<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+
kernel</a></br/>
<div id='subitem'>
- <a href='kernel_corecommands.html'>
corecommands</a><br/>
- <a href='kernel_corenetwork.html'>
corenetwork</a><br/>
- <a href='kernel_devices.html'>
devices</a><br/>
- <a href='kernel_domain.html'>
domain</a><br/>
- <a href='kernel_files.html'>
files</a><br/>
- <a href='kernel_filesystem.html'>
filesystem</a><br/>
- <a href='kernel_kernel.html'>
kernel</a><br/>
- <a href='kernel_mcs.html'>
mcs</a><br/>
- <a href='kernel_mls.html'>
mls</a><br/>
- <a href='kernel_selinux.html'>
selinux</a><br/>
- <a href='kernel_storage.html'>
storage</a><br/>
- <a href='kernel_terminal.html'>
terminal</a><br/>
- <a href='kernel_ubac.html'>
ubac</a><br/>
</div>
<a href="roles.html">+
roles</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="global_booleans.html">* Global Booleans </a>
<br/><p/>
<a href="global_tunables.html">* Global Tunables </a>
<p/><br/><p/>
<a href="index.html">* Layer Index</a>
<br/><p/>
<a href="booleans.html">* Boolean Index</a>
<br/><p/>
<a href="tunables.html">* Tunable Index</a>
<br/><p/>
<a href="interfaces.html">* Interface Index</a>
<br/><p/>
<a href="templates.html">* Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: files</h2><p/>
<a href=#interfaces>Interfaces</a>
<h3>Description:</h3>
<p><p>
</p><p>
This module contains basic filesystem types and interfaces. This
includes:
<ul><p>
</p><li><p>The concept of different file types including basic
files, mount points, tmp files, etc.</p></li><p>
</p><li><p>Access to groups of files and all files.</p></li><p>
</p><li><p>Types and interfaces for the basic filesystem layout
(/, /etc, /tmp, /usr, etc.).</p></li><p>
</p></ul>
</p><p>
</p></p>
<p>This module is required to be included in all policies.</p>
<hr>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_files_associate_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_associate_tmp</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the specified type to associate
to a filesystem with the type of the
temporary directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to associate.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_boot_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_boot_filetrans</b>(
domain
,
private_type
,
object_class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create a private type object in boot
with an automatic type transition
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private_type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object_class
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_config_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_config_file</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type a
configuration file.
</p>
<h5>Description</h5>
<p>
</p><p>
Make the specified type usable for configuration files.
This will also make the type usable for files, making
calls to files_type() redundant. Failure to use this interface
for a temporary file may result in problems with
configuration management tools.
</p><p>
</p><p>
Example usage with a domain that can read
its configuration file /etc:
</p><p>
</p><p>
type myconffile_t;
files_config_file(myconffile_t)
allow mydomain_t myconffile_t:file read_file_perms;
files_search_etc(mydomain_t)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type to be used as a configuration file.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_as_is_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_as_is_all_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow domain to create_file_ass all types
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_boot_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_boot_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create directories in /boot
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_boot_flag"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_boot_flag</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create a boot flag.
</p>
<h5>Description</h5>
<p>
</p><p>
Create a boot flag, such as
/.autorelabel and /.autofsck.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_default_dir"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_default_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create a default directory
</p>
<h5>Description</h5>
<p>
</p><p>
Create a default_t direcrory
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_kernel_img"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_kernel_img</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Install a kernel into the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_kernel_symbol_table"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_kernel_symbol_table</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Install a system.map into the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_create_var_run_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_create_var_run_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create generic pid directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_all_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_all_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete all lock files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_all_pid_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_all_pid_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete all process ID directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_all_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete all process IDs.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_etc_dir_entry"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_etc_dir_entry</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Remove entries from the etc directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete system configuration files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_blk_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete blk files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_chr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete chr files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete directories on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_fifo_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_fifo_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete fifo files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_sock_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_sock_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete sock files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_isid_type_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_isid_type_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete lnk_files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_kernel"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_kernel</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete a kernel from /boot.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_kernel_symbol_table"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_kernel_symbol_table</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete a system.map in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_root_dir_entry"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_root_dir_entry</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Remove entries from the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_root_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_root_file</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Remove file entries from the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_tmp_dir_entry"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_tmp_dir_entry</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Remove entries from the tmp directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_usr_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_usr_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete generic directories in /usr in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_delete_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_delete_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete generic files in /usr in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_all_non_security_leaks"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_all_non_security_leaks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to rw inherited file perms
of non security files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes of
daemon runtime data files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_pipes"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all named pipes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all named sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all symbolic links.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_tmp_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_tmp_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all tmp files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain not to audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_all_tmp_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_all_tmp_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of all tmp sock_file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain not to audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_boot_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_boot_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get attributes
of the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_default_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_default_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes of
directories with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_default_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_default_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes of
files with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_home_dir"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_home_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the
attributes of the home directories root
(/home).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_lost_found_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_lost_found_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes of
lost+found directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_non_security_blk_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_non_security_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of non security block devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_non_security_chr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_non_security_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of non security character devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_non_security_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_non_security_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of non security files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_non_security_pipes"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_non_security_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of non security named pipes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_non_security_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_non_security_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of non security named sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_non_security_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_non_security_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of non security symbolic links.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_pid_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_pid_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the attributes
of the /var/run directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_tmp_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_tmp_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the
attributes of the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_getattr_tmpfs_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_getattr_tmpfs_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to getattr
all tmpfs files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_ioctl_all_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_ioctl_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to ioctl daemon runtime data files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_leaks"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_leaks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
all leaked files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_list_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_list_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit listing of all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_list_default"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_list_default</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to list contents of
directories with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_list_home"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_list_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to list
home directories root (/home).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_list_mnt"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_list_mnt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit List the contents of /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_list_non_security"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_list_non_security</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to list all
non-security directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_list_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_list_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit listing of the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain not to audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_read_all_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_read_all_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read all symbolic links.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_read_default_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_read_default_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read files
with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_read_etc_runtime_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_read_etc_runtime_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read files
in /etc that are dynamically
created on boot, such as mtab.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_read_root_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_read_root_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read files in
the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_read_security_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_read_security_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read security files
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_rw_root_chr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_rw_root_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
character device nodes in the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_rw_root_dir"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_rw_root_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to write
files in the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_rw_root_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_rw_root_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
files in the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_rw_usr_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_rw_usr_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit Add and remove entries from /usr directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_rw_var_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_rw_var_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read and write
files in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_all_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_all_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the
contents of any directories on extended
attribute filesystems.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_boot"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_boot</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_home"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search
home directories root (/home).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search directories on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the
locks directory (/var/lock).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_mnt"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_mnt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search
the /var/run directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_spool"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_spool</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search generic
spool directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_src"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_src</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search /usr/src.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_search_var"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_search_var</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search
the contents of /var.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_all_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to write to daemon runtime data files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_etc_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_etc_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to write to /etc dirs.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to write generic files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_isid_chr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_isid_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to write to chr_files
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_usr_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_usr_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit write of /usr dirs
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit write of /usr files
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_dontaudit_write_var_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_dontaudit_write_var_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to write to /var.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_entrypoint_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_entrypoint_all_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow any file point to be the entrypoint of this domain
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_etc_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_etc_filetrans</b>(
domain
,
file_type
,
class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in /etc with a private
type using a type_transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
file_type
</td><td>
<p>
Private file type.
</p>
</td></tr>
<tr><td>
class
</td><td>
<p>
Object classes to be created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_etc_filetrans_etc_runtime"></a>
<div id="interface">
<div id="codeblock">
<b>files_etc_filetrans_etc_runtime</b>(
domain
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, etc runtime objects with an automatic
type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_etc_filetrans_system_conf"></a>
<div id="interface">
<div id="codeblock">
<b>files_etc_filetrans_system_conf</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create files in /etc with the type used for
the manageable system config files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the process performing this action.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_exec_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_exec_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute generic files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_exec_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_exec_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute generic programs in /usr in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_exec_usr_src_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_exec_usr_src_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute programs in /usr/src in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_execmod_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_execmod_all_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow shared library text relocations in all files.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow shared library text relocations in all files.
</p><p>
</p><p>
This is added to support WINE policy.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_execmod_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_execmod_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow shared library text relocations in tmp files.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow shared library text relocations in tmp files.
</p><p>
</p><p>
This is added to support java policy.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_file_type_fs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_file_type_fs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all filesystems
with the type of a file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_pipes"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all named pipes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all named sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all symbolic links.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_all_tmp_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_all_tmp_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow attempts to get the attributes
of all tmp files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain not to audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_boot_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_boot_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get attributes of the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_default_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_default_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Getattr of directories with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_generic_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_generic_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of generic lock files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_home_dir"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_home_dir</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of the home directories root
(/home).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Getattr of directories on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_lost_found_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_lost_found_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of lost+found directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_tmp_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_tmp_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of files in /usr.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_usr_src_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_usr_src_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of files in /usr/src.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_getattr_var_lib_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_getattr_var_lib_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of the /var/lib directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_home_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_home_filetrans</b>(
domain
,
home_type
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in /home.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
home_type
</td><td>
<p>
The private type.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_kernel_modules_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_kernel_modules_filetrans</b>(
domain
,
private_type
,
object_class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in the kernel module directories
with a private type via an automatic type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private_type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object_class
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_all"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_all</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of all directories on
extended attribute filesystems.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_all_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_all_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List all tmp directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_boot"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_boot</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_default"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_default</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List contents of directories with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_etc"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_etc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of /etc directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_home"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get listing of home directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of directories on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of the kernel module directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_mnt"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_mnt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_non_security"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_non_security</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List all non-security directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of the runtime process
ID directories (/var/run).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_root"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_root</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of the root directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_spool"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_spool</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of generic spool
(/var/spool) directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_usr"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_usr</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of generic
directories in /usr.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_var"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_var</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of /var.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_var_lib"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_var_lib</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of the /var/lib directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_list_world_readable"></a>
<div id="interface">
<div id="codeblock">
<b>files_list_world_readable</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List world-readable directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_lock_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_lock_file</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type usable for
lock files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
Type to be used for lock files.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_lock_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_lock_filetrans</b>(
domain
,
private type
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create an object in the locks directory, with a private
type using a type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_all_files</b>(
domain
,
exception_types
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage all files on the filesystem, except
the listed exceptions.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the domain perfoming this action.
</p>
</td></tr>
<tr><td>
exception_types
</td><td>
<p>
The types to be excluded. Each type or attribute
must be negated by the caller.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_all_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_all_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
manage all lock files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_boot_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_boot_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
manage directories in /boot
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_boot_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_boot_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files
in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_boot_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_boot_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete symbolic links
in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_config_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_config_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage all configuration directories on filesystem
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of domain performing this action
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_config_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_config_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage all configuration files on filesystem
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of domain performing this action
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_default_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_default_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete directories with
the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_default_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_default_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files with
the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_etc_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_etc_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage generic directories in /etc
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete generic
files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_etc_runtime_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_etc_runtime_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files in
/etc that are dynamically created on boot,
such as mtab.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_etc_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_etc_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete symbolic links in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_generic_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_generic_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete generic
lock files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_generic_pids_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_generic_pids_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
manage generic symbolic links
in the /var/run directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_generic_spool"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_generic_spool</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete generic
spool files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_generic_spool_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_generic_spool_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete generic
spool directories (/var/spool).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_generic_tmp_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_generic_tmp_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage temporary directories in /tmp.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the process performing this action.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_generic_tmp_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_generic_tmp_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage temporary files and directories in /tmp.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the process performing this action.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_isid_type_blk_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_isid_type_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete block device nodes
on new filesystems that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_isid_type_chr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_isid_type_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete character device nodes
on new filesystems that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete directories
on new filesystems that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_isid_type_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_isid_type_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files
on new filesystems that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_isid_type_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_isid_type_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete symbolic links
on new filesystems that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete
kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_lost_found"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_lost_found</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete objects in
lost+found directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_mnt_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_mnt_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete directories in /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_mnt_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_mnt_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files in /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_mnt_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_mnt_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete symbolic links in /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_mounttab"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_mounttab</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow domain to manage mount tables
necessary for rpcd, nfsd, etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_non_security_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_non_security_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow attempts to manage non-security directories
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to allow
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_root_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_root_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create a core files in /
</p>
<h5>Description</h5>
<p>
</p><p>
Create a core file in /,
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_system_conf_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_system_conf_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage manageable system configuration files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_urandom_seed"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_urandom_seed</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete the
pseudorandom number generator seed.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files in the /usr directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_var_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_var_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete directories
in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_var_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_var_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete files in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_manage_var_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_manage_var_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete symbolic
links in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mount_all_file_type_fs"></a>
<div id="interface">
<div id="codeblock">
<b>files_mount_all_file_type_fs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount all filesystems with the type of a file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mounton_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_mounton_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount a filesystem on all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mounton_all_poly_members"></a>
<div id="interface">
<div id="codeblock">
<b>files_mounton_all_poly_members</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount filesystems on all polyinstantiation
member directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mounton_default"></a>
<div id="interface">
<div id="codeblock">
<b>files_mounton_default</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount a filesystem on a directory with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mounton_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_mounton_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount a filesystem on a directory on new filesystems
that has not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mounton_mnt"></a>
<div id="interface">
<div id="codeblock">
<b>files_mounton_mnt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount a filesystem on /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mounton_non_security"></a>
<div id="interface">
<div id="codeblock">
<b>files_mounton_non_security</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Mount a filesystem on all non-security
directories and files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_mountpoint"></a>
<div id="interface">
<div id="codeblock">
<b>files_mountpoint</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type usable for
filesystem mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
Type to be used for mount points.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_pid_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_pid_file</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type usable for
runtime process ID files.
</p>
<h5>Description</h5>
<p>
</p><p>
Make the specified type usable for runtime process ID files,
typically found in /var/run.
This will also make the type usable for files, making
calls to files_type() redundant. Failure to use this interface
for a PID file type may result in problems with starting
or stopping services.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>files_pid_filetrans()</p></li><p>
</p></ul><p>
</p><p>
Example usage with a domain that can create and
write its PID file with a private PID file type in the
/var/run directory:
</p><p>
</p><p>
type mypidfile_t;
files_pid_file(mypidfile_t)
allow mydomain_t mypidfile_t:file { create_file_perms write_file_perms };
files_pid_filetrans(mydomain_t, mypidfile_t, file)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
Type to be used for PID files.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_pid_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_pid_filetrans</b>(
domain
,
private type
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create an object in the process ID directory, with a private type.
</p>
<h5>Description</h5>
<p>
</p><p>
Create an object in the process ID directory (e.g., /var/run)
with a private type. Typically this is used for creating
private PID files in /var/run with the private type instead
of the general PID file type. To accomplish this goal,
either the program must be SELinux-aware, or use this interface.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>files_pid_file()</p></li><p>
</p></ul><p>
</p><p>
Example usage with a domain that can create and
write its PID file with a private PID file type in the
/var/run directory:
</p><p>
</p><p>
type mypidfile_t;
files_pid_file(mypidfile_t)
allow mydomain_t mypidfile_t:file { create_file_perms write_file_perms };
files_pid_filetrans(mydomain_t, mypidfile_t, file)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_poly"></a>
<div id="interface">
<div id="codeblock">
<b>files_poly</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type a
polyinstantiated directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to be used as a
polyinstantiated directory.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_poly_member"></a>
<div id="interface">
<div id="codeblock">
<b>files_poly_member</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type a
polyinstantiation member directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to be used as a
member directory.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_poly_member_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_poly_member_tmp</b>(
domain
,
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the domain use the specified
type of polyinstantiated directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain using the polyinstantiated
directory.
</p>
</td></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to be used as a
member directory.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_poly_parent"></a>
<div id="interface">
<div id="codeblock">
<b>files_poly_parent</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type a parent
of a polyinstantiated directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to be used as a
parent directory.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_polyinstantiate_all"></a>
<div id="interface">
<div id="codeblock">
<b>files_polyinstantiate_all</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow access to manage all polyinstantiated
directories on the system.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_purge_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_purge_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Delete the contents of /tmp.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_blk_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all block nodes with file types.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_chr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_chr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all character nodes with file types.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_dirs_except"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_dirs_except</b>(
domain
,
exception_types
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all directories on the filesystem, except
the listed exceptions.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the domain perfoming this action.
</p>
</td></tr>
<tr><td>
exception_types
</td><td>
<p>
The types to be excluded. Each type or attribute
must be negated by the caller.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_files_except"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_files_except</b>(
domain
,
exception_types
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all files on the filesystem, except
the listed exceptions.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the domain perfoming this action.
</p>
</td></tr>
<tr><td>
exception_types
</td><td>
<p>
The types to be excluded. Each type or attribute
must be negated by the caller.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all lock files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all process ID files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all symbolic links.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_symlinks_except"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_symlinks_except</b>(
domain
,
exception_types
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all symbolic links on the filesystem, except
the listed exceptions.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the domain perfoming this action.
</p>
</td></tr>
<tr><td>
exception_types
</td><td>
<p>
The types to be excluded. Each type or attribute
must be negated by the caller.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_all_tmp_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_all_tmp_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all tmp files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_boot_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_boot_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
read files in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_boot_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_boot_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links
in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_config_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_config_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read config files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_default_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_default_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_default_pipes"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_default_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read named pipes with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_default_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_default_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read sockets with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_default_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_default_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic files in /etc.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow the specified domain to read generic
files in /etc. These files are typically
general system configuration files that do
not have more specific SELinux types. Some
examples of these files are:
</p><p>
</p><ul><p>
</p><li><p>/etc/fstab</p></li><p>
</p><li><p>/etc/passwd</p></li><p>
</p><li><p>/etc/services</p></li><p>
</p><li><p>/etc/shells</p></li><p>
</p></ul><p>
</p><p>
This interface does not include access to /etc/shadow.
</p><p>
</p><p>
Generally, it is safe for many domains to have
this access. However, since this interface provides
access to the /etc/passwd file, caution must be
exercised, as user account names can be leaked
through this access.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>auth_read_shadow()</p></li><p>
</p><li><p>files_read_etc_runtime_files()</p></li><p>
</p><li><p>seutil_read_config()</p></li><p>
</p></ul><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_etc_runtime_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_etc_runtime_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in /etc that are dynamically
created on boot, such as mtab.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow the specified domain to read dynamically created
configuration files in /etc. These files are typically
general system configuration files that do
not have more specific SELinux types. Some
examples of these files are:
</p><p>
</p><ul><p>
</p><li><p>/etc/motd</p></li><p>
</p><li><p>/etc/mtab</p></li><p>
</p><li><p>/etc/nologin</p></li><p>
</p></ul><p>
</p><p>
This interface does not include access to /etc/shadow.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_etc_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_etc_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_generic_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_generic_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic process ID files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_generic_spool"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_generic_spool</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic spool files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_generic_tmp_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_generic_tmp_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_generic_tmp_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_generic_tmp_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_isid_type_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_isid_type_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_kernel_img"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_kernel_img</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read kernel files in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_kernel_symbol_table"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_kernel_symbol_table</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read system.map in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_mnt_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_mnt_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
read files in /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_mnt_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_mnt_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_non_security_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_non_security_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all non-security files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_system_conf_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_system_conf_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read manageable system configuration files in /etc
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic files in /usr.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow the specified domain to read generic
files in /usr. These files are various program
files that do not have more specific SELinux types.
Some examples of these files are:
</p><p>
</p><ul><p>
</p><li><p>/usr/include/*</p></li><p>
</p><li><p>/usr/share/doc/*</p></li><p>
</p><li><p>/usr/share/info/*</p></li><p>
</p></ul><p>
</p><p>
Generally, it is safe for many domains to have
this access.
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_usr_src_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_usr_src_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in /usr/src.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_usr_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_usr_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in /usr.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_var_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_var_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read files in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_var_lib_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_var_lib_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic files in /var/lib.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_var_lib_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_var_lib_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic symbolic links in /var/lib
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_var_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_var_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read symbolic links in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_world_readable_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_world_readable_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read world-readable files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_world_readable_pipes"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_world_readable_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read world-readable named pipes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_world_readable_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_world_readable_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read world-readable sockets.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_read_world_readable_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_read_world_readable_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read world-readable symbolic links.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabel_all_file_type_fs"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabel_all_file_type_fs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel a filesystem to the type of a file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabel_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabel_all_files</b>(
domain
,
exception_types
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel all files on the filesystem, except
the listed exceptions.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the domain perfoming this action.
</p>
</td></tr>
<tr><td>
exception_types
</td><td>
<p>
The types to be excluded. Each type or attribute
must be negated by the caller.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabel_config_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabel_config_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel configuration directories
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Type of domain performing this action
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabel_config_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabel_config_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel configuration files
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Type of domain performing this action
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabel_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabel_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel from and to generic files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabel_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabel_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel from and to kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelfrom_boot_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelfrom_boot_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel from files in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelfrom_system_conf_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelfrom_system_conf_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel manageable system configuration files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelfrom_tmp_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelfrom_tmp_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel a dir from the type used in /tmp.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelfrom_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelfrom_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel a file from the type used in /usr.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelto_all_file_type_fs"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelto_all_file_type_fs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel a filesystem to the type of a file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelto_home"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelto_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel to user home root (/home).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelto_system_conf_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelto_system_conf_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel manageable system configuration files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_relabelto_usr_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_relabelto_usr_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel a file to the type used in /usr.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_root_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_root_filetrans</b>(
domain
,
private type
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create an object in the root directory, with a private
type using a type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_root_filetrans_default"></a>
<div id="interface">
<div id="codeblock">
<b>files_root_filetrans_default</b>(
domain
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, default_t objects with an automatic
type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_all_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_all_files</b>(
domain
,
exception_types
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
rw all files on the filesystem, except
the listed exceptions.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The type of the domain perfoming this action.
</p>
</td></tr>
<tr><td>
exception_types
</td><td>
<p>
The types to be excluded. Each type or attribute
must be negated by the caller.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_all_inherited_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_all_inherited_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
rw any files inherited from another process
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_boot_symlinks"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_boot_symlinks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write symbolic links
in the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_etc_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_etc_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Add and remove entries from /etc directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_etc_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_etc_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write generic files in /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_etc_runtime_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_etc_runtime_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write files in /etc that are dynamically
created on boot, such as mtab.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_generic_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_generic_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write generic process ID files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_generic_tmp_sockets"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_generic_tmp_sockets</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write generic named sockets in the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_isid_type_blk_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_isid_type_blk_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write block device nodes on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_isid_type_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_isid_type_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write directories on new filesystems
that have not yet been labeled.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_lock_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_lock_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Add and remove entries in the /var/lock
directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_pid_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_pid_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Add and remove entries from pid directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_usr_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_usr_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Add and remove entries from /usr directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_var_files"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_var_files</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write files in the /var directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_rw_var_lib_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_rw_var_lib_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read-write /var/lib directories
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_all"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_all</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of all directories on
extended attribute filesystems.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_boot"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_boot</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the /boot directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_default"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_default</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of directories with the default file type.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_etc"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_etc</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of /etc directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_home"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_home</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search home directories root (/home).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of the kernel module directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_locks"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_locks</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the locks directory (/var/lock).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_mnt"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_mnt</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of /mnt.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_pids"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_pids</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of runtime process
ID directories (/var/run).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_spool"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_spool</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of generic spool
directories (/var/spool).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_tmp"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_tmp</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the tmp directory (/tmp).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_usr"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_usr</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the content of /etc.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_var"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_var</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the contents of /var.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_search_var_lib"></a>
<div id="interface">
<div id="codeblock">
<b>files_search_var_lib</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Search the /var/lib directory.
</p>
<h5>Description</h5>
<p>
</p><p>
Search the /var/lib directory. This is
necessary to access files or directories under
/var/lib that have a private type. For example, a
domain accessing a private library file in the
/var/lib directory:
</p><p>
</p><p>
allow mydomain_t mylibfile_t:file read_file_perms;
files_search_var_lib(mydomain_t)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_security_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_security_file</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type a file that
should not be dontaudited from
browsing from user domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to be used as a
member directory.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_security_mountpoint"></a>
<div id="interface">
<div id="codeblock">
<b>files_security_mountpoint</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type usable for
security file filesystem mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
Type to be used for mount points.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_setattr_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_setattr_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Get the attributes of all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_setattr_all_tmp_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_setattr_all_tmp_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set the attributes of all tmp directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_setattr_etc_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_setattr_etc_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set the attributes of the /etc directories.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_setattr_pid_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_setattr_pid_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set the attributes of the /var/run directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_setattr_usr_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_setattr_usr_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set the attributes of the /usr directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_spool_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_spool_filetrans</b>(
domain
,
file
,
class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in the spool directory
with a private type with a type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
file
</td><td>
<p>
Type to which the created node will be transitioned.
</p>
</td></tr>
<tr><td>
class
</td><td>
<p>
Object class(es) (single or set including {}) for which this
the transition will occur.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_tmp_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_tmp_file</b>(
file_type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type a file
used for temporary files.
</p>
<h5>Description</h5>
<p>
</p><p>
Make the specified type usable for temporary files.
This will also make the type usable for files, making
calls to files_type() redundant. Failure to use this interface
for a temporary file may result in problems with
purging temporary files.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>files_tmp_filetrans()</p></li><p>
</p></ul><p>
</p><p>
Example usage with a domain that can create and
write its temporary file in the system temporary file
directories (/tmp or /var/tmp):
</p><p>
</p><p>
type mytmpfile_t;
files_tmp_file(mytmpfile_t)
allow mydomain_t mytmpfile_t:file { create_file_perms write_file_perms };
files_tmp_filetrans(mydomain_t, mytmpfile_t, file)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
file_type
</td><td>
<p>
Type of the file to be used as a
temporary file.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_tmp_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_tmp_filetrans</b>(
domain
,
private type
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create an object in the tmp directories, with a private
type using a type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_tmpfs_file"></a>
<div id="interface">
<div id="codeblock">
<b>files_tmpfs_file</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Transform the type into a file, for use on a
virtual memory filesystem (tmpfs).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
The type to be transformed.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_type"></a>
<div id="interface">
<div id="codeblock">
<b>files_type</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type usable for files
in a filesystem.
</p>
<h5>Description</h5>
<p>
</p><p>
Make the specified type usable for files
in a filesystem. Types used for files that
do not use this interface, or an interface that
calls this one, will have unexpected behaviors
while the system is running. If the type is used
for device nodes (character or block files), then
the dev_node() interface is more appropriate.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>application_domain()</p></li><p>
</p><li><p>application_executable_file()</p></li><p>
</p><li><p>corecmd_executable_file()</p></li><p>
</p><li><p>init_daemon_domain()</p></li><p>
</p><li><p>init_domaion()</p></li><p>
</p><li><p>init_ranged_daemon_domain()</p></li><p>
</p><li><p>init_ranged_domain()</p></li><p>
</p><li><p>init_ranged_system_domain()</p></li><p>
</p><li><p>init_script_file()</p></li><p>
</p><li><p>init_script_domain()</p></li><p>
</p><li><p>init_system_domain()</p></li><p>
</p><li><p>files_config_files()</p></li><p>
</p><li><p>files_lock_file()</p></li><p>
</p><li><p>files_mountpoint()</p></li><p>
</p><li><p>files_pid_file()</p></li><p>
</p><li><p>files_security_file()</p></li><p>
</p><li><p>files_security_mountpoint()</p></li><p>
</p><li><p>files_tmp_file()</p></li><p>
</p><li><p>files_tmpfs_file()</p></li><p>
</p><li><p>logging_log_file()</p></li><p>
</p><li><p>userdom_user_home_content()</p></li><p>
</p></ul><p>
</p><p>
Example:
</p><p>
</p><p>
type myfile_t;
files_type(myfile_t)
allow mydomain_t myfile_t:file read_file_perms;
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
Type to be used for files.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_unconfined"></a>
<div id="interface">
<div id="codeblock">
<b>files_unconfined</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Unconfined access to files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_unmount_all_file_type_fs"></a>
<div id="interface">
<div id="codeblock">
<b>files_unmount_all_file_type_fs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Unmount all filesystems with the type of a file.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_unmount_rootfs"></a>
<div id="interface">
<div id="codeblock">
<b>files_unmount_rootfs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Unmount a rootfs filesystem.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_usr_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_usr_filetrans</b>(
domain
,
file_type
,
object_class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in the /usr directory
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
file_type
</td><td>
<p>
The type of the object to be created
</p>
</td></tr>
<tr><td>
object_class
</td><td>
<p>
The object class.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_var_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_var_filetrans</b>(
domain
,
file_type
,
object_class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in the /var directory
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
file_type
</td><td>
<p>
The type of the object to be created
</p>
</td></tr>
<tr><td>
object_class
</td><td>
<p>
The object class.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_var_lib_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>files_var_lib_filetrans</b>(
domain
,
file_type
,
object_class
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create objects in the /var/lib directory
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
file_type
</td><td>
<p>
The type of the object to be created
</p>
</td></tr>
<tr><td>
object_class
</td><td>
<p>
The object class.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_write_all_mountpoints"></a>
<div id="interface">
<div id="codeblock">
<b>files_write_all_mountpoints</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write all mount points.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_write_generic_pid_pipes"></a>
<div id="interface">
<div id="codeblock">
<b>files_write_generic_pid_pipes</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write named generic process ID pipes
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_write_kernel_modules"></a>
<div id="interface">
<div id="codeblock">
<b>files_write_kernel_modules</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write kernel module files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_write_non_security_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_write_non_security_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow attempts to modify any directory
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to allow
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_files_write_var_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>files_write_var_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow attempts to write to /var.dirs
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>
distrib
>
Fedora
>
13
>
i386
>
media
>
updates
>
by-pkgid
>
b6e83d73630f9ce6548109943a4c0a31
>
files
>
116
