<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> - <a href='system_application.html'> application</a><br/> - <a href='system_authlogin.html'> authlogin</a><br/> - <a href='system_clock.html'> clock</a><br/> - <a href='system_daemontools.html'> daemontools</a><br/> - <a href='system_fstools.html'> fstools</a><br/> - <a href='system_getty.html'> getty</a><br/> - <a href='system_hostname.html'> hostname</a><br/> - <a href='system_hotplug.html'> hotplug</a><br/> - <a href='system_init.html'> init</a><br/> - <a href='system_ipsec.html'> ipsec</a><br/> - <a href='system_iptables.html'> iptables</a><br/> - <a href='system_iscsi.html'> iscsi</a><br/> - <a href='system_libraries.html'> libraries</a><br/> - <a href='system_locallogin.html'> locallogin</a><br/> - <a href='system_logging.html'> logging</a><br/> - <a href='system_lvm.html'> lvm</a><br/> - <a href='system_miscfiles.html'> miscfiles</a><br/> - <a href='system_modutils.html'> modutils</a><br/> - <a href='system_mount.html'> mount</a><br/> - <a href='system_netlabel.html'> netlabel</a><br/> - <a href='system_pcmcia.html'> pcmcia</a><br/> - <a href='system_raid.html'> raid</a><br/> - <a href='system_selinuxutil.html'> selinuxutil</a><br/> - <a href='system_setrans.html'> setrans</a><br/> - <a href='system_sysnetwork.html'> sysnetwork</a><br/> - <a href='system_tzdata.html'> tzdata</a><br/> - <a href='system_udev.html'> udev</a><br/> - <a href='system_unconfined.html'> unconfined</a><br/> - <a href='system_userdomain.html'> userdomain</a><br/> - <a href='system_virtual.html'> virtual</a><br/> - <a href='system_xen.html'> xen</a><br/> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: system</h1><p/> <h2>Module: userdomain</h2><p/> <a href=#interfaces>Interfaces</a> <a href=#templates>Templates</a> <h3>Description:</h3> <p><p>Policy for user domains</p></p> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_userdom_append_generic_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_append_generic_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Append files in a user home subdirectory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_bin_spec_domtrans_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_bin_spec_domtrans_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a generic bin program in the sysadm domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_bin_spec_domtrans_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_bin_spec_domtrans_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute bin_t in the unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_create_all_users_keys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_create_all_users_keys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create keys for all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dbus_send_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dbus_send_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a dbus message to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_delete_all_users_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_delete_all_users_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> delete all directories in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_delete_all_users_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_delete_all_users_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all files in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_delete_all_users_home_content_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_delete_all_users_home_content_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete all symlinks in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dgram_send"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dgram_send</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a message to unpriv users over a unix domain datagram socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_append_staff_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_append_staff_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to append to the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_getattr_sysadm_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_getattr_sysadm_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to get the attributes of the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_getattr_sysadm_ttys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_getattr_sysadm_ttys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attepts to get the attributes of sysadm ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_sysadm_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_list_sysadm_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_user_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_list_user_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit getattr all user file type </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_read_sysadm_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_read_sysadm_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_relabel_generic_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_relabel_generic_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit relabel of generic user home files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_relabelfrom_sysadm_ttys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_relabelfrom_sysadm_ttys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to relabel files from sysadm tty types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_relabelfrom_unpriv_users_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_relabelfrom_unpriv_users_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to relabel files from unprivileged user pty types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_all_users_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_all_users_home_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_generic_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_generic_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Don't audit search on the user home subdirectory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_staff_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_staff_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_sysadm_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_sysadm_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to search the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_search_user_bin_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_search_user_bin_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit search of user bin dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_all_users_fds"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_all_users_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit the file descriptors from any user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_sysadm_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_sysadm_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dont audit attempts to read and write sysadm ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_sysadm_terms"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_sysadm_terms</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use sysadm ttys and ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_sysadm_ttys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_sysadm_ttys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use sysadm ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_unpriv_user_fds"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_unpriv_user_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit the file descriptors from all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_unpriv_users_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_unpriv_users_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use unprivileged user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_unpriv_users_ttys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_use_unpriv_users_ttys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to use unprivileged user ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_write_unpriv_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_dontaudit_write_unpriv_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit attempts to write to user home dir files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_entry_spec_domtrans_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_entry_spec_domtrans_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute all entrypoint files in the sysadm domain. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_entry_spec_domtrans_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_entry_spec_domtrans_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute all entrypoint files in unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_exec"></a> <div id="interface"> <div id="codeblock"> <b>userdom_exec</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute user executables in the caller domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> type </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_exec_user_bin_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_exec_user_bin_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute user bin files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_executable_file"></a> <div id="interface"> <div id="codeblock"> <b>userdom_executable_file</b>( type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable for files that are exectuables, such as binary programs. This does not include shared libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> type </td><td> <p> Type to be used for files. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_execute_generic_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_execute_generic_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> allow execute of generic user home files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_generic_user_home_dir_filetrans_generic_user_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_generic_user_home_dir_filetrans_generic_user_home_content</b>( domain , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in generic user home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_getattr_all_executables"></a> <div id="interface"> <div id="codeblock"> <b>userdom_getattr_all_executables</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> getattr all executables </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_getattr_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_getattr_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_getattr_sysadm_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_getattr_sysadm_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_home_filetrans_generic_user_home_dir"></a> <div id="interface"> <div id="codeblock"> <b>userdom_home_filetrans_generic_user_home_dir</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create generic user home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_inherit_append_sysadm_home_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_inherit_append_sysadm_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Append files inherited in the /root directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_kill_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_kill_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send kill signals to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_all_users_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_all_users_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_sysadm_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_sysadm_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_unpriv_users_tmp"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_unpriv_users_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users temporary directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_user_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_user_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> allow getattr all user file type </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_user_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_list_user_home_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List contents of users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_all_users_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_all_users_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete all directories in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_all_users_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_all_users_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete all files in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_all_users_home_content_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_all_users_home_content_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete all symlinks in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete subdirectories of generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_content_pipes"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_content_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named pipes in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_content_sockets"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_content_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named sockets in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_content_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_content_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_generic_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_generic_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_staff_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_staff_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete subdirectories of generic staff home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_staff_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_staff_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete staff home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_unpriv_user_semaphores"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_unpriv_user_semaphores</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage unpriviledged user SysV sempaphores. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_unpriv_user_shared_mem"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_unpriv_user_shared_mem</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage unpriviledged user SysV shared memory segments. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_unpriv_users_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_unpriv_users_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories in unprivileged users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_unpriv_users_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_unpriv_users_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in unprivileged users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_executables"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_user_executables</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and all executable files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_manage_user_home_content</b>( userdomain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage all files/directories in the homedir </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain </td><td> <p> The user domain </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_mmap_all_executables"></a> <div id="interface"> <div id="codeblock"> <b>userdom_mmap_all_executables</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Mmap all executables as executable. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_priveleged_home_dir_manager"></a> <div id="interface"> <div id="codeblock"> <b>userdom_priveleged_home_dir_manager</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified domain a privileged home directory manager. </p> <h5>Description</h5> <p> </p><p> Make the specified domain a privileged home directory manager. This domain will be able to manage the contents of all users general home directory content, and create files with the correct context. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_tmp_untrusted_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_tmp_untrusted_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all user temporary untrusted content files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_untrusted_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_untrusted_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all user untrusted content files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_users_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_users_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all files in all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_users_home_dirs_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_users_home_dirs_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all users home directories symlinks. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_all_users_state"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_all_users_state</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read the process state of all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_generic_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_generic_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_staff_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_staff_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_sysadm_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_sysadm_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read files in the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_sysadm_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_sysadm_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow to read sysadm tmp files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_unpriv_users_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_unpriv_users_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users home directory files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_unpriv_users_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_unpriv_users_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_unpriv_users_tmp_symlinks"></a> <div id="interface"> <div id="codeblock"> <b>userdom_read_unpriv_users_tmp_symlinks</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all unprivileged users temporary symbolic links. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_relabel_all_executables"></a> <div id="interface"> <div id="codeblock"> <b>userdom_relabel_all_executables</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel to and from the bin type. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_relabel_generic_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_relabel_generic_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> allow relabel of staff home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_relabel_staff_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_relabel_staff_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> allow relabel of staff home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_relabel_user_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_relabel_user_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> allow relabel of home type directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_relabel_user_home_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_relabel_user_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel user home files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_relabelto_unpriv_users_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_relabelto_unpriv_users_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Relabel files to unprivileged user pty types. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_rw_semaphores"></a> <div id="interface"> <div id="codeblock"> <b>userdom_rw_semaphores</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> RW unpriviledged user SysV sempaphores. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_rw_sysadm_pipes"></a> <div id="interface"> <div id="codeblock"> <b>userdom_rw_sysadm_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm user unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_rw_unpriv_user_shared_mem"></a> <div id="interface"> <div id="codeblock"> <b>userdom_rw_unpriv_user_shared_mem</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read/Write unpriviledged user SysV shared memory segments. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sbin_spec_domtrans_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sbin_spec_domtrans_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a generic sbin program in the sysadm domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sbin_spec_domtrans_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sbin_spec_domtrans_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute generic sbin programs in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_all_users_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_all_users_home_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_all_users_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_all_users_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_generic_user_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_generic_user_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search generic user home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_staff_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_staff_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the staff users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_sysadm_home_content_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_sysadm_home_content_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the sysadm users home sub directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_sysadm_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_sysadm_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search the sysadm users home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_unpriv_users_home_dirs"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_unpriv_users_home_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search all unprivileged users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_user_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_search_user_home_content</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search users home directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_set_rlimitnh"></a> <div id="interface"> <div id="codeblock"> <b>userdom_set_rlimitnh</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow apps to set rlimits on userdomain </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_setattr_unpriv_users_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_setattr_unpriv_users_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_setattr_user_home_content_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_setattr_user_home_content_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of user home files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_shell_domtrans_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_shell_domtrans_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in the sysadm domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sigchld_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sigchld_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a SIGCHLD signal to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sigchld_sysadm"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sigchld_sysadm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send a SIGCHLD signal to sysadm users. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_signal_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_signal_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send general signals to all user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_signal_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_signal_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send general signals to unprivileged user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_signull_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_signull_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send signull to unprivileged user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_spec_domtrans_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_spec_domtrans_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in all user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_spec_domtrans_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_spec_domtrans_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute a shell in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_staff_home_dir_filetrans_staff_home_content"></a> <div id="interface"> <div id="codeblock"> <b>userdom_staff_home_dir_filetrans_staff_home_content</b>( domain , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in staff home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_stream_connect"></a> <div id="interface"> <div id="codeblock"> <b>userdom_stream_connect</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Connect to users over an unix stream socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sysadm_bin_spec_domtrans_to"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sysadm_bin_spec_domtrans_to</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow sysadm to execute a generic bin program in a specified domain. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Description</h5> <p> </p><p> Allow sysadm to execute a generic bin program in a specified domain. </p><p> </p><p> This is a interface to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to execute in. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sysadm_entry_spec_domtrans_to"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sysadm_entry_spec_domtrans_to</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow sysadm to execute all entrypoint files in the specified domain. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Description</h5> <p> </p><p> Allow sysadm to execute all entrypoint files in the specified domain. This is an explicit transition, requiring the caller to use setexeccon(). </p><p> </p><p> This is a interface to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to execute in. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sysadm_home_dir_filetrans"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sysadm_home_dir_filetrans</b>( domain , private type , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in sysadm home directories with automatic file type transition. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> private type </td><td> <p> The type of the object to be created. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_sysadm_sbin_spec_domtrans_to"></a> <div id="interface"> <div id="codeblock"> <b>userdom_sysadm_sbin_spec_domtrans_to</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow sysadm to execute a generic sbin program in a specified domain. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Description</h5> <p> </p><p> Allow sysadm to execute a generic sbin program in a specified domain. </p><p> </p><p> This is a interface to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain to execute in. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>userdom_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Unconfined access to user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_unpriv_users_tmp"></a> <div id="interface"> <div id="codeblock"> <b>userdom_unpriv_users_tmp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Add tmpfile attribute or user_tmpfile attribute given domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_all_users_fds"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_all_users_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit the file descriptors from all user domains </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_fds"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit and use sysadm file descriptors </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_terms"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_terms</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm ttys and ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_sysadm_ttys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_sysadm_ttys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write sysadm ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_unpriv_users_fds"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_unpriv_users_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Inherit the file descriptors from unprivileged user domains. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_unpriv_users_ptys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_unpriv_users_ptys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unprivileged user ptys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_unpriv_users_ttys"></a> <div id="interface"> <div id="codeblock"> <b>userdom_use_unpriv_users_ttys</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write unprivileged user ttys. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_write_unpriv_users_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>userdom_write_unpriv_users_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write all unprivileged users files in /tmp </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_xsession_spec_domtrans_all_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_xsession_spec_domtrans_all_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute an Xserver session in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_xsession_spec_domtrans_unpriv_users"></a> <div id="interface"> <div id="codeblock"> <b>userdom_xsession_spec_domtrans_unpriv_users</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute an Xserver session in all unprivileged user domains. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> <a name="templates"></a> <h3>Templates: </h3> <a name="link_userdom_admin_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_admin_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating an administrative user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p><p> The privileges given to administrative users are: <ul><p> </p><li><p>Raw disk access</p></li><p> </p><li><p>Set all sysctls</p></li><p> </p><li><p>All kernel ring buffer controls</p></li><p> </p><li><p>Create, read, write, and delete all files but shadow</p></li><p> </p><li><p>Manage source and binary format SELinux policy</p></li><p> </p><li><p>Run insmod</p></li><p> </p></ul> </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., sysadm is the prefix for sysadm_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_base_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_base_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template containing the most basic rules common to all users. </p> <h5>Description</h5> <p> </p><p> The template containing the most basic rules common to all users. </p><p> </p><p> This template creates a user domain, types, and rules for the user's tty and pty. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_basic_networking_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_basic_networking_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template allowing the user basic network permissions </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_change_password_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_change_password_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for allowing the user to change passwords. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_common_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_common_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template containing rules common to unprivileged users and administrative users. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, tmp, and tmpfs files. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_create_user_pty"></a> <div id="template"> <div id="codeblock"> <b>userdom_create_user_pty</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a user pty. </p> <h5>Description</h5> <p> </p><p> Create a user pty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_append_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_append_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to append users temporary files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to append users temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_exec_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_exec_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to execute user home files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to execute user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_user_home_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_list_user_home_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list user home subdirectories. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to list user home subdirectories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_user_tmp"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_list_user_tmp</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list user temporary directories. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to list user temporary directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_user_tmp_untrusted_content"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_list_user_tmp_untrusted_content</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list user temporary untrusted directories. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to list user temporary directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_list_user_untrusted_content"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_list_user_untrusted_content</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to list user untrusted directories. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to read user untrusted directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_manage_user_home_content_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_manage_user_home_content_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to create, read, write, and delete directories in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to create, read, write, and delete directories in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_manage_user_tmp_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_manage_user_tmp_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to manage users temporary directories. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to manage users temporary directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_manage_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_manage_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to manage users temporary files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to manage users temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_read_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_read_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read user home files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to read user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_read_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_read_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read users temporary files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to read users temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_read_user_tmp_untrusted_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_read_user_tmp_untrusted_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read users temporary untrusted files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to read users temporary untrusted files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_read_user_untrusted_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_read_user_untrusted_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read users untrusted files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to read users untrusted files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_setattr_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_setattr_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to set the attributes of user home files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to set the attributes of user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_use_user_terminals"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_use_user_terminals</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write a user domain tty and pty. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to read and write a user domain tty and pty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_dontaudit_write_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_dontaudit_write_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write user home files. </p> <h5>Description</h5> <p> </p><p> Do not audit attempts to write user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_exec_generic_pgms_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_exec_generic_pgms_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template allowing the user to execute generic programs, such as those found in /bin, /sbin, /usr/bin, and /usr/sbin. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_exec_home_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_exec_home_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for allowing the user to execute files in their home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_exec_tmp_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_exec_tmp_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for execute access to the user temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_exec_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_exec_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute user home files. </p> <h5>Description</h5> <p> </p><p> Execute user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_user_home_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_list_user_home_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List user home directories. </p> <h5>Description</h5> <p> </p><p> List user home directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_user_tmp"></a> <div id="template"> <div id="codeblock"> <b>userdom_list_user_tmp</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List user temporary directories. </p> <h5>Description</h5> <p> </p><p> List user temporary directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_user_tmp_untrusted_content"></a> <div id="template"> <div id="codeblock"> <b>userdom_list_user_tmp_untrusted_content</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List users temporary untrusted directories. </p> <h5>Description</h5> <p> </p><p> List users temporary untrusted directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_list_user_untrusted_content"></a> <div id="template"> <div id="codeblock"> <b>userdom_list_user_untrusted_content</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List users untrusted directories. </p> <h5>Description</h5> <p> </p><p> List users untrusted directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_login_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_login_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a login user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_home_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_home_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a home directory that the user has full access. </p> <h5>Description</h5> <p> </p><p> The template for creating a home directory that the user has full access. </p><p> </p><p> This does not allow execute access. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_tmp_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_tmp_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for full access to the temporary directories. </p> <h5>Description</h5> <p> </p><p> The template for full access to the temporary directories. This creates a derived type for the user temporary type. Execute access is not given. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_tmpfs_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_tmpfs_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a tmpfs type that the user has full access. </p> <h5>Description</h5> <p> </p><p> The template for creating a tmpfs type that the user has full access. </p><p> </p><p> This does not allow execute access. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_content_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_content_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete directories in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete directories in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete files in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete files in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_content_pipes"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_content_pipes</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named pipes in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete named pipes in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_content_sockets"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_content_sockets</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete named sockets in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete named sockets in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_home_content_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_home_content_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete symbolic links in a user home subdirectory. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete symbolic links in a user home subdirectory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary directories. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary files. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_pipes"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_pipes</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary named pipes. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary named pipes. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_sockets"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_sockets</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary named sockets. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary named sockets. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_tmp_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_tmp_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete user temporary symbolic links. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete user temporary symbolic links. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_manage_user_untrusted_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_manage_user_untrusted_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage user untrusted files. </p> <h5>Description</h5> <p> </p><p> Create, read, write, and delete untrusted files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_poly_home_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_poly_home_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for polyinstantiating a user home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_poly_tmp_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_poly_tmp_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for a polyinstantiated temporary directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_privhome_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_privhome_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a unprivileged user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_home_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_home_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user home files. </p> <h5>Description</h5> <p> </p><p> Read user home files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_home_content_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_home_content_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user home subdirectory symbolic links. </p> <h5>Description</h5> <p> </p><p> Read user home subdirectory symbolic links. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user temporary files. </p> <h5>Description</h5> <p> </p><p> Read user temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_tmp_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_tmp_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user temporary symbolic links. </p> <h5>Description</h5> <p> </p><p> Read user temporary symbolic links. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_tmp_untrusted_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_tmp_untrusted_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user temporary untrusted files. </p> <h5>Description</h5> <p> </p><p> Read user temporary untrusted files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_tmp_untrusted_content_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_tmp_untrusted_content_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user temporary untrusted symbolic links. </p> <h5>Description</h5> <p> </p><p> Read user temporary untrusted symbolic links. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_tmpfs_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_tmpfs_files</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a tmpfs type that the user has full access. </p> <h5>Description</h5> <p> </p><p> The template for creating a tmpfs type that the user has full access. </p><p> </p><p> This does not allow execute access. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_untrusted_content_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_untrusted_content_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user untrusted files. </p> <h5>Description</h5> <p> </p><p> Read user untrusted files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_read_user_untrusted_content_symlinks"></a> <div id="template"> <div id="codeblock"> <b>userdom_read_user_untrusted_content_symlinks</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user untrusted symbolic links. </p> <h5>Description</h5> <p> </p><p> Read user untrusted symbolic links. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_restricted_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_restricted_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a unprivileged login user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_ro_home_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_ro_home_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a home directory that the user has read-only access. </p> <h5>Description</h5> <p> </p><p> The template for creating a home directory that the user has read-only access. </p><p> </p><p> This does not allow execute access. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_auditadm"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_auditadm</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change to the auditadm user role. </p> <h5>Description</h5> <p> </p><p> Change to the auditadm user role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the auditadm role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_from_auditadm"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_from_auditadm</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change from the auditadm user role. </p> <h5>Description</h5> <p> </p><p> Change from the auditadm user role to the specified role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_from_generic_user"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_from_generic_user</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change from the generic user role. </p> <h5>Description</h5> <p> </p><p> Change from the generic user role to the specified role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_from_secadm"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_from_secadm</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change from the secadm user role. </p> <h5>Description</h5> <p> </p><p> Change from the secadm user role to the specified role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_from_staff"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_from_staff</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change from the staff user role. </p> <h5>Description</h5> <p> </p><p> Change from the staff user role to the specified role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_from_sysadm"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_from_sysadm</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change from the sysadm user role. </p> <h5>Description</h5> <p> </p><p> Change from the sysadm user role to the specified role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_generic_user"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_generic_user</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change to the generic user role. </p> <h5>Description</h5> <p> </p><p> Change to the generic user role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_secadm"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_secadm</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change to the secadm user role. </p> <h5>Description</h5> <p> </p><p> Change to the secadm user role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_staff"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_staff</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change to the staff user role. </p> <h5>Description</h5> <p> </p><p> Change to the staff user role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_sysadm"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_sysadm</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Change to the sysadm user role. </p> <h5>Description</h5> <p> </p><p> Change to the sysadm user role. </p><p> </p><p> This is a template to support third party modules and its use is not allowed in upstream reference policy. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> prefix </td><td> <p> The prefix of the user role (e.g., user is the prefix for user_r). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_role_change_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_role_change_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for allowing the user to change roles. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_rw_user_tmp_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_rw_user_tmp_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write user temporary files. </p> <h5>Description</h5> <p> </p><p> Read and write user temporary files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_rw_user_tmpfs_files"></a> <div id="template"> <div id="codeblock"> <b>userdom_rw_user_tmpfs_files</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user tmpfs files. </p> <h5>Description</h5> <p> </p><p> Read user tmpfs files. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_search_user_home_dirs"></a> <div id="template"> <div id="codeblock"> <b>userdom_search_user_home_dirs</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search user home directories. </p> <h5>Description</h5> <p> </p><p> Search user home directories. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_security_administrator"></a> <div id="template"> <div id="codeblock"> <b>userdom_security_administrator</b>( userdomain_prefix , domain , role , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow user to run as a secadm </p> <h5>Description</h5> <p> </p><p> Create objects in a user home directory with an automatic type transition to a specified private type. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> role </td><td> <p> The role of the object to create. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The terminal </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_setattr_user_ptys"></a> <div id="template"> <div id="codeblock"> <b>userdom_setattr_user_ptys</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of a user pty. </p> <h5>Description</h5> <p> </p><p> Set the attributes of a user pty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_setattr_user_ttys"></a> <div id="template"> <div id="codeblock"> <b>userdom_setattr_user_ttys</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of a user domain tty. </p> <h5>Description</h5> <p> </p><p> Set the attributes of a user domain tty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_tmp_filetrans_user_tmp"></a> <div id="template"> <div id="codeblock"> <b>userdom_tmp_filetrans_user_tmp</b>( userdomain_prefix , domain , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in the temporary directory with an automatic type transition to the user temporary type. </p> <h5>Description</h5> <p> </p><p> Create objects in the temporary directory with an automatic type transition to the user temporary type. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_transition_user_tmp"></a> <div id="template"> <div id="codeblock"> <b>userdom_transition_user_tmp</b>( userdomain_prefix , domain , class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage and create all files in /tmp on behalf of the user </p> <h5>Description</h5> <p> </p><p> The interface for full access to the temporary directories. This creates a derived type for the user temporary type. Execute access is not given. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_unpriv_user_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_unpriv_user_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a unprivileged user. </p> <h5>Description</h5> <p> </p><p> This template creates a user domain, types, and rules for the user's tty, pty, home directories, tmp, and tmpfs files. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_untrusted_content_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_untrusted_content_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a set of types for untrusted content. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_user_terminals"></a> <div id="template"> <div id="codeblock"> <b>userdom_use_user_terminals</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write a user domain tty and pty. </p> <h5>Description</h5> <p> </p><p> Read and write a user domain tty and pty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_use_user_ttys"></a> <div id="template"> <div id="codeblock"> <b>userdom_use_user_ttys</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write a user domain tty. </p> <h5>Description</h5> <p> </p><p> Read and write a user domain tty. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_user_home_content"></a> <div id="template"> <div id="codeblock"> <b>userdom_user_home_content</b>( userdomain_prefix , type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make the specified type usable in a user home directory. </p> <h5>Description</h5> <p> </p><p> Make the specified type usable in a user home directory. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> type </td><td> <p> Type to be used as a file in the user home directory. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_user_home_dir_filetrans"></a> <div id="template"> <div id="codeblock"> <b>userdom_user_home_dir_filetrans</b>( userdomain_prefix , domain , private_type , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in a user home directory with an automatic type transition to a specified private type. </p> <h5>Description</h5> <p> </p><p> Create objects in a user home directory with an automatic type transition to a specified private type. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> private_type </td><td> <p> The type of the object to create. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_user_home_dir_filetrans_user_home_content"></a> <div id="template"> <div id="codeblock"> <b>userdom_user_home_dir_filetrans_user_home_content</b>( userdomain_prefix , domain , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in a user home directory with an automatic type transition to the user home file type. </p> <h5>Description</h5> <p> </p><p> Create objects in a user home directory with an automatic type transition to the user home file type. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_user_home_domtrans"></a> <div id="template"> <div id="codeblock"> <b>userdom_user_home_domtrans</b>( userdomain_prefix , source_domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do a domain transition to the specified domain when executing a program in the user home directory. </p> <h5>Description</h5> <p> </p><p> Do a domain transition to the specified domain when executing a program in the user home directory. </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> source_domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> target_domain </td><td> <p> Domain to transition to. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_user_tmp_filetrans"></a> <div id="template"> <div id="codeblock"> <b>userdom_user_tmp_filetrans</b>( userdomain_prefix , domain , private_type , object_class )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create objects in a user temporary directory with an automatic type transition to a specified private type. </p> <h5>Description</h5> <p> </p><p> Create objects in a user temporary directory with an automatic type transition to a specified private type. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> <tr><td> private_type </td><td> <p> The type of the object to create. </p> </td><td> No </td></tr> <tr><td> object_class </td><td> <p> The class of the object to be created. If not specified, file is used. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_write_user_tmp_sockets"></a> <div id="template"> <div id="codeblock"> <b>userdom_write_user_tmp_sockets</b>( userdomain_prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write to user temporary named sockets. </p> <h5>Description</h5> <p> </p><p> Write to user temporary named sockets. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td><td> No </td></tr> </table> </div> </div> <a name="link_userdom_xwindows_client_template"></a> <div id="template"> <div id="codeblock"> <b>userdom_xwindows_client_template</b>( userdomain_prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> The template for creating a user xwindows client. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="80%"> <tr><th >Parameter:</td><th >Description:</td><th >Optional:</td></tr> <tr><td> userdomain_prefix </td><td> <p> The prefix of the user domain (e.g., user is the prefix for user_t). </p> </td><td> No </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>