Appendix C. SELinux Macros Defined in src/policy/macros
Table C-1 describes principal macros defined in the
src/policy/macros
subdirectory. The macros included in the
table are those present in the Fedora Core 2 implementation of
SELinux. Other implementations may define different macros or alter
the operation of macros appearing in the table.
Table C-1. SELinux macros defined in the macros subdirectory
|
Macro |
Description |
|---|---|
admin_domain |
Defines a domain for an administrative user. |
append_logdir_domain |
Authorizes a specified domain to create, read, and append to logfiles within its own specially labeled logging directory. |
append_log_domain |
Authorizes a specified domain to read and append to its own specially labeled logfiles. |
application_domain |
Authorizes a specified domain to perform operations common to simple applications. |
base_file_read_access |
Authorizes a specified domain to read and search several system file types. |
base_pty_perms |
Authorizes a specified domain to access the pty master multiplexer
domain and to search |
base_user_domain |
Defines a domain for a nonadministrative user. |
can_create_other_pty |
Authorizes a specified domain to create new ptys for another specified domain. |
can_create_pty |
Authorizes a specified domain to create new ptys. |
can_exec |
Authorizes a specified domain to execute files having a specified type (domain) without transitioning to a new domain. |
can_exec_any |
Authorizes a specified domain to execute a variety of executable ... |
Get SELinux now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
