The unconfined domain.
Add an alias type to the unconfined domain. (Deprecated)
Add an alias type to the unconfined domain. (Deprecated)
This is added to support targeted policy. Its use should be limited. It has no effect on the strict policy.
Parameter: | Description: | Optional: |
---|---|---|
domain |
New alias of the unconfined domain. | No |
Create keys for the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send and receive messages from unconfined_t over dbus.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Connect to the the unconfined DBUS for service (acquire_svc).
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send messages to the unconfined domain over dbus.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Make the specified domain unconfined and audit executable memory and executable heap usage.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to make unconfined. | No |
Make the specified domain unconfined.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to make unconfined. | No |
Transition to the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Allow unconfined to execute the specified program in the specified domain.
Allow unconfined to execute the specified program in the specified domain.
This is a interface to support third party modules and its use is not allowed in upstream reference policy.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to execute in. | No |
entry_file |
Domain entry point file. | No |
Do not audit attempts to read unconfined domain unnamed pipes.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Do not audit attempts to read and write unconfined domain unnamed pipes.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to not audit. | No |
Do not audit attempts to read or write unconfined domain tcp sockets.
Do not audit attempts to read or write unconfined domain tcp sockets.
This interface was added due to a broken symptom in ldconfig.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to not audit. | No |
Do not audit attempts to use unconfined ttys and ptys.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to not audit. | No |
Add an alias type to the unconfined execmem program file type. (Deprecated)
Add an alias type to the unconfined execmem program file type. (Deprecated)
This is added to support targeted policy. Its use should be limited. It has no effect on the strict policy.
Parameter: | Description: | Optional: |
---|---|---|
domain |
New alias of the unconfined execmem program type. | No |
Transition to the unconfined_execmem domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read and write to unconfined execmem shared memory.
Parameter: | Description: | Optional: |
---|---|---|
domain |
The type of the process performing this action. | No |
Get the process group of unconfined.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Allow ptrace of unconfined domain
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read unconfined domain unnamed pipes.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Execute specified programs in the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
The type of the process performing this action. | No |
role |
The role to allow the unconfined domain. | No |
terminal |
The type of the terminal allow the unconfined domain to use. | No |
Allow unconfined to execute the specified program in the specified domain. Allow the specified domain the unconfined role and use of unconfined user terminals.
Allow unconfined to execute the specified program in the specified domain. Allow the specified domain the unconfined role and use of unconfined user terminals.
This is a interface to support third party modules and its use is not allowed in upstream reference policy.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to execute in. | No |
entry_file |
Domain entry point file. | No |
Read and write unconfined domain unnamed pipes.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read and write to unconfined shared memory.
Parameter: | Description: | Optional: |
---|---|---|
domain |
The type of the process performing this action. | No |
Allow the specified domain to read/write to unconfined with a unix domain stream sockets.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read/write unconfined tmpfs files.
Read/write unconfined tmpfs files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Allow apps to set rlimits on userdomain
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Transition to the unconfined domain by executing a shell.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send a SIGCHLD signal to the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send generic signals to the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send a SIGNULL signal to the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Connect to the unconfined domain using a unix domain stream socket.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Inherit file descriptors from the unconfined domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
allow attempts to use unconfined ttys and ptys.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain to not audit. | No |