<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="contrib.html">+ contrib</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> - <a href='kernel_corecommands.html'> corecommands</a><br/> - <a href='kernel_corenetwork.html'> corenetwork</a><br/> - <a href='kernel_devices.html'> devices</a><br/> - <a href='kernel_domain.html'> domain</a><br/> - <a href='kernel_files.html'> files</a><br/> - <a href='kernel_filesystem.html'> filesystem</a><br/> - <a href='kernel_kernel.html'> kernel</a><br/> - <a href='kernel_mcs.html'> mcs</a><br/> - <a href='kernel_mls.html'> mls</a><br/> - <a href='kernel_selinux.html'> selinux</a><br/> - <a href='kernel_storage.html'> storage</a><br/> - <a href='kernel_terminal.html'> terminal</a><br/> - <a href='kernel_ubac.html'> ubac</a><br/> - <a href='kernel_unlabelednet.html'> unlabelednet</a><br/> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: kernel</h1><p/> <h2>Module: files</h2><p/> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p> </p><p> This module contains basic filesystem types and interfaces. This includes: <ul><p> </p><li><p>The concept of different file types including basic files, mount points, tmp files, etc.</p></li><p> </p><li><p>Access to groups of files and all files.</p></li><p> </p><li><p>Types and interfaces for the basic filesystem layout (/, /etc, /tmp, /usr, etc.).</p></li><p> </p></ul> </p><p> </p></p> <p>This module is required to be included in all policies.</p> <hr> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_files_append_inherited_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_append_inherited_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to append inherited tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_append_var_files"></a> <div id="interface"> <div id="codeblock"> <b>files_append_var_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Append files in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_associate_rootfs"></a> <div id="interface"> <div id="codeblock"> <b>files_associate_rootfs</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified type to associate to a filesystem with the type of the / file system </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to associate. </p> </td></tr> </table> </div> </div> <a name="link_files_associate_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_associate_tmp</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified type to associate to a filesystem with the type of the temporary directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to associate. </p> </td></tr> </table> </div> </div> <a name="link_files_auth_file"></a> <div id="interface"> <div id="codeblock"> <b>files_auth_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mark the specified type as a file that is related to authentication. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the authentication-related file. </p> </td></tr> </table> </div> </div> <a name="link_files_base_file"></a> <div id="interface"> <div id="codeblock"> <b>files_base_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a base file. </p> <h5>Description</h5> <p> </p><p> Identify file type as base file type. Tools will use this attribute, to help users diagnose problems. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type to be used as a base files. </p> </td></tr> </table> </div> </div> <a name="link_files_boot_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_boot_filetrans</b>( domain , private_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a private type object in boot with an automatic type transition </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private_type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object_class </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_config_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_config_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow the specified domain to modify the systemd configuration of any file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_config_file"></a> <div id="interface"> <div id="codeblock"> <b>files_config_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a configuration file. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable for configuration files. This will also make the type usable for files, making calls to files_type() redundant. Failure to use this interface for a temporary file may result in problems with configuration management tools. </p><p> </p><p> Example usage with a domain that can read its configuration file /etc: </p><p> </p><p> type myconffile_t; files_config_file(myconffile_t) allow mydomain_t myconffile_t:file read_file_perms; files_search_etc(mydomain_t) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type to be used as a configuration file. </p> </td></tr> </table> </div> </div> <a name="link_files_create_all_pid_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_create_all_pid_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create all pid named pipes </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_all_pid_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_create_all_pid_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create all pid sockets </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_all_spool_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_create_all_spool_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create all spool sockets </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_as_is_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_create_as_is_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow domain to create_file_ass all types </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_boot_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_create_boot_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create directories in /boot </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_boot_flag"></a> <div id="interface"> <div id="codeblock"> <b>files_create_boot_flag</b>( domain , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a boot flag. </p> <h5>Description</h5> <p> </p><p> Create a boot flag, such as /.autorelabel and /.autofsck. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_create_default_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_create_default_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a default directory </p> <h5>Description</h5> <p> </p><p> Create a default_t direcrory </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_kernel_img"></a> <div id="interface"> <div id="codeblock"> <b>files_create_kernel_img</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Install a kernel into the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_kernel_symbol_table"></a> <div id="interface"> <div id="codeblock"> <b>files_create_kernel_symbol_table</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Install a system.map into the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_lock_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_create_lock_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create lock directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_create_var_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_create_var_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create directories in /var/lib </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_create_var_run_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_create_var_run_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create generic pid directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_non_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_non_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow domain to delete to all dirs </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow domain to delete to all files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all process ID directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_pid_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_pid_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all pid named pipes </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_pid_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_pid_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all pid sockets </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all process IDs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_all_spool_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_all_spool_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all spool sockets </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_boot_flag"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_boot_flag</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete a boot flag. </p> <h5>Description</h5> <p> </p><p> Delete a boot flag, such as /.autorelabel and /.autofsck. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_etc_dir_entry"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_etc_dir_entry</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Remove entries from the etc directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete system configuration files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_generic_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_generic_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete generic lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete block files on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete chr files on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_fifo_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_fifo_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete named pipes on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete files on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_sock_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_sock_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete named sockets on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_isid_type_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_isid_type_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete symbolic links on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_kernel"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_kernel</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete a kernel from /boot. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete kernel module files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_kernel_symbol_table"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_kernel_symbol_table</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete a system.map in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_root_dir_entry"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_root_dir_entry</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Remove entries from the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_root_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_root_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete files in the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_tmp_dir_entry"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_tmp_dir_entry</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Remove entries from the tmp directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_tmpfs_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_tmpfs_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow delete all tmpfs files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_usr_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_usr_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete generic directories in /usr in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_delete_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_delete_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete generic files in /usr in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaduit_getattr_kernel_symbol_table"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaduit_getattr_kernel_symbol_table</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit getattr attempts on the system.map file </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_access_check_etc"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_access_check_etc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to check the access on etc files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_access_check_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_access_check_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to check the access on home root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_access_check_mnt"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_access_check_mnt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to check the write access on mnt files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_access_check_root"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_access_check_root</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to check the access on root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_access_check_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_access_check_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to check the access on tmp files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_all_access_check"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_all_access_check</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to check the access on all files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_all_non_security_leaks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_all_non_security_leaks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to rw inherited file perms of non security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of daemon runtime data files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_all_tmp_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_all_tmp_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of all tmp sock_file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_boot_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_boot_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get attributes of the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_default_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_default_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of directories with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_default_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_default_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of files with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of the home directories root (/home). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_lost_found_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_lost_found_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of lost+found directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_non_security_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_non_security_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of non security block devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_non_security_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_non_security_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of non security character devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of non security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_non_security_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_non_security_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of non security named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_non_security_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_non_security_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of non security named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_non_security_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_non_security_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of non security symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_getattr_tmpfs_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_getattr_tmpfs_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to getattr all tmpfs files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_ioctl_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_ioctl_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to ioctl daemon runtime data files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_leaks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_leaks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read or write all leaked files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit listing of all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_boot"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_boot</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_default"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_default</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list contents of directories with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_home"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list home directories root (/home). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_mnt"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_mnt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit List the contents of /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_non_security"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_non_security</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list all non-security directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read security dirs </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit listing of the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_list_var"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_list_var</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit listing of the var directory (/var). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_mounton_isid"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_mounton_isid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit Moundon directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_mounton_rootfs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_mounton_rootfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on the root file system </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_all_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_all_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read of all security file types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_all_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_all_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read of all named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_all_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_all_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read all symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_default_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_default_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read files with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_etc_runtime_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_etc_runtime_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read files in /etc that are dynamically created on boot, such as mtab. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_root_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_root_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read files in the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_read_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_read_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read security files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_remove_etc_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_remove_etc_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit remove dir /etc directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_inherited_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_inherited_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read/write inherited locks (/var/lock). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_inherited_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_inherited_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read/write of non security named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_root_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_root_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read or write character device nodes in the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_root_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_root_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write files in the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_root_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_root_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read or write files in the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_usr_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_usr_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to add and remove entries from /usr directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_rw_var_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_rw_var_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write files in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_all_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_all_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the contents of any directories on extended attribute filesystems. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit searching of all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the all /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_boot"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_boot</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_home"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search home directories root (/home). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the locks directory (/var/lock). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_mnt"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_mnt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_non_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_non_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search non security dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search security files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_spool"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search generic spool directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_src"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_src</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search /usr/src. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_var"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_var</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the contents of /var. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_search_var_lib"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_search_var_lib</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the contents of /var/lib. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_setattr_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_setattr_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to set the attributes on all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_setattr_etc_runtime_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_setattr_etc_runtime_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to set the attributes of the etc_runtime files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_setattr_non_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_setattr_non_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to set the attributes of non security directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_setattr_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_setattr_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to set the attributes of non security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_tmp_file_leaks"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_tmp_file_leaks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read or write all leaked tmpfiles files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_unmount_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_unmount_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to unmount all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to all files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to daemon runtime data files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_etc_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_etc_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to /etc dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write generic files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_etc_runtime_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_etc_runtime_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write etc_runtime files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_isid_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_isid_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to character files that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_root_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_root_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to / dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_usr_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_usr_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit write of /usr dirs </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit write of /usr files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_dontaudit_write_var_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_dontaudit_write_var_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to /var. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_entrypoint_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_entrypoint_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow any file point to be the entrypoint of this domain </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_entrypoint_all_mountpoint"></a> <div id="interface"> <div id="codeblock"> <b>files_entrypoint_all_mountpoint</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make all mountpoint as entrypoint. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_etc_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_etc_filetrans</b>( domain , file_type , class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in /etc with a private type using a type_transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file_type </td><td> <p> Private file type. </p> </td></tr> <tr><td> class </td><td> <p> Object classes to be created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_etc_filetrans_etc_runtime"></a> <div id="interface"> <div id="codeblock"> <b>files_etc_filetrans_etc_runtime</b>( domain , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, etc runtime objects with an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> object </td><td> <p> The class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_etc_filetrans_system_conf"></a> <div id="interface"> <div id="codeblock"> <b>files_etc_filetrans_system_conf</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create files in /etc with the type used for the manageable system config files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The type of the process performing this action. </p> </td></tr> </table> </div> </div> <a name="link_files_exec_all_base_ro_files"></a> <div id="interface"> <div id="codeblock"> <b>files_exec_all_base_ro_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute all base ro files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_exec_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_exec_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute generic files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_exec_generic_pid_files"></a> <div id="interface"> <div id="codeblock"> <b>files_exec_generic_pid_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute generic programs in /var/run in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_exec_isid_files"></a> <div id="interface"> <div id="codeblock"> <b>files_exec_isid_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute files on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_exec_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_exec_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute generic programs in /usr in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_exec_usr_src_files"></a> <div id="interface"> <div id="codeblock"> <b>files_exec_usr_src_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute programs in /usr/src in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_execmod_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_execmod_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow shared library text relocations in all files. </p> <h5>Description</h5> <p> </p><p> Allow shared library text relocations in all files. </p><p> </p><p> This is added to support WINE policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_execmod_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_execmod_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow shared library text relocations in tmp files. </p> <h5>Description</h5> <p> </p><p> Allow shared library text relocations in tmp files. </p><p> </p><p> This is added to support java policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_filetrans_lib"></a> <div id="interface"> <div id="codeblock"> <b>files_filetrans_lib</b>( domain , directory_type , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, lib_t objects with an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> directory_type </td><td> <p> Type of the directory to be transitioned from </p> </td></tr> <tr><td> object </td><td> <p> The class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_filetrans_named_content"></a> <div id="interface"> <div id="codeblock"> <b>files_filetrans_named_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition named content in the var_run_t directory </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_filetrans_system_conf_named_files"></a> <div id="interface"> <div id="codeblock"> <b>files_filetrans_system_conf_named_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> File name transition for system configuration files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_filetrans_system_db_named_files"></a> <div id="interface"> <div id="codeblock"> <b>files_filetrans_system_db_named_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> File name transition for system db files in /var/lib. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all blk files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all chr files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_file_type_fs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_file_type_fs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all filesystems with the type of a file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_all_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_all_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow attempts to get the attributes of all tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_boot_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_boot_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get attributes of the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_default_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_default_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Getattr of directories with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_generic_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_generic_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of generic lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the home directories root (/home). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_isid_type"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_isid_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Getattr all file opbjects on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Getattr of directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of kernel module files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_lost_found_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_lost_found_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of lost+found directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of files in /usr. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_usr_src_files"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_usr_src_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of files in /usr/src. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_getattr_var_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_getattr_var_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the /var/lib directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_home_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_home_filetrans</b>( domain , home_type , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in /home. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> home_type </td><td> <p> The private type. </p> </td></tr> <tr><td> object </td><td> <p> The class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_kernel_modules_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_kernel_modules_filetrans</b>( domain , private_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the kernel module directories with a private type via an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private_type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object_class </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_list_all"></a> <div id="interface"> <div id="codeblock"> <b>files_list_all</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of all directories on extended attribute filesystems. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_list_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_all_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_list_all_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List all tmp directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_boot"></a> <div id="interface"> <div id="codeblock"> <b>files_list_boot</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_default"></a> <div id="interface"> <div id="codeblock"> <b>files_list_default</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List contents of directories with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_etc"></a> <div id="interface"> <div id="codeblock"> <b>files_list_etc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of /etc directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_home"></a> <div id="interface"> <div id="codeblock"> <b>files_list_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get listing of home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_list_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_list_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of the kernel module directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_list_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List generic lock directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_lost_found"></a> <div id="interface"> <div id="codeblock"> <b>files_list_lost_found</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of lost+found directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_mnt"></a> <div id="interface"> <div id="codeblock"> <b>files_list_mnt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_non_auth_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_list_non_auth_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all non-authentication related directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_non_security"></a> <div id="interface"> <div id="codeblock"> <b>files_list_non_security</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List all non-security directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_list_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of the runtime process ID directories (/var/run). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_root"></a> <div id="interface"> <div id="codeblock"> <b>files_list_root</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_spool"></a> <div id="interface"> <div id="codeblock"> <b>files_list_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of generic spool (/var/spool) directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_list_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_usr"></a> <div id="interface"> <div id="codeblock"> <b>files_list_usr</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of generic directories in /usr. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_var"></a> <div id="interface"> <div id="codeblock"> <b>files_list_var</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of /var. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_var_lib"></a> <div id="interface"> <div id="codeblock"> <b>files_list_var_lib</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of the /var/lib directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_list_world_readable"></a> <div id="interface"> <div id="codeblock"> <b>files_list_world_readable</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List world-readable directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_lock_file"></a> <div id="interface"> <div id="codeblock"> <b>files_lock_file</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable for lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> type </td><td> <p> Type to be used for lock files. </p> </td></tr> </table> </div> </div> <a name="link_files_lock_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_lock_filetrans</b>( domain , private type , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create an object in the locks directory, with a private type using a type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_all_files</b>( domain , exception_types )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage all files on the filesystem, except the listed exceptions. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> exception_types </td><td> <p> The types to be excluded. Each type or attribute must be negated by the caller. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_all_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_all_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> manage all lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_all_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_all_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> manage all pidfile directories in the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> manage all pidfiles in the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_boot_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_boot_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories in /boot. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_boot_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_boot_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_boot_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_boot_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_config_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_config_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage all configuration directories on filesystem </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_config_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_config_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage all configuration files on filesystem </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_default_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_default_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_default_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_default_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_etc_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_etc_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage generic directories in /etc </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_manage_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_etc_runtime_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_etc_runtime_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in /etc that are dynamically created on boot, such as mtab. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_etc_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_etc_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_generic_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_generic_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_generic_pids_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_generic_pids_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> manage generic symbolic links in the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_generic_spool"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_generic_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic spool files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_generic_spool_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_generic_spool_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic spool directories (/var/spool). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_generic_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_generic_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage temporary directories in /tmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_generic_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_generic_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage temporary files and directories in /tmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_isid_type_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_isid_type_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete block device nodes on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_isid_type_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_isid_type_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete character device nodes on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_isid_type_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_isid_type_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_isid_type_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_isid_type_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete kernel module files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_lost_found"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_lost_found</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete objects in lost+found directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_mnt_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_mnt_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories in /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_mnt_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_mnt_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_mnt_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_mnt_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_mounttab"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_mounttab</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow domain to manage mount tables necessary for rpcd, nfsd, etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_non_auth_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_non_auth_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage non-authentication related files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_non_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_non_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow attempts to manage non-security directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage all non-security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_root_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_root_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a core files in / </p> <h5>Description</h5> <p> </p><p> Create a core file in /, </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_system_conf_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_system_conf_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage manageable system configuration files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_system_db_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_system_db_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage manageable system db files in /var/lib. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_urandom_seed"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_urandom_seed</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete the pseudorandom number generator seed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in the /usr directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_var_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_var_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_var_files"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_var_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_var_lib_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_var_lib_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> manage generic symbolic links in the /var/lib directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_manage_var_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_manage_var_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mount_all_file_type_fs"></a> <div id="interface"> <div id="codeblock"> <b>files_mount_all_file_type_fs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount all filesystems with the type of a file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_all_poly_members"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_all_poly_members</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount filesystems on all polyinstantiation member directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_default"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_default</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on a directory with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_etc"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_etc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mounton directories on filesystem /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_isid"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_isid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Moundon directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_isid_type_chr_file"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_isid_type_chr_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on a new chr_file that has not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on a directory on new filesystems that has not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_mnt"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_mnt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_non_security"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_non_security</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on all non-security directories and files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mounton_rootfs"></a> <div id="interface"> <div id="codeblock"> <b>files_mounton_rootfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mount a filesystem on the root file system </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_mountpoint"></a> <div id="interface"> <div id="codeblock"> <b>files_mountpoint</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable for filesystem mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> type </td><td> <p> Type to be used for mount points. </p> </td></tr> </table> </div> </div> <a name="link_files_mountpoint_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_mountpoint_filetrans</b>( domain , private_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a private type object in mountpoint dir with an automatic type transition </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private_type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object_class </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_pid_file"></a> <div id="interface"> <div id="codeblock"> <b>files_pid_file</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable for runtime process ID files. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable for runtime process ID files, typically found in /var/run. This will also make the type usable for files, making calls to files_type() redundant. Failure to use this interface for a PID file type may result in problems with starting or stopping services. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>files_pid_filetrans()</p></li><p> </p></ul><p> </p><p> Example usage with a domain that can create and write its PID file with a private PID file type in the /var/run directory: </p><p> </p><p> type mypidfile_t; files_pid_file(mypidfile_t) allow mydomain_t mypidfile_t:file { create_file_perms write_file_perms }; files_pid_filetrans(mydomain_t, mypidfile_t, file) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> type </td><td> <p> Type to be used for PID files. </p> </td></tr> </table> </div> </div> <a name="link_files_pid_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_pid_filetrans</b>( domain , private type , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create an object in the process ID directory, with a private type. </p> <h5>Description</h5> <p> </p><p> Create an object in the process ID directory (e.g., /var/run) with a private type. Typically this is used for creating private PID files in /var/run with the private type instead of the general PID file type. To accomplish this goal, either the program must be SELinux-aware, or use this interface. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>files_pid_file()</p></li><p> </p></ul><p> </p><p> Example usage with a domain that can create and write its PID file with a private PID file type in the /var/run directory: </p><p> </p><p> type mypidfile_t; files_pid_file(mypidfile_t) allow mydomain_t mypidfile_t:file { create_file_perms write_file_perms }; files_pid_filetrans(mydomain_t, mypidfile_t, file) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_pid_filetrans_lock_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_pid_filetrans_lock_dir</b>( domain , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a generic lock directory within the run directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_poly"></a> <div id="interface"> <div id="codeblock"> <b>files_poly</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a polyinstantiated directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a polyinstantiated directory. </p> </td></tr> </table> </div> </div> <a name="link_files_poly_member"></a> <div id="interface"> <div id="codeblock"> <b>files_poly_member</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a polyinstantiation member directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a member directory. </p> </td></tr> </table> </div> </div> <a name="link_files_poly_member_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_poly_member_tmp</b>( domain , file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the domain use the specified type of polyinstantiated directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain using the polyinstantiated directory. </p> </td></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a member directory. </p> </td></tr> </table> </div> </div> <a name="link_files_poly_parent"></a> <div id="interface"> <div id="codeblock"> <b>files_poly_parent</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a parent of a polyinstantiated directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a parent directory. </p> </td></tr> </table> </div> </div> <a name="link_files_polyinstantiate_all"></a> <div id="interface"> <div id="codeblock"> <b>files_polyinstantiate_all</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow access to manage all polyinstantiated directories on the system. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_purge_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_purge_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete the contents of /tmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_base_ro_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_base_ro_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all ro base files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all block nodes with file types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_chr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_chr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all character nodes with file types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_dirs_except"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_dirs_except</b>( domain , exception_types )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all directories on the filesystem, except the listed exceptions. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> exception_types </td><td> <p> The types to be excluded. Each type or attribute must be negated by the caller. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_files_except"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_files_except</b>( domain , exception_types )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all files on the filesystem, except the listed exceptions. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> exception_types </td><td> <p> The types to be excluded. Each type or attribute must be negated by the caller. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all lock files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_mountpoint_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_mountpoint_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all mountpoint symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all process ID files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_symlinks_except"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_symlinks_except</b>( domain , exception_types )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all symbolic links on the filesystem, except the listed exceptions. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> exception_types </td><td> <p> The types to be excluded. Each type or attribute must be negated by the caller. </p> </td></tr> </table> </div> </div> <a name="link_files_read_all_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_all_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_boot_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_boot_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> read files in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_boot_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_boot_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_config_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_config_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read config files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_default_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_default_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_default_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_read_default_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read named pipes with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_default_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_read_default_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read sockets with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_default_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_default_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic files in /etc. </p> <h5>Description</h5> <p> </p><p> Allow the specified domain to read generic files in /etc. These files are typically general system configuration files that do not have more specific SELinux types. Some examples of these files are: </p><p> </p><ul><p> </p><li><p>/etc/fstab</p></li><p> </p><li><p>/etc/passwd</p></li><p> </p><li><p>/etc/services</p></li><p> </p><li><p>/etc/shells</p></li><p> </p></ul><p> </p><p> This interface does not include access to /etc/shadow. </p><p> </p><p> Generally, it is safe for many domains to have this access. However, since this interface provides access to the /etc/passwd file, caution must be exercised, as user account names can be leaked through this access. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>auth_read_shadow()</p></li><p> </p><li><p>files_read_etc_runtime_files()</p></li><p> </p><li><p>seutil_read_config()</p></li><p> </p></ul><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_etc_runtime_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_etc_runtime_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in /etc that are dynamically created on boot, such as mtab. </p> <h5>Description</h5> <p> </p><p> Allow the specified domain to read dynamically created configuration files in /etc. These files are typically general system configuration files that do not have more specific SELinux types. Some examples of these files are: </p><p> </p><ul><p> </p><li><p>/etc/motd</p></li><p> </p><li><p>/etc/mtab</p></li><p> </p><li><p>/etc/nologin</p></li><p> </p></ul><p> </p><p> This interface does not include access to /etc/shadow. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_etc_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_etc_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_generic_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_read_generic_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic process ID files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_generic_spool"></a> <div id="interface"> <div id="codeblock"> <b>files_read_generic_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic spool files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_generic_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_generic_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_generic_tmp_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_generic_tmp_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_inherited_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_inherited_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read inherited tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_isid_type_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_isid_type_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_kernel_img"></a> <div id="interface"> <div id="codeblock"> <b>files_read_kernel_img</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read kernel files in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_read_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read kernel module files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_kernel_symbol_table"></a> <div id="interface"> <div id="codeblock"> <b>files_read_kernel_symbol_table</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read system.map in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_mnt_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_mnt_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> read files in /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_mnt_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_mnt_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_non_auth_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_non_auth_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all non-authentication related files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_non_auth_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_non_auth_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all non-authentication related symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all non-security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_system_conf_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_system_conf_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read manageable system configuration files in /etc </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic files in /usr. </p> <h5>Description</h5> <p> </p><p> Allow the specified domain to read generic files in /usr. These files are various program files that do not have more specific SELinux types. Some examples of these files are: </p><p> </p><ul><p> </p><li><p>/usr/include/*</p></li><p> </p><li><p>/usr/share/doc/*</p></li><p> </p><li><p>/usr/share/info/*</p></li><p> </p></ul><p> </p><p> Generally, it is safe for many domains to have this access. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_usr_src_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_usr_src_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in /usr/src. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_usr_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_usr_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in /usr. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_var_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_var_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_var_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_var_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic files in /var/lib. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_var_lib_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_var_lib_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read generic symbolic links in /var/lib </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_var_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_var_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read symbolic links in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_world_readable_files"></a> <div id="interface"> <div id="codeblock"> <b>files_read_world_readable_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read world-readable files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_world_readable_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_read_world_readable_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read world-readable named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_world_readable_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_read_world_readable_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read world-readable sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_read_world_readable_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_read_world_readable_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read world-readable symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_file_type_fs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_file_type_fs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a filesystem to the type of a file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_files</b>( domain , exception_types )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel all files on the filesystem, except the listed exceptions. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> exception_types </td><td> <p> The types to be excluded. Each type or attribute must be negated by the caller. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_lock_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_lock_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from all lock directory types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_lock_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_lock_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from all lock file types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relable all pid directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_pid_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_pid_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relable all pid files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_spool_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_spool_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from all spool directory types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from all temporary directory types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_all_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_all_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from all temporary file types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_base_file_types"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_base_file_types</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel all base file types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_config_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_config_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel configuration directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_config_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_config_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel configuration files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel from and to generic files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel from and to kernel module files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_non_auth_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_non_auth_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel all non-authentication related files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel all non-security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_rootfs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_rootfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a rootfs filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_var_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_var_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel dirs in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabel_var_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabel_var_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel dirs in the /var/lib directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelfrom_boot_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelfrom_boot_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel from files in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelfrom_isid_type"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelfrom_isid_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabelfrom all file opbjects on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelfrom_system_conf_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelfrom_system_conf_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel manageable system configuration files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelfrom_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelfrom_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a dir from the type used in /tmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelfrom_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelfrom_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a file from the type used in /tmp. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelfrom_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelfrom_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a file from the type used in /usr. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_all_file_type_fs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_all_file_type_fs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a filesystem to the type of a file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_boot_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_boot_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to files in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_home"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to user home root (/home). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_system_conf_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_system_conf_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel manageable system configuration files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_usr_files"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_usr_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel a file to the type used in /usr. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_relabelto_var_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_relabelto_var_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to dirs in the /var/lib directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_ro_base_file"></a> <div id="interface"> <div id="codeblock"> <b>files_ro_base_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a base read only file. </p> <h5>Description</h5> <p> </p><p> Make the specified type readable for all domains. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type to be used as a base read only files. </p> </td></tr> </table> </div> </div> <a name="link_files_root_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_root_filetrans</b>( domain , private type , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create an object in the root directory, with a private type using a type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_root_filetrans_default"></a> <div id="interface"> <div id="codeblock"> <b>files_root_filetrans_default</b>( domain , object )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, default_t objects with an automatic type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> object </td><td> <p> The class of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_all_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_all_files</b>( domain , exception_types )<br> </div> <div id="description"> <h5>Summary</h5> <p> rw all files on the filesystem, except the listed exceptions. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> exception_types </td><td> <p> The types to be excluded. Each type or attribute must be negated by the caller. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_all_inherited_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_all_inherited_files</b>( domain , object_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> rw any files inherited from another process </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> object_type </td><td> <p> Object type. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_boot_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_boot_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write symbolic links in the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_etc_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_etc_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Add and remove entries from /etc directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write generic files in /etc. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_etc_runtime_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_etc_runtime_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write files in /etc that are dynamically created on boot, such as mtab. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_generic_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_generic_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write generic process ID files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_generic_tmp_dir"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_generic_tmp_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow read and write to the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain not to audit. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_generic_tmp_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_generic_tmp_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write generic named sockets in the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_inherited_generic_pid_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_inherited_generic_pid_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> rw generic pid files inherited from another process </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_inherited_isid_type_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_inherited_isid_type_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> rw any files inherited from another process on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_inherited_non_security_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_inherited_non_security_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read/Write all inherited non-security files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_inherited_tmp_file"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_inherited_tmp_file</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow caller to read and write inherited tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_isid_type_blk_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_isid_type_blk_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write block device nodes on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_lock_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_lock_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Add and remove entries in the /var/lock directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_non_auth_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_non_auth_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> rw non-authentication related files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Add and remove entries from pid directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_tmp_file_leaks"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_tmp_file_leaks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do allow attempts to read or write all leaked tmpfiles files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_tmpfs_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_tmpfs_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow read write all tmpfs files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_usr_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_usr_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Add and remove entries from /usr directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_var_files"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_var_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write files in the /var directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_rw_var_lib_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_rw_var_lib_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read-write /var/lib directories </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_all"></a> <div id="interface"> <div id="codeblock"> <b>files_search_all</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of all directories on extended attribute filesystems. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_search_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_all_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_search_all_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow search the all /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_search_base_file_types"></a> <div id="interface"> <div id="codeblock"> <b>files_search_base_file_types</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all base file dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_boot"></a> <div id="interface"> <div id="codeblock"> <b>files_search_boot</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the /boot directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_default"></a> <div id="interface"> <div id="codeblock"> <b>files_search_default</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of directories with the default file type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_etc"></a> <div id="interface"> <div id="codeblock"> <b>files_search_etc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of /etc directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_home"></a> <div id="interface"> <div id="codeblock"> <b>files_search_home</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search home directories root (/home). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_search_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of the kernel module directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_locks"></a> <div id="interface"> <div id="codeblock"> <b>files_search_locks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the locks directory (/var/lock). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_mnt"></a> <div id="interface"> <div id="codeblock"> <b>files_search_mnt</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of /mnt. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_pids"></a> <div id="interface"> <div id="codeblock"> <b>files_search_pids</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of runtime process ID directories (/var/run). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_spool"></a> <div id="interface"> <div id="codeblock"> <b>files_search_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of generic spool directories (/var/spool). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_search_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the tmp directory (/tmp). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_usr"></a> <div id="interface"> <div id="codeblock"> <b>files_search_usr</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the content of /usr. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_var"></a> <div id="interface"> <div id="codeblock"> <b>files_search_var</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the contents of /var. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_search_var_lib"></a> <div id="interface"> <div id="codeblock"> <b>files_search_var_lib</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the /var/lib directory. </p> <h5>Description</h5> <p> </p><p> Search the /var/lib directory. This is necessary to access files or directories under /var/lib that have a private type. For example, a domain accessing a private library file in the /var/lib directory: </p><p> </p><p> allow mydomain_t mylibfile_t:file read_file_perms; files_search_var_lib(mydomain_t) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_security_file"></a> <div id="interface"> <div id="codeblock"> <b>files_security_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a file that should not be dontaudited from browsing from user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a member directory. </p> </td></tr> </table> </div> </div> <a name="link_files_security_mountpoint"></a> <div id="interface"> <div id="codeblock"> <b>files_security_mountpoint</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable for security file filesystem mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> type </td><td> <p> Type to be used for mount points. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_all_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_all_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of all tmp directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_etc_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_etc_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of the /etc directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_isid_type_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_isid_type_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Setattr of directories on new filesystems that have not yet been labeled. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_lock_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_lock_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of the /var/lock directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_non_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_non_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow attempts to setattr any directory </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_pid_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_pid_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_root_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_root_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set attributes of the root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_setattr_usr_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_setattr_usr_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of the /usr directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_spool_file"></a> <div id="interface"> <div id="codeblock"> <b>files_spool_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a file used for spool files. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable for spool files. This will also make the type usable for files, making calls to files_type() redundant. Failure to use this interface for a spool file may result in problems with purging spool files. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>files_spool_filetrans()</p></li><p> </p></ul><p> </p><p> Example usage with a domain that can create and write its spool file in the system spool file directories (/var/spool): </p><p> </p><p> type myspoolfile_t; files_spool_file(myfile_spool_t) allow mydomain_t myfile_spool_t:file { create_file_perms write_file_perms }; files_spool_filetrans(mydomain_t, myfile_spool_t, file) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a spool file. </p> </td></tr> </table> </div> </div> <a name="link_files_spool_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_spool_filetrans</b>( domain , file , class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the spool directory with a private type with a type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file </td><td> <p> Type to which the created node will be transitioned. </p> </td></tr> <tr><td> class </td><td> <p> Object class(es) (single or set including {}) for which this the transition will occur. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_status_etc"></a> <div id="interface"> <div id="codeblock"> <b>files_status_etc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the status of etc_t files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_stub_etc"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_etc</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub etc_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_tmp"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub tmp_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_var"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_var</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub var_run_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_var_lib"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_var_lib</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub var_lib_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_var_lock"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_var_lock</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub var_lock_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_var_log"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_var_log</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub var_log_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_var_run"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_var_run</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub var_run_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_stub_var_spool"></a> <div id="interface"> <div id="codeblock"> <b>files_stub_var_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> files stub var_run_t interface. No access allowed. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access </p> </td></tr> </table> </div> </div> <a name="link_files_tmp_file"></a> <div id="interface"> <div id="codeblock"> <b>files_tmp_file</b>( file_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type a file used for temporary files. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable for temporary files. This will also make the type usable for files, making calls to files_type() redundant. Failure to use this interface for a temporary file may result in problems with purging temporary files. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>files_tmp_filetrans()</p></li><p> </p></ul><p> </p><p> Example usage with a domain that can create and write its temporary file in the system temporary file directories (/tmp or /var/tmp): </p><p> </p><p> type mytmpfile_t; files_tmp_file(mytmpfile_t) allow mydomain_t mytmpfile_t:file { create_file_perms write_file_perms }; files_tmp_filetrans(mydomain_t, mytmpfile_t, file) </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> file_type </td><td> <p> Type of the file to be used as a temporary file. </p> </td></tr> </table> </div> </div> <a name="link_files_tmp_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_tmp_filetrans</b>( domain , private type , object , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create an object in the tmp directories, with a private type using a type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> private type </td><td> <p> The type of the object to be created. </p> </td></tr> <tr><td> object </td><td> <p> The object class of the object being created. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_tmpfs_file"></a> <div id="interface"> <div id="codeblock"> <b>files_tmpfs_file</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transform the type into a file, for use on a virtual memory filesystem (tmpfs). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> type </td><td> <p> The type to be transformed. </p> </td></tr> </table> </div> </div> <a name="link_files_type"></a> <div id="interface"> <div id="codeblock"> <b>files_type</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable for files in a filesystem. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable for files in a filesystem. Types used for files that do not use this interface, or an interface that calls this one, will have unexpected behaviors while the system is running. If the type is used for device nodes (character or block files), then the dev_node() interface is more appropriate. </p><p> </p><p> Related interfaces: </p><p> </p><ul><p> </p><li><p>application_domain()</p></li><p> </p><li><p>application_executable_file()</p></li><p> </p><li><p>corecmd_executable_file()</p></li><p> </p><li><p>init_daemon_domain()</p></li><p> </p><li><p>init_domaion()</p></li><p> </p><li><p>init_ranged_daemon_domain()</p></li><p> </p><li><p>init_ranged_domain()</p></li><p> </p><li><p>init_ranged_system_domain()</p></li><p> </p><li><p>init_script_file()</p></li><p> </p><li><p>init_script_domain()</p></li><p> </p><li><p>init_system_domain()</p></li><p> </p><li><p>files_config_files()</p></li><p> </p><li><p>files_lock_file()</p></li><p> </p><li><p>files_mountpoint()</p></li><p> </p><li><p>files_pid_file()</p></li><p> </p><li><p>files_security_file()</p></li><p> </p><li><p>files_security_mountpoint()</p></li><p> </p><li><p>files_spool_file()</p></li><p> </p><li><p>files_tmp_file()</p></li><p> </p><li><p>files_tmpfs_file()</p></li><p> </p><li><p>logging_log_file()</p></li><p> </p><li><p>userdom_user_home_content()</p></li><p> </p></ul><p> </p><p> Example: </p><p> </p><p> type myfile_t; files_type(myfile_t) allow mydomain_t myfile_t:file read_file_perms; </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> type </td><td> <p> Type to be used for files. </p> </td></tr> </table> </div> </div> <a name="link_files_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>files_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_unmount_all_file_type_fs"></a> <div id="interface"> <div id="codeblock"> <b>files_unmount_all_file_type_fs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unmount all filesystems with the type of a file. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_unmount_rootfs"></a> <div id="interface"> <div id="codeblock"> <b>files_unmount_rootfs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unmount a rootfs filesystem. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_usr_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_usr_filetrans</b>( domain , file_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the /usr directory </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file_type </td><td> <p> The type of the object to be created </p> </td></tr> <tr><td> object_class </td><td> <p> The object class. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_var_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_var_filetrans</b>( domain , file_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the /var directory </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file_type </td><td> <p> The type of the object to be created </p> </td></tr> <tr><td> object_class </td><td> <p> The object class. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_var_lib_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>files_var_lib_filetrans</b>( domain , file_type , object_class , name )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the /var/lib directory </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> file_type </td><td> <p> The type of the object to be created </p> </td></tr> <tr><td> object_class </td><td> <p> The object class. </p> </td></tr> <tr><td> name </td><td> <p> The name of the object being created. </p> </td></tr> </table> </div> </div> <a name="link_files_write_all_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_write_all_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write all file type directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_write_all_mountpoints"></a> <div id="interface"> <div id="codeblock"> <b>files_write_all_mountpoints</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write all mount points. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_write_all_pid_sockets"></a> <div id="interface"> <div id="codeblock"> <b>files_write_all_pid_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write all sockets in the /var/run directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_write_generic_pid_pipes"></a> <div id="interface"> <div id="codeblock"> <b>files_write_generic_pid_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write named generic process ID pipes </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_write_kernel_modules"></a> <div id="interface"> <div id="codeblock"> <b>files_write_kernel_modules</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write kernel module files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_write_non_security_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_write_non_security_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow attempts to modify any directory </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_files_write_root_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_write_root_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write to / dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_files_write_var_dirs"></a> <div id="interface"> <div id="codeblock"> <b>files_write_var_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow attempts to write to /var.dirs </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>