<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="contrib.html">+ contrib</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_application.html'> application</a><br/> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_kdbus.html'> kdbus</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_netlabel.html'> netlabel</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_setrans.html'> setrans</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_systemd.html'> systemd</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: system</h1><p/> <h2>Module: libraries</h2><p/> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p>Policy for system libraries.</p></p> <hr> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_files_lib_filetrans_shared_lib"></a> <div id="interface"> <div id="codeblock"> <b>files_lib_filetrans_shared_lib</b>( domain , object )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create an object in lib directories, with the shared libraries type using a type transition. (Deprecated) </p> <h5>Description</h5> <p> </p><p> Create an object in lib directories, with the shared libraries type using a type transition. (Deprecated) </p><p> </p><p> lib_filetrans_shared_lib() should be used instead. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> object </td><td> <p> The object class of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_lib_filetrans_shared_lib"></a> <div id="interface"> <div id="codeblock"> <b>lib_filetrans_shared_lib</b>( domain , object )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create an object in lib directories, with the shared libraries type using a type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> object </td><td> <p> The object class of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_libs_delete_lib_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>libs_delete_lib_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete generic symlinks in library directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_domtrans_ldconfig"></a> <div id="interface"> <div id="codeblock"> <b>libs_domtrans_ldconfig</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute ldconfig in the ldconfig domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_libs_dontaudit_setattr_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_dontaudit_setattr_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit attempts to setattr on library files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_libs_dontaudit_write_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>libs_dontaudit_write_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to library directories. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to write to library directories. Typically this is used to quiet attempts to recompile python byte code. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_libs_exec_ld_so"></a> <div id="interface"> <div id="codeblock"> <b>libs_exec_ld_so</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute the dynamic link/loader in the caller's domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_exec_ldconfig"></a> <div id="interface"> <div id="codeblock"> <b>libs_exec_ldconfig</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute ldconfig in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_exec_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_exec_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute library scripts in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_filetrans_named_content"></a> <div id="interface"> <div id="codeblock"> <b>libs_filetrans_named_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition to lib named content </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_ldconfig_exec_entry_type"></a> <div id="interface"> <div id="codeblock"> <b>libs_ldconfig_exec_entry_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make ldconfig_exec_t entrypoint for the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The domain for which bin_t is an entrypoint. </p> </td></tr> </table> </div> </div> <a name="link_libs_legacy_use_ld_so"></a> <div id="interface"> <div id="codeblock"> <b>libs_legacy_use_ld_so</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use the dynamic link/loader for automatic loading of shared libraries with legacy support. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_legacy_use_shared_libs"></a> <div id="interface"> <div id="codeblock"> <b>libs_legacy_use_shared_libs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Load and execute functions from shared libraries, with legacy support. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_manage_ld_so"></a> <div id="interface"> <div id="codeblock"> <b>libs_manage_ld_so</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete the dynamic link/loader. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_manage_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>libs_manage_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete library directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_manage_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_manage_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic files in library directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_manage_shared_libs"></a> <div id="interface"> <div id="codeblock"> <b>libs_manage_shared_libs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_read_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_read_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the library directories, such as static libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_relabel_ld_so"></a> <div id="interface"> <div id="codeblock"> <b>libs_relabel_ld_so</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from the type used for the dynamic link/loader. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_relabel_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_relabel_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from the type used for generic lib files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_relabel_shared_libs"></a> <div id="interface"> <div id="codeblock"> <b>libs_relabel_shared_libs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from the type used for shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_relabelto_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_relabelto_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel files to the type used in library directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_run_ldconfig"></a> <div id="interface"> <div id="codeblock"> <b>libs_run_ldconfig</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute ldconfig in the ldconfig domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> role </td><td> <p> The role to allow the ldconfig domain. </p> </td></tr> </table> </div> </div> <a name="link_libs_rw_ld_so_cache"></a> <div id="interface"> <div id="codeblock"> <b>libs_rw_ld_so_cache</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Modify the dynamic link/loader's cached listing of shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_search_lib"></a> <div id="interface"> <div id="codeblock"> <b>libs_search_lib</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search library directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_use_ld_so"></a> <div id="interface"> <div id="codeblock"> <b>libs_use_ld_so</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use the dynamic link/loader for automatic loading of shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_use_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>libs_use_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Load and execute functions from generic lib files as shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_libs_use_shared_libs"></a> <div id="interface"> <div id="codeblock"> <b>libs_use_shared_libs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Load and execute functions from shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>