets.
This is a templated interface, and should only be called from a per-userdomain template.
Parameters
userdom_xwindows_client_template(
userdomain_prefix
)
SummaryThe template for creating a user xwindows client. Parameters
|
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.015 ]-- |