<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> - <a href='admin_bootloader.html'> bootloader</a><br/> - <a href='admin_consoletype.html'> consoletype</a><br/> - <a href='admin_dmesg.html'> dmesg</a><br/> - <a href='admin_netutils.html'> netutils</a><br/> - <a href='admin_su.html'> su</a><br/> - <a href='admin_sudo.html'> sudo</a><br/> - <a href='admin_usermanage.html'> usermanage</a><br/> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="contrib.html">+ contrib</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: admin</h1><p/> <h2>Module: usermanage</h2><p/> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p>Policy for managing user accounts.</p></p> <hr> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_usermanage_access_check_groupadd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_access_check_groupadd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Check access to the groupadd executable. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_access_check_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_access_check_passwd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Check access to the passwd executable </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_access_check_useradd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_access_check_useradd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Check access to the useradd executable. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_check_exec_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_check_exec_passwd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Check if the passwd binary is executable. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_check_exec_useradd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_check_exec_useradd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Check if the useradd binaries are executable. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_domtrans_admin_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_domtrans_admin_passwd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute password admin functions in the admin passwd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_domtrans_chfn"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_domtrans_chfn</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute chfn in the chfn domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_domtrans_groupadd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_domtrans_groupadd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute groupadd in the groupadd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_domtrans_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_domtrans_passwd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute passwd in the passwd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_domtrans_useradd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_domtrans_useradd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute useradd in the useradd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_dontaudit_use_useradd_fds"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_dontaudit_use_useradd_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use useradd fds. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_kill_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_kill_passwd</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send sigkills to passwd. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_read_crack_db"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_read_crack_db</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the crack database. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_run_admin_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_run_admin_passwd</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute passwd admin functions in the admin passwd domain, and allow the specified role the admin passwd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_run_chfn"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_run_chfn</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute chfn in the chfn domain, and allow the specified role the chfn domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_run_groupadd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_run_groupadd</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute groupadd in the groupadd domain, and allow the specified role the groupadd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_run_passwd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_run_passwd</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute passwd in the passwd domain, and allow the specified role the passwd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> </table> </div> </div> <a name="link_usermanage_run_useradd"></a> <div id="interface"> <div id="codeblock"> <b>usermanage_run_useradd</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute useradd in the useradd domain, and allow the specified role the useradd domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed to transition. </p> </td></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>