<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="contrib.html">+ contrib</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_corecommands.html'> corecommands</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_domain.html'> domain</a><br/> - <a href='kernel_files.html'> files</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_mcs.html'> mcs</a><br/> - <a href='kernel_mls.html'> mls</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> - <a href='kernel_ubac.html'> ubac</a><br/> - <a href='kernel_unlabelednet.html'> unlabelednet</a><br/> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: kernel</h1><p/> <h2>Module: storage</h2><p/> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p>Policy controlling access to storage devices</p></p> <hr> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_storage_create_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_create_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to create fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_delete_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_delete_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to create fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_dev_filetrans_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_dev_filetrans_fixed_disk</b>( domain , filename )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create block devices in /dev with the fixed disk type via an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> filename </td><td> <p> Optional filename of the block device to be created </p> </td></tr> </table> </div> </div> <a name="link_storage_dev_filetrans_named_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_dev_filetrans_named_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create block devices in /dev with the fixed disk type via an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_getattr_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_getattr_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to get the attributes of fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_getattr_removable_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_getattr_removable_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to get the attributes of removable devices device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_raw_read_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_raw_read_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to directly read removable devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_raw_write_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_raw_write_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to directly write removable devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_read_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_read_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to read fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_read_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_read_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to read removable devices device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_rw_fuse"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_rw_fuse</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read or write fuse device interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_rw_scsi_generic"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_rw_scsi_generic</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read or write SCSI generic device interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_setattr_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_setattr_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to set the attributes of fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_setattr_removable_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_setattr_removable_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to set the attributes of removable devices device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_write_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_write_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to write fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_dontaudit_write_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_dontaudit_write_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts made by the caller to write removable devices device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_filetrans_all_named_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_filetrans_all_named_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create all named devices with the correct label </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_getattr_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_getattr_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to get the attributes of fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_getattr_fuse_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_getattr_fuse_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to get the attributes of device nodes of fuse devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_getattr_removable_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_getattr_removable_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to get the attributes of removable devices device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_getattr_scsi_generic_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_getattr_scsi_generic_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to get the attributes of the generic SCSI interface device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_getattr_tape_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_getattr_tape_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to get the attributes of device nodes of tape devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_manage_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_manage_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_raw_read_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_raw_read_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read from a fixed disk. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_raw_read_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_raw_read_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read from a removable device. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_raw_rw_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_raw_rw_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read and write to a fixed disk. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_raw_write_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_raw_write_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly write to a fixed disk. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_raw_write_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_raw_write_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly write to a removable device. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_read_scsi_generic"></a> <div id="interface"> <div id="codeblock"> <b>storage_read_scsi_generic</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read, in a generic fashion, from any SCSI device. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_read_tape"></a> <div id="interface"> <div id="codeblock"> <b>storage_read_tape</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read a tape device. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_relabel_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_relabel_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_rw_fuse"></a> <div id="interface"> <div id="codeblock"> <b>storage_rw_fuse</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> read or write fuse device interfaces. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_rw_inherited_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_rw_inherited_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to read/write inherited fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_rw_inherited_removable_device"></a> <div id="interface"> <div id="codeblock"> <b>storage_rw_inherited_removable_device</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Alow read and write inherited removable devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_storage_rw_inherited_scsi_generic"></a> <div id="interface"> <div id="codeblock"> <b>storage_rw_inherited_scsi_generic</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read and write, in a generic fashion, from any SCSI device. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_setattr_fixed_disk_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_setattr_fixed_disk_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to set the attributes of fixed disk device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_setattr_removable_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_setattr_removable_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to set the attributes of removable devices device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_setattr_scsi_generic_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_setattr_scsi_generic_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to set the attributes of the generic SCSI interface device nodes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_setattr_scsi_generic_dev_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_setattr_scsi_generic_dev_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set attributes of the device nodes for the SCSI generic inerface. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_setattr_tape_dev"></a> <div id="interface"> <div id="codeblock"> <b>storage_setattr_tape_dev</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to set the attributes of device nodes of tape devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_swapon_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_swapon_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Enable a fixed disk device as swap space </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_tmp_filetrans_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_tmp_filetrans_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create block devices in on a tmp filesystem with the fixed disk type via an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_tmpfs_filetrans_fixed_disk"></a> <div id="interface"> <div id="codeblock"> <b>storage_tmpfs_filetrans_fixed_disk</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create block devices in on a tmpfs filesystem with the fixed disk type via an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>storage_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to storage devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_write_scsi_generic"></a> <div id="interface"> <div id="codeblock"> <b>storage_write_scsi_generic</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly write, in a generic fashion, from any SCSI device. This is extremly dangerous as it can bypass the SELinux protections for filesystem objects, and should only be used by trusted domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_storage_write_tape"></a> <div id="interface"> <div id="codeblock"> <b>storage_write_tape</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the caller to directly read a tape device. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>