Layer: system

Module: systemd

Interfaces

Description:

SELinux policy for systemd components


Interfaces:

manage_systemd_journal_files( domain )
Summary

Allow domain to create/manage systemd_journal_log_t files

Parameters
Parameter:Description:
domain

Domain allowed access.

manage_var_run_files( domain )
Summary

Allow domain to manage var_run_t files

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_config_all_services( domain )
Summary

Allow the specified domain to access all service perms for all unit files

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_config_all_services_except_auditd( domain )
Summary

Allow the specified domain to access all service perms for all unit files except auditd

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_dbus_chat_logind( domain )
Summary

Send and receive messages from systemd logind over dbus.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_dontaudit_read_unit_files( domain )
Summary

Dontaudit domain to read all systemd unit files.

Parameters
Parameter:Description:
domain

Domain to not audit.

systemd_exec_systemctl( domain )
Summary

Execute systemctl in the caller domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_filetrans_named_content( domain )
Summary

Transition to systemd named content

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_getattr_unit_files( domain )
Summary

Allow domain to getattr all systemd unit files.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_list_unit_dirs( domain )
Summary

Allow domain to list systemd unit dirs.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_logger_stream_connect( domain )
Summary

Allow the specified domain to connect to systemd_logger with a unix socket.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_halt( domain )
Summary

Tell systemd_login to halt the system.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_list_pid_dirs( domain )
Summary

Read systemd_login PID files.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_read_pid_files( domain )
Summary

Read systemd_login PID files.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_reboot( domain )
Summary

Tell systemd_login to reboot the system.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_status( domain )
Summary

Get the system status information from systemd_login

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_undefined( domain )
Summary

Tell systemd_login to do an unknown access.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_login_write_pid_pipe( domain )
Summary

Write systemd_login named pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_manage_all_unit_files( domain )
Summary

manage all systemd unit files

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_manage_all_unit_lnk_files( domain )
Summary

manage all systemd unit lnk_files

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_manage_lnk_file_passwd_run( domain )
Summary

Allow to domain to create systemd-passwd symlink

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_manage_passwd_run( domain )
Summary

Send generic signals to systemd_passwd_agent processes.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_manage_unit_dirs( domain )
Summary

manage systemd unit dirs

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_notify_domtrans( domain )
Summary

Execute a domain transition to run systemd_notify.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_passwd_agent_dev_template( userdomain_prefix )
Summary

Template for temporary sockets and files in /dev/.systemd/ask-password which are used by systemd-passwd-agent

Parameters
Parameter:Description:
userdomain_prefix

The prefix of the domain (e.g., user is the prefix for user_t).

systemd_passwd_agent_domtrans( domain )
Summary

Execute a domain transition to run systemd-tty-ask-password-agent.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_passwd_agent_exec( domain )
Summary

Execute systemd-tty-ask-password-agent in the caller domain

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_passwd_agent_role( role , domain )
Summary

Role access for systemd_passwd_agent

Parameters
Parameter:Description:
role

Role allowed access

domain

User domain for the role

systemd_passwd_agent_run( domain , role )
Summary

Execute systemd-tty-ask-password-agent in the systemd_passwd_agent domain, and allow the specified role the systemd_passwd_agent domain.

Parameters
Parameter:Description:
domain

Domain allowed access

role

The role to be allowed the systemd_passwd_agent domain.

systemd_read_fifo_file_passwd_run( domain )
Summary

Allow to domain to read systemd-passwd pipe

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_read_logind_sessions_files( domain )
Summary

Read logind sessions files.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_read_unit_files( domain )
Summary

Allow domain to read all systemd unit files.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_read_xdm_tmpfs_files( domain )
Summary

Allow domain to read xdm_tmpfs files

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_search_services_dir( domain )
Summary

Allow to search services dir.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_search_unit_dirs( domain )
Summary

Allow domain to search systemd unit dirs.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_signal_passwd_agent( domain )
Summary

Send generic signals to systemd_passwd_agent processes.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_start_systemd_services( domain )
Summary

Allow domain to start system service.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_status_systemd_services( domain )
Summary

Allow domain to status system service.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_status_systemd_unit_services( domain )
Summary

Allow domain to status system service.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_systemctl_domain( domain_prefix )
Summary

Create a domain for processes which are started exuting systemctl.

Parameters
Parameter:Description:
domain_prefix

Domain allowed access.

systemd_tmpfiles_domtrans( domain )
Summary

Execute a domain transition to run systemd-tmpfiles.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_tmpfiles_manage_object( type , class )
Summary

Allow systemd_tmpfiles_t to manage filesystem objects

Parameters
Parameter:Description:
type

type of object to manage

class

object class to manage

systemd_unit_file( script_file )
Summary

Create a file type used for systemd unit files.

Parameters
Parameter:Description:
script_file

Type to be used for an unit file.

systemd_use_fds_logind( domain )
Summary

Use and and inherited systemd logind file descriptors.

Parameters
Parameter:Description:
domain

Domain allowed access.

systemd_write_inherited_logind_sessions_pipes( domain )
Summary

Write inherited logind sessions pipes.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return