<html> <head> <title> Security Enhanced Linux Reference Policy </title> <style type="text/css" media="all">@import "style.css";</style> </head> <body> <div id="Header">Security Enhanced Linux Reference Policy</div> <div id='Menu'> <a href="admin.html">+ admin</a></br/> <div id='subitem'> </div> <a href="apps.html">+ apps</a></br/> <div id='subitem'> </div> <a href="kernel.html">+ kernel</a></br/> <div id='subitem'> </div> <a href="roles.html">+ roles</a></br/> <div id='subitem'> </div> <a href="services.html">+ services</a></br/> <div id='subitem'> - <a href='services_abrt.html'> abrt</a><br/> - <a href='services_afs.html'> afs</a><br/> - <a href='services_aiccu.html'> aiccu</a><br/> - <a href='services_aide.html'> aide</a><br/> - <a href='services_aisexec.html'> aisexec</a><br/> - <a href='services_amavis.html'> amavis</a><br/> - <a href='services_apache.html'> apache</a><br/> - <a href='services_apcupsd.html'> apcupsd</a><br/> - <a href='services_apm.html'> apm</a><br/> - <a href='services_arpwatch.html'> arpwatch</a><br/> - <a href='services_asterisk.html'> asterisk</a><br/> - <a href='services_audioentropy.html'> audioentropy</a><br/> - <a href='services_automount.html'> automount</a><br/> - <a href='services_avahi.html'> avahi</a><br/> - <a href='services_bind.html'> bind</a><br/> - <a href='services_bitlbee.html'> bitlbee</a><br/> - <a href='services_bluetooth.html'> bluetooth</a><br/> - <a href='services_boinc.html'> boinc</a><br/> - <a href='services_bugzilla.html'> bugzilla</a><br/> - <a href='services_cachefilesd.html'> cachefilesd</a><br/> - <a href='services_canna.html'> canna</a><br/> - <a href='services_ccs.html'> ccs</a><br/> - <a href='services_certmaster.html'> certmaster</a><br/> - <a href='services_certmonger.html'> certmonger</a><br/> - <a href='services_cgroup.html'> cgroup</a><br/> - <a href='services_chronyd.html'> chronyd</a><br/> - <a href='services_cipe.html'> cipe</a><br/> - <a href='services_clamav.html'> clamav</a><br/> - <a href='services_clockspeed.html'> clockspeed</a><br/> - <a href='services_clogd.html'> clogd</a><br/> - <a href='services_cmirrord.html'> cmirrord</a><br/> - <a href='services_cobbler.html'> cobbler</a><br/> - <a href='services_comsat.html'> comsat</a><br/> - <a href='services_consolekit.html'> consolekit</a><br/> - <a href='services_corosync.html'> corosync</a><br/> - <a href='services_courier.html'> courier</a><br/> - <a href='services_cpucontrol.html'> cpucontrol</a><br/> - <a href='services_cron.html'> cron</a><br/> - <a href='services_cups.html'> cups</a><br/> - <a href='services_cvs.html'> cvs</a><br/> - <a href='services_cyphesis.html'> cyphesis</a><br/> - <a href='services_cyrus.html'> cyrus</a><br/> - <a href='services_dante.html'> dante</a><br/> - <a href='services_dbskk.html'> dbskk</a><br/> - <a href='services_dbus.html'> dbus</a><br/> - <a href='services_dcc.html'> dcc</a><br/> - <a href='services_ddclient.html'> ddclient</a><br/> - <a href='services_denyhosts.html'> denyhosts</a><br/> - <a href='services_devicekit.html'> devicekit</a><br/> - <a href='services_dhcp.html'> dhcp</a><br/> - <a href='services_dictd.html'> dictd</a><br/> - <a href='services_dirsrv.html'> dirsrv</a><br/> - <a href='services_dirsrv-admin.html'> dirsrv-admin</a><br/> - <a href='services_distcc.html'> distcc</a><br/> - <a href='services_djbdns.html'> djbdns</a><br/> - <a href='services_dkim.html'> dkim</a><br/> - <a href='services_dnsmasq.html'> dnsmasq</a><br/> - <a href='services_dovecot.html'> dovecot</a><br/> - <a href='services_exim.html'> exim</a><br/> - <a href='services_fail2ban.html'> fail2ban</a><br/> - <a href='services_fetchmail.html'> fetchmail</a><br/> - <a href='services_finger.html'> finger</a><br/> - <a href='services_fprintd.html'> fprintd</a><br/> - <a href='services_ftp.html'> ftp</a><br/> - <a href='services_gatekeeper.html'> gatekeeper</a><br/> - <a href='services_git.html'> git</a><br/> - <a href='services_gnomeclock.html'> gnomeclock</a><br/> - <a href='services_gpm.html'> gpm</a><br/> - <a href='services_gpsd.html'> gpsd</a><br/> - <a href='services_hal.html'> hal</a><br/> - <a href='services_hddtemp.html'> hddtemp</a><br/> - <a href='services_howl.html'> howl</a><br/> - <a href='services_i18n_input.html'> i18n_input</a><br/> - <a href='services_icecast.html'> icecast</a><br/> - <a href='services_ifplugd.html'> ifplugd</a><br/> - <a href='services_imaze.html'> imaze</a><br/> - <a href='services_inetd.html'> inetd</a><br/> - <a href='services_inn.html'> inn</a><br/> - <a href='services_ircd.html'> ircd</a><br/> - <a href='services_irqbalance.html'> irqbalance</a><br/> - <a href='services_jabber.html'> jabber</a><br/> - <a href='services_kerberos.html'> kerberos</a><br/> - <a href='services_kerneloops.html'> kerneloops</a><br/> - <a href='services_ksmtuned.html'> ksmtuned</a><br/> - <a href='services_ktalk.html'> ktalk</a><br/> - <a href='services_ldap.html'> ldap</a><br/> - <a href='services_likewise.html'> likewise</a><br/> - <a href='services_lircd.html'> lircd</a><br/> - <a href='services_lpd.html'> lpd</a><br/> - <a href='services_mailman.html'> mailman</a><br/> - <a href='services_matahari.html'> matahari</a><br/> - <a href='services_memcached.html'> memcached</a><br/> - <a href='services_milter.html'> milter</a><br/> - <a href='services_modemmanager.html'> modemmanager</a><br/> - <a href='services_monop.html'> monop</a><br/> - <a href='services_mpd.html'> mpd</a><br/> - <a href='services_mta.html'> mta</a><br/> - <a href='services_munin.html'> munin</a><br/> - <a href='services_mysql.html'> mysql</a><br/> - <a href='services_nagios.html'> nagios</a><br/> - <a href='services_nessus.html'> nessus</a><br/> - <a href='services_networkmanager.html'> networkmanager</a><br/> - <a href='services_nis.html'> nis</a><br/> - <a href='services_nscd.html'> nscd</a><br/> - <a href='services_nsd.html'> nsd</a><br/> - <a href='services_nslcd.html'> nslcd</a><br/> - <a href='services_ntop.html'> ntop</a><br/> - <a href='services_ntp.html'> ntp</a><br/> - <a href='services_nut.html'> nut</a><br/> - <a href='services_nx.html'> nx</a><br/> - <a href='services_oav.html'> oav</a><br/> - <a href='services_oddjob.html'> oddjob</a><br/> - <a href='services_oident.html'> oident</a><br/> - <a href='services_openca.html'> openca</a><br/> - <a href='services_openct.html'> openct</a><br/> - <a href='services_openvpn.html'> openvpn</a><br/> - <a href='services_pads.html'> pads</a><br/> - <a href='services_passenger.html'> passenger</a><br/> - <a href='services_pcscd.html'> pcscd</a><br/> - <a href='services_pegasus.html'> pegasus</a><br/> - <a href='services_perdition.html'> perdition</a><br/> - <a href='services_pingd.html'> pingd</a><br/> - <a href='services_piranha.html'> piranha</a><br/> - <a href='services_plymouthd.html'> plymouthd</a><br/> - <a href='services_policykit.html'> policykit</a><br/> - <a href='services_portmap.html'> portmap</a><br/> - <a href='services_portreserve.html'> portreserve</a><br/> - <a href='services_portslave.html'> portslave</a><br/> - <a href='services_postfix.html'> postfix</a><br/> - <a href='services_postfixpolicyd.html'> postfixpolicyd</a><br/> - <a href='services_postgresql.html'> postgresql</a><br/> - <a href='services_postgrey.html'> postgrey</a><br/> - <a href='services_ppp.html'> ppp</a><br/> - <a href='services_prelude.html'> prelude</a><br/> - <a href='services_privoxy.html'> privoxy</a><br/> - <a href='services_procmail.html'> procmail</a><br/> - <a href='services_psad.html'> psad</a><br/> - <a href='services_publicfile.html'> publicfile</a><br/> - <a href='services_puppet.html'> puppet</a><br/> - <a href='services_pxe.html'> pxe</a><br/> - <a href='services_pyicqt.html'> pyicqt</a><br/> - <a href='services_pyzor.html'> pyzor</a><br/> - <a href='services_qmail.html'> qmail</a><br/> - <a href='services_qpidd.html'> qpidd</a><br/> - <a href='services_radius.html'> radius</a><br/> - <a href='services_radvd.html'> radvd</a><br/> - <a href='services_razor.html'> razor</a><br/> - <a href='services_rdisc.html'> rdisc</a><br/> - <a href='services_remotelogin.html'> remotelogin</a><br/> - <a href='services_resmgr.html'> resmgr</a><br/> - <a href='services_rgmanager.html'> rgmanager</a><br/> - <a href='services_rhcs.html'> rhcs</a><br/> - <a href='services_rhgb.html'> rhgb</a><br/> - <a href='services_ricci.html'> ricci</a><br/> - <a href='services_rlogin.html'> rlogin</a><br/> - <a href='services_roundup.html'> roundup</a><br/> - <a href='services_rpc.html'> rpc</a><br/> - <a href='services_rpcbind.html'> rpcbind</a><br/> - <a href='services_rshd.html'> rshd</a><br/> - <a href='services_rsync.html'> rsync</a><br/> - <a href='services_rtkit.html'> rtkit</a><br/> - <a href='services_rwho.html'> rwho</a><br/> - <a href='services_samba.html'> samba</a><br/> - <a href='services_sasl.html'> sasl</a><br/> - <a href='services_sendmail.html'> sendmail</a><br/> - <a href='services_setroubleshoot.html'> setroubleshoot</a><br/> - <a href='services_slrnpull.html'> slrnpull</a><br/> - <a href='services_smartmon.html'> smartmon</a><br/> - <a href='services_smokeping.html'> smokeping</a><br/> - <a href='services_snmp.html'> snmp</a><br/> - <a href='services_snort.html'> snort</a><br/> - <a href='services_soundserver.html'> soundserver</a><br/> - <a href='services_spamassassin.html'> spamassassin</a><br/> - <a href='services_speedtouch.html'> speedtouch</a><br/> - <a href='services_squid.html'> squid</a><br/> - <a href='services_ssh.html'> ssh</a><br/> - <a href='services_sssd.html'> sssd</a><br/> - <a href='services_stunnel.html'> stunnel</a><br/> - <a href='services_sysstat.html'> sysstat</a><br/> - <a href='services_tcpd.html'> tcpd</a><br/> - <a href='services_telnet.html'> telnet</a><br/> - <a href='services_tftp.html'> tftp</a><br/> - <a href='services_tgtd.html'> tgtd</a><br/> - <a href='services_timidity.html'> timidity</a><br/> - <a href='services_tor.html'> tor</a><br/> - <a href='services_transproxy.html'> transproxy</a><br/> - <a href='services_tuned.html'> tuned</a><br/> - <a href='services_ucspitcp.html'> ucspitcp</a><br/> - <a href='services_ulogd.html'> ulogd</a><br/> - <a href='services_uptime.html'> uptime</a><br/> - <a href='services_usbmuxd.html'> usbmuxd</a><br/> - <a href='services_uucp.html'> uucp</a><br/> - <a href='services_uwimap.html'> uwimap</a><br/> - <a href='services_varnishd.html'> varnishd</a><br/> - <a href='services_vdagent.html'> vdagent</a><br/> - <a href='services_vhostmd.html'> vhostmd</a><br/> - <a href='services_virt.html'> virt</a><br/> - <a href='services_w3c.html'> w3c</a><br/> - <a href='services_watchdog.html'> watchdog</a><br/> - <a href='services_xfs.html'> xfs</a><br/> - <a href='services_xprint.html'> xprint</a><br/> - <a href='services_xserver.html'> xserver</a><br/> - <a href='services_zabbix.html'> zabbix</a><br/> - <a href='services_zebra.html'> zebra</a><br/> - <a href='services_zosremote.html'> zosremote</a><br/> </div> <a href="system.html">+ system</a></br/> <div id='subitem'> </div> <br/><p/> <a href="global_booleans.html">* Global Booleans </a> <br/><p/> <a href="global_tunables.html">* Global Tunables </a> <p/><br/><p/> <a href="index.html">* Layer Index</a> <br/><p/> <a href="booleans.html">* Boolean Index</a> <br/><p/> <a href="tunables.html">* Tunable Index</a> <br/><p/> <a href="interfaces.html">* Interface Index</a> <br/><p/> <a href="templates.html">* Template Index</a> </div> <div id="Content"> <a name="top":></a> <h1>Layer: services</h1><p/> <h2>Module: xserver</h2><p/> <a href=#tunables>Tunables</a> <a href=#interfaces>Interfaces</a> <a href=#templates>Templates</a> <h3>Description:</h3> <p><p>X Windows Server</p></p> <hr> <a name="tunables"></a> <h3>Tunables: </h3> <a name="link_allow_write_xshm"></a> <div id="interface"> <div id="codeblock">allow_write_xshm</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allows clients to write to the X server shared memory segments. </p><p> </p> </div></div> <a name="link_allow_xserver_execmem"></a> <div id="interface"> <div id="codeblock">allow_xserver_execmem</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allows XServer to execute writable memory </p><p> </p> </div></div> <a name="link_user_direct_dri"></a> <div id="interface"> <div id="codeblock">user_direct_dri</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allow regular users direct dri device access </p><p> </p> </div></div> <a name="link_xdm_exec_bootloader"></a> <div id="interface"> <div id="codeblock">xdm_exec_bootloader</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allows xdm to execute bootloader </p><p> </p> </div></div> <a name="link_xdm_sysadm_login"></a> <div id="interface"> <div id="codeblock">xdm_sysadm_login</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Allow xdm logins as sysadm </p><p> </p> </div></div> <a name="link_xserver_object_manager"></a> <div id="interface"> <div id="codeblock">xserver_object_manager</div> <div id="description"> <h5>Default value</h5> <p>false</p> <h5>Description</h5> <p> </p><p> Support X userspace object manager </p><p> </p> </div></div> <a href=#top>Return</a> <a name="interfaces"></a> <h3>Interfaces: </h3> <a name="link_xserver_append_xdm_home_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_append_xdm_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> append to .xsession-errors file </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_create_xdm_tmp_sockets"></a> <div id="interface"> <div id="codeblock"> <b>xserver_create_xdm_tmp_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a named socket in a XDM temporary directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dbus_chat_xdm"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dbus_chat_xdm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Send and receive messages from xdm over dbus. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_delete_log"></a> <div id="interface"> <div id="codeblock"> <b>xserver_delete_log</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write the X server log files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>xserver_domtrans</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute the X server in the X server domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_domtrans_xauth"></a> <div id="interface"> <div id="codeblock"> <b>xserver_domtrans_xauth</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Transition to the Xauthority domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_append_xdm_home_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_append_xdm_home_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit append to .xsession-errors file </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_exec_xauth"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_exec_xauth</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit exec of Xauthority program. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_getattr_xdm_tmp_sockets"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_getattr_xdm_tmp_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> dontaudit getattr xdm temporary named sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_read_xdm_pid"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_read_xdm_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit Read XDM pid files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_read_xdm_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_read_xdm_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read xdm temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_rw_stream_sockets"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_rw_stream_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write X server unix domain stream sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_rw_tcp_sockets"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_rw_tcp_sockets</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write to X server sockets. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_rw_xdm_pipes"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_rw_xdm_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to read and write XDM unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_stream_connect"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_stream_connect</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Dontaudit attempts to connect to xserver over an unix stream socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_use_xdm_fds"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_use_xdm_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to inherit XDM file descriptors. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit. </p> </td></tr> </table> </div> </div> <a name="link_xserver_dontaudit_write_log"></a> <div id="interface"> <div id="codeblock"> <b>xserver_dontaudit_write_log</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Do not audit attempts to write the X server log files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_entry_type"></a> <div id="interface"> <div id="codeblock"> <b>xserver_entry_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make an X executable an entrypoint for the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The domain for which the shell is an entrypoint. </p> </td></tr> </table> </div> </div> <a name="link_xserver_exec_pid"></a> <div id="interface"> <div id="codeblock"> <b>xserver_exec_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute xserver files created in /var/run </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_getattr_log"></a> <div id="interface"> <div id="codeblock"> <b>xserver_getattr_log</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Get the attributes of X server logs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_kill"></a> <div id="interface"> <div id="codeblock"> <b>xserver_kill</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Kill X servers </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_manage_core_devices"></a> <div id="interface"> <div id="codeblock"> <b>xserver_manage_core_devices</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Interface to provide X object permissions on a given X server to an X client domain. Gives the domain permission to read the virtual core keyboard and virtual core pointer devices. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_manage_home_fonts"></a> <div id="interface"> <div id="codeblock"> <b>xserver_manage_home_fonts</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user homedir fonts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_manage_xdm_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_manage_xdm_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage xdm config files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_manage_xdm_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_manage_xdm_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create, read, write, and delete xdm temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_non_drawing_client"></a> <div id="interface"> <div id="codeblock"> <b>xserver_non_drawing_client</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create non-drawing client sessions on an X server. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_pid"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read xserver files created in /var/run </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read X server temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_user_xauth"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_user_xauth</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all users .Xauthority. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_xdm_etc_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_xdm_etc_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read xdm config files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_xdm_lib_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_xdm_lib_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read XDM var lib files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_xdm_pid"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_xdm_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read XDM pid files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_xdm_rw_config"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_xdm_rw_config</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read xdm-writable configuration files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_xdm_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_xdm_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read xdm temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_xkb_libs"></a> <div id="interface"> <div id="codeblock"> <b>xserver_read_xkb_libs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read X keyboard extension libraries. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_restricted_role"></a> <div id="interface"> <div id="codeblock"> <b>xserver_restricted_role</b>( role , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Rules required for using the X Windows server and environment, for restricted users. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_ro_session"></a> <div id="interface"> <div id="codeblock"> <b>xserver_ro_session</b>( domain , tmpfs_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create sessions on the X server, with read-only access to the X server shared memory segments. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> tmpfs_type </td><td> <p> The type of the domain SYSV tmpfs files. </p> </td></tr> </table> </div> </div> <a name="link_xserver_role"></a> <div id="interface"> <div id="codeblock"> <b>xserver_role</b>( role , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Rules required for using the X Windows server and environment. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> role </td><td> <p> Role allowed access. </p> </td></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_run"></a> <div id="interface"> <div id="codeblock"> <b>xserver_run</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute xsever in the xserver domain, and allow the specified role the xserver domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The type of the process performing this action. </p> </td></tr> <tr><td> role </td><td> <p> The role to be allowed the xserver domain. </p> </td></tr> </table> </div> </div> <a name="link_xserver_run_xauth"></a> <div id="interface"> <div id="codeblock"> <b>xserver_run_xauth</b>( domain , role )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute xsever in the xserver domain, and allow the specified role the xserver domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The type of the process performing this action. </p> </td></tr> <tr><td> role </td><td> <p> The role to be allowed the xserver domain. </p> </td></tr> </table> </div> </div> <a name="link_xserver_rw_console"></a> <div id="interface"> <div id="codeblock"> <b>xserver_rw_console</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write the X windows console named pipe. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_rw_inherited_user_fonts"></a> <div id="interface"> <div id="codeblock"> <b>xserver_rw_inherited_user_fonts</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user homedir fonts. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_rw_session"></a> <div id="interface"> <div id="codeblock"> <b>xserver_rw_session</b>( domain , tmpfs_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create sessions on the X server, with read and write access to the X server shared memory segments. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> tmpfs_type </td><td> <p> The type of the domain SYSV tmpfs files. </p> </td></tr> </table> </div> </div> <a name="link_xserver_rw_shm"></a> <div id="interface"> <div id="codeblock"> <b>xserver_rw_shm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write X server Sys V Shared memory segments. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_rw_xdm_pipes"></a> <div id="interface"> <div id="codeblock"> <b>xserver_rw_xdm_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read and write XDM unnamed pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_rw_xdm_tmp_files"></a> <div id="interface"> <div id="codeblock"> <b>xserver_rw_xdm_tmp_files</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read write xdm temporary files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_search_xdm_lib"></a> <div id="interface"> <div id="codeblock"> <b>xserver_search_xdm_lib</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Search XDM var lib dirs. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_setattr_console_pipes"></a> <div id="interface"> <div id="codeblock"> <b>xserver_setattr_console_pipes</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of the X windows console named pipes. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_setattr_xdm_tmp_dirs"></a> <div id="interface"> <div id="codeblock"> <b>xserver_setattr_xdm_tmp_dirs</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Set the attributes of XDM temporary directories. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_signal"></a> <div id="interface"> <div id="codeblock"> <b>xserver_signal</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Signal X servers </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_stream_connect"></a> <div id="interface"> <div id="codeblock"> <b>xserver_stream_connect</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Connect to the X server over a unix domain stream socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_stream_connect_xdm"></a> <div id="interface"> <div id="codeblock"> <b>xserver_stream_connect_xdm</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Connect to XDM over a unix domain stream socket. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_unconfined"></a> <div id="interface"> <div id="codeblock"> <b>xserver_unconfined</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Interface to provide X object permissions on a given X server to an X client domain. Gives the domain complete control over the display. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_use_all_users_fonts"></a> <div id="interface"> <div id="codeblock"> <b>xserver_use_all_users_fonts</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read all users fonts, user font configurations, and manage all users font caches. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_use_user_fonts"></a> <div id="interface"> <div id="codeblock"> <b>xserver_use_user_fonts</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read user fonts, user font configuration, and manage the user font cache. </p> <h5>Description</h5> <p> </p><p> Read user fonts, user font configuration, and manage the user font cache. </p><p> </p><p> This is a templated interface, and should only be called from a per-userdomain template. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_use_xdm_fds"></a> <div id="interface"> <div id="codeblock"> <b>xserver_use_xdm_fds</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Use file descriptors for xdm. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_user_client"></a> <div id="interface"> <div id="codeblock"> <b>xserver_user_client</b>( domain , tmpfs_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create full client sessions on a user X server. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> tmpfs_type </td><td> <p> The type of the domain SYSV tmpfs files. </p> </td></tr> </table> </div> </div> <a name="link_xserver_user_home_dir_filetrans_user_xauth"></a> <div id="interface"> <div id="codeblock"> <b>xserver_user_home_dir_filetrans_user_xauth</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Create a Xauthority file in the user home directory. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_write_pid"></a> <div id="interface"> <div id="codeblock"> <b>xserver_write_pid</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Write xserver files created in /var/run </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_xdm_append_log"></a> <div id="interface"> <div id="codeblock"> <b>xserver_xdm_append_log</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Allow append the xdm log files. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain to not audit </p> </td></tr> </table> </div> </div> <a name="link_xserver_xdm_manage_spool"></a> <div id="interface"> <div id="codeblock"> <b>xserver_xdm_manage_spool</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Manage the xdm_spool files </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_xsession_entry_type"></a> <div id="interface"> <div id="codeblock"> <b>xserver_xsession_entry_type</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Make an X session script an entrypoint for the specified domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> The domain for which the shell is an entrypoint. </p> </td></tr> </table> </div> </div> <a name="link_xserver_xsession_spec_domtrans"></a> <div id="interface"> <div id="codeblock"> <b>xserver_xsession_spec_domtrans</b>( domain , target_domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Execute an X session in the target domain. This is an explicit transition, requiring the caller to use setexeccon(). </p> <h5>Description</h5> <p> </p><p> Execute an Xsession in the target domain. This is an explicit transition, requiring the caller to use setexeccon(). </p><p> </p><p> No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module. </p><p> </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> <tr><td> target_domain </td><td> <p> The type of the shell process. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> <a name="templates"></a> <h3>Templates: </h3> <a name="link_xserver_common_x_domain_template"></a> <div id="template"> <div id="codeblock"> <b>xserver_common_x_domain_template</b>( prefix , domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Interface to provide X object permissions on a given X server to an X client domain. Provides the minimal set required by a basic X client application. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> prefix </td><td> <p> The prefix of the X client domain (e.g., user is the prefix for user_t). </p> </td></tr> <tr><td> domain </td><td> <p> Client domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_object_types_template"></a> <div id="template"> <div id="codeblock"> <b>xserver_object_types_template</b>( prefix )<br> </div> <div id="description"> <h5>Summary</h5> <p> Template for creating the set of types used in an X windows domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> prefix </td><td> <p> The prefix of the X client domain (e.g., user is the prefix for user_t). </p> </td></tr> </table> </div> </div> <a name="link_xserver_read_user_iceauth"></a> <div id="template"> <div id="codeblock"> <b>xserver_read_user_iceauth</b>( domain )<br> </div> <div id="description"> <h5>Summary</h5> <p> Read a user Iceauthority domain. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> domain </td><td> <p> Domain allowed access. </p> </td></tr> </table> </div> </div> <a name="link_xserver_user_x_domain_template"></a> <div id="template"> <div id="codeblock"> <b>xserver_user_x_domain_template</b>( prefix , domain , tmpfs_type )<br> </div> <div id="description"> <h5>Summary</h5> <p> Interface to provide X object permissions on a given X server to an X client domain. Provides the minimal set required by a basic X client application. </p> <h5>Parameters</h5> <table border="1" cellspacing="0" cellpadding="3" width="65%"> <tr><th >Parameter:</th><th >Description:</th></tr> <tr><td> prefix </td><td> <p> The prefix of the X client domain (e.g., user is the prefix for user_t). </p> </td></tr> <tr><td> domain </td><td> <p> Client domain allowed access. </p> </td></tr> <tr><td> tmpfs_type </td><td> <p> The type of the domain SYSV tmpfs files. </p> </td></tr> </table> </div> </div> <a href=#top>Return</a> </div> </body> </html>