<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+
apps</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+
kernel</a></br/>
<div id='subitem'>
</div>
<a href="roles.html">+
roles</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+
system</a></br/>
<div id='subitem'>
- <a href='system_application.html'>
application</a><br/>
- <a href='system_authlogin.html'>
authlogin</a><br/>
- <a href='system_clock.html'>
clock</a><br/>
- <a href='system_daemontools.html'>
daemontools</a><br/>
- <a href='system_fstools.html'>
fstools</a><br/>
- <a href='system_getty.html'>
getty</a><br/>
- <a href='system_hostname.html'>
hostname</a><br/>
- <a href='system_hotplug.html'>
hotplug</a><br/>
- <a href='system_init.html'>
init</a><br/>
- <a href='system_ipsec.html'>
ipsec</a><br/>
- <a href='system_iptables.html'>
iptables</a><br/>
- <a href='system_iscsi.html'>
iscsi</a><br/>
- <a href='system_kdump.html'>
kdump</a><br/>
- <a href='system_libraries.html'>
libraries</a><br/>
- <a href='system_locallogin.html'>
locallogin</a><br/>
- <a href='system_logging.html'>
logging</a><br/>
- <a href='system_lvm.html'>
lvm</a><br/>
- <a href='system_miscfiles.html'>
miscfiles</a><br/>
- <a href='system_modutils.html'>
modutils</a><br/>
- <a href='system_mount.html'>
mount</a><br/>
- <a href='system_netlabel.html'>
netlabel</a><br/>
- <a href='system_pcmcia.html'>
pcmcia</a><br/>
- <a href='system_raid.html'>
raid</a><br/>
- <a href='system_selinuxutil.html'>
selinuxutil</a><br/>
- <a href='system_setrans.html'>
setrans</a><br/>
- <a href='system_sosreport.html'>
sosreport</a><br/>
- <a href='system_sysnetwork.html'>
sysnetwork</a><br/>
- <a href='system_udev.html'>
udev</a><br/>
- <a href='system_unconfined.html'>
unconfined</a><br/>
- <a href='system_userdomain.html'>
userdomain</a><br/>
- <a href='system_xen.html'>
xen</a><br/>
</div>
<br/><p/>
<a href="global_booleans.html">* Global Booleans </a>
<br/><p/>
<a href="global_tunables.html">* Global Tunables </a>
<p/><br/><p/>
<a href="index.html">* Layer Index</a>
<br/><p/>
<a href="booleans.html">* Boolean Index</a>
<br/><p/>
<a href="tunables.html">* Tunable Index</a>
<br/><p/>
<a href="interfaces.html">* Interface Index</a>
<br/><p/>
<a href="templates.html">* Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: system</h1><p/>
<h2>Module: logging</h2><p/>
<a href=#interfaces>Interfaces</a>
<h3>Description:</h3>
<p><p>Policy for the kernel message logger and system logging daemon.</p></p>
<hr>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_logging_admin"></a>
<div id="interface">
<div id="codeblock">
<b>logging_admin</b>(
domain
,
role
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
All of the rules required to administrate
the logging environment
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
role
</td><td>
<p>
User role allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_admin_audit"></a>
<div id="interface">
<div id="codeblock">
<b>logging_admin_audit</b>(
domain
,
role
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
All of the rules required to administrate
the audit environment
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
role
</td><td>
<p>
User role allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_admin_syslog"></a>
<div id="interface">
<div id="codeblock">
<b>logging_admin_syslog</b>(
domain
,
role
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
All of the rules required to administrate
the syslog environment
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
role
</td><td>
<p>
User role allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_append_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_append_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Append to all log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_check_exec_syslog"></a>
<div id="interface">
<div id="codeblock">
<b>logging_check_exec_syslog</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Check if syslogd is executable.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dispatcher_domain"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dispatcher_domain</b>(
domain
,
entry_point
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create a domain for processes
which can be started by the system audit dispatcher
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Type to be used as a domain.
</p>
</td></tr>
<tr><td>
entry_point
</td><td>
<p>
Type of the program to be used as an entry point to this domain.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_domtrans_auditctl"></a>
<div id="interface">
<div id="codeblock">
<b>logging_domtrans_auditctl</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute auditctl in the auditctl domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_domtrans_auditd"></a>
<div id="interface">
<div id="codeblock">
<b>logging_domtrans_auditd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute auditd in the auditd domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_domtrans_dispatcher"></a>
<div id="interface">
<div id="codeblock">
<b>logging_domtrans_dispatcher</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute a domain transition to run the audit dispatcher.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed to transition.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_domtrans_klog"></a>
<div id="interface">
<div id="codeblock">
<b>logging_domtrans_klog</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute klogd in the klog domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_domtrans_syslog"></a>
<div id="interface">
<div id="codeblock">
<b>logging_domtrans_syslog</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute syslogd in the syslog domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_getattr_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_getattr_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to get the atttributes
of any log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_read_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_read_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit Read all log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_search_audit_config"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_search_audit_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit search of auditd configuration files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_search_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_search_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to search the var log directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain not to audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_send_audit_msgs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_send_audit_msgs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
dontaudit attempts to send audit messages.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_dontaudit_write_generic_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_dontaudit_write_generic_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Dontaudit Write generic log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_exec_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_exec_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute all log files in the caller domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_inherit_append_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_inherit_append_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Append to all log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_list_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_list_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
List the contents of the generic log directory (/var/log).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_log_file"></a>
<div id="interface">
<div id="codeblock">
<b>logging_log_file</b>(
type
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Make the specified type usable for log files
in a filesystem.
</p>
<h5>Description</h5>
<p>
</p><p>
Make the specified type usable for log files in a filesystem.
This will also make the type usable for files, making
calls to files_type() redundant. Failure to use this interface
for a log file type may result in problems with log
rotation, log analysis, and log monitoring programs.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>logging_log_filetrans()</p></li><p>
</p></ul><p>
</p><p>
Example usage with a domain that can create
and append to a private log file stored in the
general directories (e.g., /var/log):
</p><p>
</p><p>
type mylogfile_t;
logging_log_file(mylogfile_t)
allow mydomain_t mylogfile_t:file { create_file_perms append_file_perms };
logging_log_filetrans(mydomain_t, mylogfile_t, file)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
type
</td><td>
<p>
Type to be used for files.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_log_filetrans"></a>
<div id="interface">
<div id="codeblock">
<b>logging_log_filetrans</b>(
domain
,
private type
,
object
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create an object in the log directory, with a private type.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow the specified domain to create an object
in the general system log directories (e.g., /var/log)
with a private type. Typically this is used for creating
private log files in /var/log with the private type instead
of the general system log type. To accomplish this goal,
either the program must be SELinux-aware, or use this interface.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>logging_log_file()</p></li><p>
</p></ul><p>
</p><p>
Example usage with a domain that can create
and append to a private log file stored in the
general directories (e.g., /var/log):
</p><p>
</p><p>
type mylogfile_t;
logging_log_file(mylogfile_t)
allow mydomain_t mylogfile_t:file { create_file_perms append_file_perms };
logging_log_filetrans(mydomain_t, mylogfile_t, file)
</p><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
private type
</td><td>
<p>
The type of the object to be created.
</p>
</td></tr>
<tr><td>
object
</td><td>
<p>
The object class of the object being created.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_manage_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_manage_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete all log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_manage_audit_config"></a>
<div id="interface">
<div id="codeblock">
<b>logging_manage_audit_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage the auditd configuration files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_manage_audit_log"></a>
<div id="interface">
<div id="codeblock">
<b>logging_manage_audit_log</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Manage the audit log.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_manage_generic_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_manage_generic_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete
generic log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_read_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_read_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read all log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_read_audit_config"></a>
<div id="interface">
<div id="codeblock">
<b>logging_read_audit_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the auditd configuration files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_read_audit_log"></a>
<div id="interface">
<div id="codeblock">
<b>logging_read_audit_log</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read the audit log.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_read_generic_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_read_generic_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read generic log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_read_syslog_config"></a>
<div id="interface">
<div id="codeblock">
<b>logging_read_syslog_config</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read syslog configuration files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_run_auditctl"></a>
<div id="interface">
<div id="codeblock">
<b>logging_run_auditctl</b>(
domain
,
role
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute auditctl in the auditctl domain, and
allow the specified role the auditctl domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
role
</td><td>
<p>
The role to be allowed the auditctl domain.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_run_auditd"></a>
<div id="interface">
<div id="codeblock">
<b>logging_run_auditd</b>(
domain
,
role
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Execute auditd in the auditd domain, and
allow the specified role the auditd domain.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
role
</td><td>
<p>
The role to be allowed the auditd domain.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_rw_all_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_rw_all_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
read/write to all log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_rw_generic_log_dirs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_rw_generic_log_dirs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write the generic log directory (/var/log).
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_rw_generic_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_rw_generic_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Read and write generic log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_search_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_search_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allows the domain to open a file in the
log directory, but does not allow the listing
of the contents of the log directory.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_send_audit_msgs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_send_audit_msgs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send audit messages.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_send_syslog_msg"></a>
<div id="interface">
<div id="codeblock">
<b>logging_send_syslog_msg</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Send system log messages.
</p>
<h5>Description</h5>
<p>
</p><p>
Allow the specified domain to connect to the
system log service (syslog), to send messages be added to
the system logs. Typically this is used by services
that do not have their own log file in /var/log.
</p><p>
</p><p>
This does not allow messages to be sent to
the auditing system.
</p><p>
</p><p>
Programs which use the libc function syslog() will
require this access.
</p><p>
</p><p>
Related interfaces:
</p><p>
</p><ul><p>
</p><li><p>logging_send_audit_msgs()</p></li><p>
</p></ul><p>
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_set_audit_parameters"></a>
<div id="interface">
<div id="codeblock">
<b>logging_set_audit_parameters</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set up audit
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_set_loginuid"></a>
<div id="interface">
<div id="codeblock">
<b>logging_set_loginuid</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set login uid
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_set_tty_audit"></a>
<div id="interface">
<div id="codeblock">
<b>logging_set_tty_audit</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set tty auditing
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_signal_dispatcher"></a>
<div id="interface">
<div id="codeblock">
<b>logging_signal_dispatcher</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Signal the audit dispatcher.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed to transition.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_stream_connect_auditd"></a>
<div id="interface">
<div id="codeblock">
<b>logging_stream_connect_auditd</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Connect to auditdstored over an unix stream socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_stream_connect_dispatcher"></a>
<div id="interface">
<div id="codeblock">
<b>logging_stream_connect_dispatcher</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Connect to the audit dispatcher over an unix stream socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_stream_connect_syslog"></a>
<div id="interface">
<div id="codeblock">
<b>logging_stream_connect_syslog</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Connect to the syslog control unix stream socket.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_logging_write_generic_logs"></a>
<div id="interface">
<div id="codeblock">
<b>logging_write_generic_logs</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Write generic log files.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>
distrib
>
Fedora
>
13
>
i386
>
media
>
updates
>
by-pkgid
>
b6e83d73630f9ce6548109943a4c0a31
>
files
>
360
