This policy supports:
Servers:
kadmind
krb5kdc
Clients:
kinit
kdestroy
klist
ksu (incomplete)
false
Allow confined applications to run with kerberos.
Connect to krb524 service
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
All of the rules required to administrate an kerberos environment
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
role |
The role to be allowed to manage the kerberos domain. |
terminal |
The type of the user terminal. |
Execute a domain transition to run kpropd.
Parameter: | Description: |
---|---|
domain |
Domain allowed to transition. |
Do not audit attempts to write the kerberos configuration file (/etc/krb5.conf).
Parameter: | Description: |
---|---|
domain |
Domain to not audit. |
Execute kpropd server in the kpropd domain.
Parameter: | Description: |
---|---|
domain |
The type of the process performing this action. |
Read the kerberos kdc configuration file (/etc/krb5kdc.conf).
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read the kerberos configuration file (/etc/krb5.conf).
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read the kerberos kdc configuration file (/etc/krb5kdc.conf).
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read the kerberos key table.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read and write the kerberos configuration file (/etc/krb5.conf).
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Execute kerberos server in the kerberos domain.
Parameter: | Description: |
---|---|
domain |
The type of the process performing this action. |
Use kerberos services
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Create a derived type for kerberos keytab
Parameter: | Description: |
---|---|
prefix |
The prefix to be used for deriving type names. |
domain |
Domain allowed access. |