<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> - <a href='services_abrt.html'> abrt</a><br/> - <a href='services_afs.html'> afs</a><br/> - <a href='services_aiccu.html'> aiccu</a><br/> - <a href='services_aide.html'> aide</a><br/> - <a href='services_aisexec.html'> aisexec</a><br/> - <a href='services_amavis.html'> amavis</a><br/> - <a href='services_apache.html'> apache</a><br/> - <a href='services_apcupsd.html'> apcupsd</a><br/> - <a href='services_apm.html'> apm</a><br/> - <a href='services_arpwatch.html'> arpwatch</a><br/> - <a href='services_asterisk.html'> asterisk</a><br/> - <a href='services_audioentropy.html'> audioentropy</a><br/> - <a href='services_automount.html'> automount</a><br/> - <a href='services_avahi.html'> avahi</a><br/> - <a href='services_bind.html'> bind</a><br/> - <a href='services_bitlbee.html'> bitlbee</a><br/> - <a href='services_bluetooth.html'> bluetooth</a><br/> - <a href='services_boinc.html'> boinc</a><br/> - <a href='services_bugzilla.html'> bugzilla</a><br/> - <a href='services_cachefilesd.html'> cachefilesd</a><br/> - <a href='services_canna.html'> canna</a><br/> - <a href='services_ccs.html'> ccs</a><br/> - <a href='services_certmaster.html'> certmaster</a><br/> - <a href='services_certmonger.html'> certmonger</a><br/> - <a href='services_cgroup.html'> cgroup</a><br/> - <a href='services_chronyd.html'> chronyd</a><br/> - <a href='services_cipe.html'> cipe</a><br/> - <a href='services_clamav.html'> clamav</a><br/> - <a href='services_clockspeed.html'> clockspeed</a><br/> - <a href='services_clogd.html'> clogd</a><br/> - <a href='services_cmirrord.html'> cmirrord</a><br/> - <a href='services_cobbler.html'> cobbler</a><br/> - <a href='services_comsat.html'> comsat</a><br/> - <a href='services_consolekit.html'> consolekit</a><br/> - <a href='services_corosync.html'> corosync</a><br/> - <a href='services_courier.html'> courier</a><br/> - <a href='services_cpucontrol.html'> cpucontrol</a><br/> - <a href='services_cron.html'> cron</a><br/> - <a href='services_cups.html'> cups</a><br/> - <a href='services_cvs.html'> cvs</a><br/> - <a href='services_cyphesis.html'> cyphesis</a><br/> - <a href='services_cyrus.html'> cyrus</a><br/> - <a href='services_dante.html'> dante</a><br/> - <a href='services_dbskk.html'> dbskk</a><br/> - <a href='services_dbus.html'> dbus</a><br/> - <a href='services_dcc.html'> dcc</a><br/> - <a href='services_ddclient.html'> ddclient</a><br/> - <a href='services_denyhosts.html'> denyhosts</a><br/> - <a href='services_devicekit.html'> devicekit</a><br/> - <a href='services_dhcp.html'> dhcp</a><br/> - <a href='services_dictd.html'> dictd</a><br/> - <a href='services_dirsrv.html'> dirsrv</a><br/> - <a href='services_dirsrv-admin.html'> dirsrv-admin</a><br/> - <a href='services_distcc.html'> distcc</a><br/> - <a href='services_djbdns.html'> djbdns</a><br/> - <a href='services_dkim.html'> dkim</a><br/> - <a href='services_dnsmasq.html'> dnsmasq</a><br/> - <a href='services_dovecot.html'> dovecot</a><br/> - <a href='services_exim.html'> exim</a><br/> - <a href='services_fail2ban.html'> fail2ban</a><br/> - <a href='services_fetchmail.html'> fetchmail</a><br/> - <a href='services_finger.html'> finger</a><br/> - <a href='services_fprintd.html'> fprintd</a><br/> - <a href='services_ftp.html'> ftp</a><br/> - <a href='services_gatekeeper.html'> gatekeeper</a><br/> - <a href='services_git.html'> git</a><br/> - <a href='services_gnomeclock.html'> gnomeclock</a><br/> - <a href='services_gpm.html'> gpm</a><br/> - <a href='services_gpsd.html'> gpsd</a><br/> - <a href='services_hal.html'> hal</a><br/> - <a href='services_hddtemp.html'> hddtemp</a><br/> - <a href='services_howl.html'> howl</a><br/> - <a href='services_i18n_input.html'> i18n_input</a><br/> - <a href='services_icecast.html'> icecast</a><br/> - <a href='services_ifplugd.html'> ifplugd</a><br/> - <a href='services_imaze.html'> imaze</a><br/> - <a href='services_inetd.html'> inetd</a><br/> - <a href='services_inn.html'> inn</a><br/> - <a href='services_ircd.html'> ircd</a><br/> - <a href='services_irqbalance.html'> irqbalance</a><br/> - <a href='services_jabber.html'> jabber</a><br/> - <a href='services_kerberos.html'> kerberos</a><br/> - <a href='services_kerneloops.html'> kerneloops</a><br/> - <a href='services_ksmtuned.html'> ksmtuned</a><br/> - <a href='services_ktalk.html'> ktalk</a><br/> - <a href='services_ldap.html'> ldap</a><br/> - <a href='services_likewise.html'> likewise</a><br/> - <a href='services_lircd.html'> lircd</a><br/> - <a href='services_lpd.html'> lpd</a><br/> - <a href='services_mailman.html'> mailman</a><br/> - <a href='services_matahari.html'> matahari</a><br/> - <a href='services_memcached.html'> memcached</a><br/> - <a href='services_milter.html'> milter</a><br/> - <a href='services_modemmanager.html'> modemmanager</a><br/> - <a href='services_monop.html'> monop</a><br/> - <a href='services_mpd.html'> mpd</a><br/> - <a href='services_mta.html'> mta</a><br/> - <a href='services_munin.html'> munin</a><br/> - <a href='services_mysql.html'> mysql</a><br/> - <a href='services_nagios.html'> nagios</a><br/> - <a href='services_nessus.html'> nessus</a><br/> - <a href='services_networkmanager.html'> networkmanager</a><br/> - <a href='services_nis.html'> nis</a><br/> - <a href='services_nscd.html'> nscd</a><br/> - <a href='services_nsd.html'> nsd</a><br/> - <a href='services_nslcd.html'> nslcd</a><br/> - <a href='services_ntop.html'> ntop</a><br/> - <a href='services_ntp.html'> ntp</a><br/> - <a href='services_nut.html'> nut</a><br/> - <a href='services_nx.html'> nx</a><br/> - <a href='services_oav.html'> oav</a><br/> - <a href='services_oddjob.html'> oddjob</a><br/> - <a href='services_oident.html'> oident</a><br/> - <a href='services_openca.html'> openca</a><br/> - <a href='services_openct.html'> openct</a><br/> - <a href='services_openvpn.html'> openvpn</a><br/> - <a href='services_pads.html'> pads</a><br/> - <a href='services_passenger.html'> passenger</a><br/> - <a href='services_pcscd.html'> pcscd</a><br/> - <a href='services_pegasus.html'> pegasus</a><br/> - <a href='services_perdition.html'> perdition</a><br/> - <a href='services_pingd.html'> pingd</a><br/> - <a href='services_piranha.html'> piranha</a><br/> - <a href='services_plymouthd.html'> plymouthd</a><br/> - <a href='services_policykit.html'> policykit</a><br/> - <a href='services_portmap.html'> portmap</a><br/> - <a href='services_portreserve.html'> portreserve</a><br/> - <a href='services_portslave.html'> portslave</a><br/> - <a href='services_postfix.html'> postfix</a><br/> - <a href='services_postfixpolicyd.html'> postfixpolicyd</a><br/> - <a href='services_postgresql.html'> postgresql</a><br/> - <a href='services_postgrey.html'> postgrey</a><br/> - <a href='services_ppp.html'> ppp</a><br/> - <a href='services_prelude.html'> prelude</a><br/> - <a href='services_privoxy.html'> privoxy</a><br/> - <a href='services_procmail.html'> procmail</a><br/> - <a href='services_psad.html'> psad</a><br/> - <a href='services_publicfile.html'> publicfile</a><br/> - <a href='services_puppet.html'> puppet</a><br/> - <a href='services_pxe.html'> pxe</a><br/> - <a href='services_pyicqt.html'> pyicqt</a><br/> - <a href='services_pyzor.html'> pyzor</a><br/> - <a href='services_qmail.html'> qmail</a><br/> - <a href='services_qpidd.html'> qpidd</a><br/> - <a href='services_radius.html'> radius</a><br/> - <a href='services_radvd.html'> radvd</a><br/> - <a href='services_razor.html'> razor</a><br/> - <a href='services_rdisc.html'> rdisc</a><br/> - <a href='services_remotelogin.html'> remotelogin</a><br/> - <a href='services_resmgr.html'> resmgr</a><br/> - <a href='services_rgmanager.html'> rgmanager</a><br/> - <a href='services_rhcs.html'> rhcs</a><br/> - <a href='services_rhgb.html'> rhgb</a><br/> - <a href='services_ricci.html'> ricci</a><br/> - <a href='services_rlogin.html'> rlogin</a><br/> - <a href='services_roundup.html'> roundup</a><br/> - <a href='services_rpc.html'> rpc</a><br/> - <a href='services_rpcbind.html'> rpcbind</a><br/> - <a href='services_rshd.html'> rshd</a><br/> - <a href='services_rsync.html'> rsync</a><br/> - <a href='services_rtkit.html'> rtkit</a><br/> - <a href='services_rwho.html'> rwho</a><br/> - <a href='services_samba.html'> samba</a><br/> - <a href='services_sasl.html'> sasl</a><br/> - <a href='services_sendmail.html'> sendmail</a><br/> - <a href='services_setroubleshoot.html'> setroubleshoot</a><br/> - <a href='services_slrnpull.html'> slrnpull</a><br/> - <a href='services_smartmon.html'> smartmon</a><br/> - <a href='services_smokeping.html'> smokeping</a><br/> - <a href='services_snmp.html'> snmp</a><br/> - <a href='services_snort.html'> snort</a><br/> - <a href='services_soundserver.html'> soundserver</a><br/> - <a href='services_spamassassin.html'> spamassassin</a><br/> - <a href='services_speedtouch.html'> speedtouch</a><br/> - <a href='services_squid.html'> squid</a><br/> - <a href='services_ssh.html'> ssh</a><br/> - <a href='services_sssd.html'> sssd</a><br/> - <a href='services_stunnel.html'> stunnel</a><br/> - <a href='services_sysstat.html'> sysstat</a><br/> - <a href='services_tcpd.html'> tcpd</a><br/> - <a href='services_telnet.html'> telnet</a><br/> - <a href='services_tftp.html'> tftp</a><br/> - <a href='services_tgtd.html'> tgtd</a><br/> - <a href='services_timidity.html'> timidity</a><br/> - <a href='services_tor.html'> tor</a><br/> - <a href='services_transproxy.html'> transproxy</a><br/> - <a href='services_tuned.html'> tuned</a><br/> - <a href='services_ucspitcp.html'> ucspitcp</a><br/> - <a href='services_ulogd.html'> ulogd</a><br/> - <a href='services_uptime.html'> uptime</a><br/> - <a href='services_usbmuxd.html'> usbmuxd</a><br/> - <a href='services_uucp.html'> uucp</a><br/> - <a href='services_uwimap.html'> uwimap</a><br/> - <a href='services_varnishd.html'> varnishd</a><br/> - <a href='services_vdagent.html'> vdagent</a><br/> - <a href='services_vhostmd.html'> vhostmd</a><br/> - <a href='services_virt.html'> virt</a><br/> - <a href='services_w3c.html'> w3c</a><br/> - <a href='services_watchdog.html'> watchdog</a><br/> - <a href='services_xfs.html'> xfs</a><br/> - <a href='services_xprint.html'> xprint</a><br/> - <a href='services_xserver.html'> xserver</a><br/> - <a href='services_zabbix.html'> zabbix</a><br/> - <a href='services_zebra.html'> zebra</a><br/> - <a href='services_zosremote.html'> zosremote</a><br/> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: services</h1><p/> <h2>Module: nis</h2><p/> <a href=#interfaces>Interfaces</a> <h3>Description:</h3> <p><p>Policy for NIS (YP) servers and clients</p></p> <hr> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_nis_admin"></a> <div id="interface"> <div id="codeblock"> <b>nis_admin</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> All of the rules required to administrate an nis environment </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_authenticate"></a> <div id="interface"> <div id="codeblock"> <b>nis_authenticate</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use the nis to authenticate passwords </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_delete_ypbind_pid"></a> <div id="interface"> <div id="codeblock"> <b>nis_delete_ypbind_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Delete ypbind pid files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_domtrans_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_domtrans_ypbind</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute ypbind in the ypbind domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_domtrans_ypxfr"></a> <div id="interface"> <div id="codeblock"> <b>nis_domtrans_ypxfr</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute ypxfr in the ypxfr domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_initrc_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>nis_initrc_domtrans</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute nis server in the nis domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_initrc_domtrans_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_initrc_domtrans_ypbind</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute nis server in the nis domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_list_var_yp"></a> <div id="interface"> <div id="codeblock"> <b>nis_list_var_yp</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> List the contents of the NIS data directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_read_ypbind_pid"></a> <div id="interface"> <div id="codeblock"> <b>nis_read_ypbind_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read ypbind pid files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_read_ypserv_config"></a> <div id="interface"> <div id="codeblock"> <b>nis_read_ypserv_config</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read ypserv configuration files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_run_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_run_ypbind</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute ypbind in the ypbind domain, and allow the specified role the ypbind domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> role </td><td> <p> The role to be allowed the ypbind domain. </p> </td></tr> </table> </div> </div> <a name="link_nis_signal_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_signal_ypbind</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send generic signals to ypbind. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_tcp_connect_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_tcp_connect_ypbind</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Connect to ypbind over TCP. (Deprecated) </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_udp_send_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_udp_send_ypbind</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send UDP network traffic to NIS clients. (Deprecated) </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_use_ypbind"></a> <div id="interface"> <div id="codeblock"> <b>nis_use_ypbind</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use the ypbind service to access NIS services. </p> <h5>Description</h5> <p> </p><p> Allow the specified domain to use the ypbind service to access Network Information Service (NIS) services. Information that can be retreived from NIS includes usernames, passwords, home directories, and groups. If the network is configured to have a single sign-on using NIS, it is likely that any program that does authentication will need this access. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_nis_use_ypbind_uncond"></a> <div id="interface"> <div id="codeblock"> <b>nis_use_ypbind_uncond</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use the ypbind service to access NIS services unconditionally. </p> <h5>Description</h5> <p> </p><p> Use the ypbind service to access NIS services unconditionally. </p><p> </p><p> This interface was added because of apache and spamassassin, to fix a nested conditionals problem. When that support is added, this should be removed, and the regular interface should be used. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The type of the process performing this action. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>