<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="contrib.html">+ contrib</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_application.html'> application</a><br/> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_kdbus.html'> kdbus</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_netlabel.html'> netlabel</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_setrans.html'> setrans</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_systemd.html'> systemd</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: system</h1><p/> <h2>Module: init</h2><p/> <a href=#tunables>Tunables</a> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p>System initialization programs (init and init scripts).</p></p> <hr> <a name="tunables"></a> <h3>Tunables: </h3> <a name="link_daemons_dump_core"></a> <div id="interface"> <div id="codeblock">daemons_dump_core</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allow all daemons to write corefiles to / </p><p> </p> </div></div> <a name="link_daemons_enable_cluster_mode"></a> <div id="interface"> <div id="codeblock">daemons_enable_cluster_mode</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Enable cluster mode for daemons. </p><p> </p> </div></div> <a name="link_daemons_use_tcp_wrapper"></a> <div id="interface"> <div id="codeblock">daemons_use_tcp_wrapper</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allow all daemons to use tcp wrappers. </p><p> </p> </div></div> <a name="link_daemons_use_tty"></a> <div id="interface"> <div id="codeblock">daemons_use_tty</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allow all daemons the ability to read/write terminals </p><p> </p> </div></div> <a href=#top>Return</a> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_init_access_check"></a> <div id="interface"> <div id="codeblock"> <b>init_access_check</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Check access to the init/systemd executable. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_all_labeled_script_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>init_all_labeled_script_domtrans</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition to the init script domain for all labeled init script types </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_init_bin_domtrans_spec"></a> <div id="interface"> <div id="codeblock"> <b>init_bin_domtrans_spec</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a file in a bin directory in the initrc_t domain </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_config_all_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_config_all_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to modify the systemd configuration of all init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_config_transient_files"></a> <div id="interface"> <div id="codeblock"> <b>init_config_transient_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to modify the systemd configuration of transient scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_create_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>init_create_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a directory in the /run/systemd directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_daemon_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_daemon_domain</b>( domain , entry_point )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain for long running processes (daemons/services) which are started by init scripts. </p> <h5>Description</h5> <p> </p><p> Create a domain for long running processes (daemons/services) which are started by init scripts. Short running processes should use the init_system_domain() interface instead. Typically all long running processes started by an init script (usually in /etc/init.d) will need to use this interface. </p><p> </p><p> The types will be made usable as a domain and file, making calls to domain_type() and files_type() redundant. </p><p> </p><p> If the process must also run in a specific MLS/MCS level, the init_ranged_daemon_domain() should be used instead. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a daemon domain. </p> </td></tr> <tr><td> entry_point </td><td> <p> Type of the program to be used as an entry point to this domain. </p> </td></tr> </table> </div> </div> <a name="link_init_daemon_run_dir"></a> <div id="interface"> <div id="codeblock"> <b>init_daemon_run_dir</b>( filetype , filename )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mark the file type as a daemon run dir, allowing initrc_t to create it </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> filetype </td><td> <p> Type to mark as a daemon run dir </p> </td></tr> <tr><td> filename </td><td> <p> Filename of the directory that the init script creates </p> </td></tr> </table> </div> </div> <a name="link_init_dbus_chat"></a> <div id="interface"> <div id="codeblock"> <b>init_dbus_chat</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send and receive messages from init over dbus. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_dbus_chat_script"></a> <div id="interface"> <div id="codeblock"> <b>init_dbus_chat_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send and receive messages from init scripts over dbus. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_dbus_send_script"></a> <div id="interface"> <div id="codeblock"> <b>init_dbus_send_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send messages to init scripts over dbus. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_dgram_send"></a> <div id="interface"> <div id="codeblock"> <b>init_dgram_send</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a message to init over a unix domain datagram socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_disable_services"></a> <div id="interface"> <div id="codeblock"> <b>init_disable_services</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to disable the services. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_domain</b>( domain , entry_point )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain which can be started by init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a domain. </p> </td></tr> <tr><td> entry_point </td><td> <p> Type of the program to be used as an entry point to this domain. </p> </td></tr> </table> </div> </div> <a name="link_init_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>init_domtrans</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute init (/sbin/init) with a domain transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_init_domtrans_script"></a> <div id="interface"> <div id="codeblock"> <b>init_domtrans_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute init scripts with an automatic domain transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_getattr_all_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_getattr_all_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit getattr all init script files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_getattr_exec"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_getattr_exec</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit getattr on the init program. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_getattr_initctl"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_getattr_initctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of initctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_getattr_stream_socket"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_getattr_stream_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit getattr to init with a unix socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_lock_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_lock_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to lock init script pid files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_read_all_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_read_all_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit read all init script files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_read_script_status_files"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_read_script_status_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read init script status files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_read_state"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_read_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit read the process state (/proc/pid) of init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_read_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_read_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_rw_initctl"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_rw_initctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write initctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_rw_stream_socket"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_rw_stream_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit read and write to init with a unix socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_rw_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_rw_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_script_leaks"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_script_leaks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit read and write an leaked init scrip file descriptors </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_stream_connect"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_stream_connect</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit Connect to init with a unix socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_stream_connect_script"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_stream_connect_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dont audit the specified domain connecting to init scripts with a unix domain stream socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_use_fds"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_use_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit file descriptors from init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_use_script_fds"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_use_script_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit init script file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_use_script_ptys"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_use_script_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write the init script pty. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dontaudit_write_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_dontaudit_write_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_init_dyntrans"></a> <div id="interface"> <div id="codeblock"> <b>init_dyntrans</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow domain dyntransition to init_t domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_init_enable_services"></a> <div id="interface"> <div id="codeblock"> <b>init_enable_services</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to enable the services. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_entrypoint_exec"></a> <div id="interface"> <div id="codeblock"> <b>init_entrypoint_exec</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow any file point to be the entrypoint of this domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_exec"></a> <div id="interface"> <div id="codeblock"> <b>init_exec</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute the init program in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_exec_all_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_exec_all_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute all init scripts in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_exec_notrans_direct_init_entry"></a> <div id="interface"> <div id="codeblock"> <b>init_exec_notrans_direct_init_entry</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow execute all init daemon executables type without transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_exec_rc"></a> <div id="interface"> <div id="codeblock"> <b>init_exec_rc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute the rc application in the caller domain. </p> <h5>Description</h5> <p> </p><p> This is only applicable to Gentoo or distributions that use the OpenRC init system. </p><p> </p><p> The OpenRC /sbin/rc binary is used for both init scripts as well as management applications and tools. When used for management purposes, calling /sbin/rc should never cause a transition to initrc_t. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_exec_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_exec_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute init scripts in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_filetrans_named_content"></a> <div id="interface"> <div id="codeblock"> <b>init_filetrans_named_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition to init named content </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getattr_all_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_getattr_all_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attribute of all init script entrypoint files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getattr_initctl"></a> <div id="interface"> <div id="codeblock"> <b>init_getattr_initctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of initctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getattr_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_getattr_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attribute of init script entrypoint files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getattr_script_status_files"></a> <div id="interface"> <div id="codeblock"> <b>init_getattr_script_status_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of init script status files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getattr_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_getattr_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of init script process id files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getpgid"></a> <div id="interface"> <div id="codeblock"> <b>init_getpgid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the process group of init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_getpgid_script"></a> <div id="interface"> <div id="codeblock"> <b>init_getpgid_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the process group ID of init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_halt"></a> <div id="interface"> <div id="codeblock"> <b>init_halt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to halt the system. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_initrc_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_initrc_domain</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create initrc domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a initrc daemon domain. </p> </td></tr> </table> </div> </div> <a name="link_init_ioctl_stream_sockets"></a> <div id="interface"> <div id="codeblock"> <b>init_ioctl_stream_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to ioctl an init with a unix domain stream sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_labeled_script_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>init_labeled_script_domtrans</b>( domain , init_script_file )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition to the init script domain on a specified labeled init script. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> init_script_file </td><td> <p> Labeled init script file. </p> </td></tr> </table> </div> </div> <a name="link_init_list_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>init_list_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow listing of the /run/systemd directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_manage_config_transient_files"></a> <div id="interface"> <div id="codeblock"> <b>init_manage_config_transient_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to modify the systemd configuration of transient scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_manage_script_status_files"></a> <div id="interface"> <div id="codeblock"> <b>init_manage_script_status_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage init script status files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_manage_transient_unit"></a> <div id="interface"> <div id="codeblock"> <b>init_manage_transient_unit</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to do an unknown access. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_manage_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_manage_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_named_pid_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>init_named_pid_filetrans</b>( domain , private_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in /run/systemd directory with an automatic type transition to a specified private type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private_type </td><td> <p> The type of the object to create. </p> </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_init_pid_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>init_pid_filetrans</b>( domain , private_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in /run/systemd directory with an automatic type transition to a specified private type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private_type </td><td> <p> The type of the object to create. </p> </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_init_pid_filetrans_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_pid_filetrans_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create files in /var/run with the utmp file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_ptrace"></a> <div id="interface"> <div id="codeblock"> <b>init_ptrace</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Ptrace init </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_ranged_daemon_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_ranged_daemon_domain</b>( domain , entry_point , range )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain for long running processes (daemons/services) which are started by init scripts, running at a specified MLS/MCS range. </p> <h5>Description</h5> <p> </p><p> Create a domain for long running processes (daemons/services) which are started by init scripts, running at a specified MLS/MCS range. Short running processes should use the init_ranged_system_domain() interface instead. Typically all long running processes started by an init script (usually in /etc/init.d) will need to use this interface if they need to run in a specific MLS/MCS range. </p><p> </p><p> The types will be made usable as a domain and file, making calls to domain_type() and files_type() redundant. </p><p> </p><p> If the policy build option TYPE is standard (MLS and MCS disabled), this interface has the same behavior as init_daemon_domain(). </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a daemon domain. </p> </td></tr> <tr><td> entry_point </td><td> <p> Type of the program to be used as an entry point to this domain. </p> </td></tr> <tr><td> range </td><td> <p> MLS/MCS range for the domain. </p> </td></tr> </table> </div> </div> <a name="link_init_ranged_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_ranged_domain</b>( domain , entry_point , range )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain which can be started by init, with a range transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a domain. </p> </td></tr> <tr><td> entry_point </td><td> <p> Type of the program to be used as an entry point to this domain. </p> </td></tr> <tr><td> range </td><td> <p> Range for the domain. </p> </td></tr> </table> </div> </div> <a name="link_init_ranged_system_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_ranged_system_domain</b>( domain , entry_point , range )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain for short running processes which are started by init scripts. </p> <h5>Description</h5> <p> </p><p> Create a domain for long running processes (daemons/services) which are started by init scripts. These are generally applications that are used to initialize the system during boot. Long running processes should use the init_ranged_system_domain() interface instead. Typically all short running processes started by an init script (usually in /etc/init.d) will need to use this interface if they need to run in a specific MLS/MCS range. </p><p> </p><p> The types will be made usable as a domain and file, making calls to domain_type() and files_type() redundant. </p><p> </p><p> If the policy build option TYPE is standard (MLS and MCS disabled), this interface has the same behavior as init_system_domain(). </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a system domain. </p> </td></tr> <tr><td> entry_point </td><td> <p> Type of the program to be used as an entry point to this domain. </p> </td></tr> <tr><td> range </td><td> <p> Range for the domain. </p> </td></tr> </table> </div> </div> <a name="link_init_read_all_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_read_all_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all init script files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_key"></a> <div id="interface"> <div id="codeblock"> <b>init_read_key</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the process keyring of init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_machineid"></a> <div id="interface"> <div id="codeblock"> <b>init_read_machineid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_pipes"></a> <div id="interface"> <div id="codeblock"> <b>init_read_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read init unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_script_files"></a> <div id="interface"> <div id="codeblock"> <b>init_read_script_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_script_state"></a> <div id="interface"> <div id="codeblock"> <b>init_read_script_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the process state (/proc/pid) of the init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_script_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>init_read_script_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read init script temporary data. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_state"></a> <div id="interface"> <div id="codeblock"> <b>init_read_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the process state (/proc/pid) of init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_read_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_read_var_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>init_read_var_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read systemd lib files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_reboot"></a> <div id="interface"> <div id="codeblock"> <b>init_reboot</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to reboot the system. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_reload_services"></a> <div id="interface"> <div id="codeblock"> <b>init_reload_services</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to reload the services. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_reload_transient_unit"></a> <div id="interface"> <div id="codeblock"> <b>init_reload_transient_unit</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to do an unknown access. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_run_daemon"></a> <div id="interface"> <div id="codeblock"> <b>init_run_daemon</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Start and stop daemon programs directly. </p> <h5>Description</h5> <p> </p><p> Start and stop daemon programs directly in the traditional "/etc/init.d/daemon start" style, and do not require run_init. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> role </td><td> <p> The role to be performing this action. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_inherited_script_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_inherited_script_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write init script inherited temporary data. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_initctl"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_initctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write initctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_pipes"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read/Write init unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_script_pipes"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_script_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write init script unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_script_stream_sockets"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_script_stream_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to read/write to init scripts with a unix domain stream sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_script_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_script_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write init script temporary data. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_stream_sockets"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_stream_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to read/write to init with a unix domain stream sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_tcp_sockets"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_tcp_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write init TCP sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_rw_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_rw_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_script_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_script_domain</b>( domain , script_file )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain used for init scripts. </p> <h5>Description</h5> <p> </p><p> Create a domain used for init scripts. Can not be used in conjunction with init_script_file(). </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as an init script domain. </p> </td></tr> <tr><td> script_file </td><td> <p> Type of the script file used as an entry point to this domain. </p> </td></tr> </table> </div> </div> <a name="link_init_script_file"></a> <div id="interface"> <div id="codeblock"> <b>init_script_file</b>( script_file )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a file type used for init scripts. </p> <h5>Description</h5> <p> </p><p> Create a file type used for init scripts. It can not be used in conjunction with init_script_domain(). These script files are typically stored in the /etc/init.d directory. </p><p> </p><p> Typically this is used to constrain what services an admin can start/stop. For example, a policy writer may want to constrain a web administrator to only being able to restart the web server, not other services. This special type will help address that goal. </p><p> </p><p> This also makes the type usable for files; thus an explicit call to files_type() is redundant. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> script_file </td><td> <p> Type to be used for a script file. </p> </td></tr> </table> </div> </div> <a name="link_init_script_file_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>init_script_file_domtrans</b>( source_domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a init script in a specified domain. </p> <h5>Description</h5> <p> </p><p> Execute a init script in a specified domain. </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> source_domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> target_domain </td><td> <p> Domain to transition to. </p> </td></tr> </table> </div> </div> <a name="link_init_script_file_entry_type"></a> <div id="interface"> <div id="codeblock"> <b>init_script_file_entry_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make init scripts an entry point for the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_script_role_transition"></a> <div id="interface"> <div id="codeblock"> <b>init_script_role_transition</b>( source_role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition to system_r when execute an init script </p> <h5>Description</h5> <p> </p><p> Execute a init script in a specified role </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> source_role </td><td> <p> Role to transition from. </p> </td></tr> </table> </div> </div> <a name="link_init_script_tmp_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>init_script_tmp_filetrans</b>( domain , file_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create files in a init script temporary data directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file_type </td><td> <p> The type of the object to be created </p> </td></tr> <tr><td> object_class </td><td> <p> The object class. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_init_search_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>init_search_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow search directory in the /run/systemd directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_search_script_keys"></a> <div id="interface"> <div id="codeblock"> <b>init_search_script_keys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search init script keys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_search_var_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>init_search_var_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search systemd lib files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_sigchld"></a> <div id="interface"> <div id="codeblock"> <b>init_sigchld</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send init a SIGCHLD signal. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_sigchld_script"></a> <div id="interface"> <div id="codeblock"> <b>init_sigchld_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send SIGCHLD signals to init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_sigkill_script"></a> <div id="interface"> <div id="codeblock"> <b>init_sigkill_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send kill signals to init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_signal"></a> <div id="interface"> <div id="codeblock"> <b>init_signal</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send generic signals to init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_signal_script"></a> <div id="interface"> <div id="codeblock"> <b>init_signal_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send generic signals to init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_signull"></a> <div id="interface"> <div id="codeblock"> <b>init_signull</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send init a null signal. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_signull_script"></a> <div id="interface"> <div id="codeblock"> <b>init_signull_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send null signals to init scripts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_sock_file"></a> <div id="interface"> <div id="codeblock"> <b>init_sock_file</b>( script_file )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a file type used for init socket files. </p> <h5>Description</h5> <p> </p><p> This defines a type that init can create sock_file within for impersonation purposes </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> script_file </td><td> <p> Type to be used for a sock file. </p> </td></tr> </table> </div> </div> <a name="link_init_spec_domtrans_script"></a> <div id="interface"> <div id="codeblock"> <b>init_spec_domtrans_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute init scripts with a specified domain transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_init_start"></a> <div id="interface"> <div id="codeblock"> <b>init_start</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Start system from init </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_start_transient_unit"></a> <div id="interface"> <div id="codeblock"> <b>init_start_transient_unit</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to do an unknown access. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_status"></a> <div id="interface"> <div id="codeblock"> <b>init_status</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the system status information from init </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_status_transient_unit"></a> <div id="interface"> <div id="codeblock"> <b>init_status_transient_unit</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to do an unknown access. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stop"></a> <div id="interface"> <div id="codeblock"> <b>init_stop</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Stop system from init </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stop_transient_unit"></a> <div id="interface"> <div id="codeblock"> <b>init_stop_transient_unit</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to do an unknown access. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stream_connect"></a> <div id="interface"> <div id="codeblock"> <b>init_stream_connect</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Connect to init with a unix socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stream_connect_script"></a> <div id="interface"> <div id="codeblock"> <b>init_stream_connect_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to connect to init scripts with a unix socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stream_connectto"></a> <div id="interface"> <div id="codeblock"> <b>init_stream_connectto</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Connect to init with a unix socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stream_send"></a> <div id="interface"> <div id="codeblock"> <b>init_stream_send</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a message to init over a unix domain stream socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_stub_initrc"></a> <div id="interface"> <div id="codeblock"> <b>init_stub_initrc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> initrc stub interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_init_system_domain"></a> <div id="interface"> <div id="codeblock"> <b>init_system_domain</b>( domain , entry_point )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a domain for short running processes which are started by init scripts. </p> <h5>Description</h5> <p> </p><p> Create a domain for short running processes which are started by init scripts. These are generally applications that are used to initialize the system during boot. Long running processes, such as daemons/services should use the init_daemon_domain() interface instead. Typically all short running processes started by an init script (usually in /etc/init.d) will need to use this interface. </p><p> </p><p> The types will be made usable as a domain and file, making calls to domain_type() and files_type() redundant. </p><p> </p><p> If the process must also run in a specific MLS/MCS level, the init_ranged_system_domain() should be used instead. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Type to be used as a system domain. </p> </td></tr> <tr><td> entry_point </td><td> <p> Type of the program to be used as an entry point to this domain. </p> </td></tr> </table> </div> </div> <a name="link_init_tcp_recvfrom_all_daemons"></a> <div id="interface"> <div id="codeblock"> <b>init_tcp_recvfrom_all_daemons</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to connect to daemon with a tcp socket </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_telinit"></a> <div id="interface"> <div id="codeblock"> <b>init_telinit</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use telinit (Read and write initctl). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_udp_recvfrom_all_daemons"></a> <div id="interface"> <div id="codeblock"> <b>init_udp_recvfrom_all_daemons</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to connect to daemon with a udp socket </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_udp_send"></a> <div id="interface"> <div id="codeblock"> <b>init_udp_send</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send UDP network traffic to init. (Deprecated) </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_udp_send_script"></a> <div id="interface"> <div id="codeblock"> <b>init_udp_send_script</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send UDP network traffic to init scripts. (Deprecated) </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_undefined"></a> <div id="interface"> <div id="codeblock"> <b>init_undefined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Tell init to do an unknown access. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_use_fds"></a> <div id="interface"> <div id="codeblock"> <b>init_use_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit and use file descriptors from init. </p> <h5>Description</h5> <p> </p><p> Allow the specified domain to inherit file descriptors from the init program (process ID 1). Typically the only file descriptors to be inherited from init are for the console. This does not allow the domain any access to the object to which the file descriptors references. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>init_dontaudit_use_fds()</p></li><p> </p><li><p>term_dontaudit_use_console()</p></li><p> </p><li><p>term_use_console()</p></li><p> </p></ul><p> </p><p> Example usage: </p><p> </p><p> init_use_fds(mydomain_t) term_use_console(mydomain_t) </p><p> </p><p> Normally, processes that can inherit these file descriptors (usually services) write messages to the system log instead of writing to the console. Therefore, in many cases, this access should dontaudited instead. </p><p> </p><p> Example dontaudit usage: </p><p> </p><p> init_dontaudit_use_fds(mydomain_t) term_dontaudit_use_console(mydomain_t) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_use_inherited_script_ptys"></a> <div id="interface"> <div id="codeblock"> <b>init_use_inherited_script_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write inherited init script ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_use_script_fds"></a> <div id="interface"> <div id="codeblock"> <b>init_use_script_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit and use init script file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_use_script_ptys"></a> <div id="interface"> <div id="codeblock"> <b>init_use_script_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write the init script pty. </p> <h5>Description</h5> <p> </p><p> Read and write the init script pty. This pty is generally opened by the open_init_pty portion of the run_init program so that the daemon does not require direct access to the administrator terminal. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_var_lib_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>init_var_lib_filetrans</b>( domain , file_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the init_var_lib_t directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file_type </td><td> <p> The type of the object to be created </p> </td></tr> <tr><td> object_class </td><td> <p> The object class. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_init_write_initctl"></a> <div id="interface"> <div id="codeblock"> <b>init_write_initctl</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write to initctl. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_write_key"></a> <div id="interface"> <div id="codeblock"> <b>init_write_key</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write the process keyring of init. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_write_pid_socket"></a> <div id="interface"> <div id="codeblock"> <b>init_write_pid_socket</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to write to init sock file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_write_script_pipes"></a> <div id="interface"> <div id="codeblock"> <b>init_write_script_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write an init script unnamed pipe. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_init_write_utmp"></a> <div id="interface"> <div id="codeblock"> <b>init_write_utmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write to utmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>
