Layer: system

Module: mount

Tunables Interfaces

Description:

Policy for mount.


Tunables:

allow_mount_anyfile
Default value

false

Description

Allow the mount command to mount any directory or file.

Return

Interfaces:

mount_domtrans( domain )
Summary

Execute mount in the mount domain.

Parameters
Parameter:Description:
domain

The type of the process performing this action.

mount_domtrans_unconfined( domain )
Summary

Execute mount in the unconfined mount domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_exec( domain )
Summary

Execute mount in the caller domain.

Parameters
Parameter:Description:
domain

The type of the process performing this action.

mount_run( domain , role , terminal )
Summary

Execute mount in the mount domain, and allow the specified role the mount domain, and use the caller's terminal.

Parameters
Parameter:Description:
domain

The type of the process performing this action.

role

The role to be allowed the mount domain.

terminal

The type of the terminal allow the mount domain to use.

mount_run_unconfined( domain , role , terminal )
Summary

Execute mount in the unconfined mount domain, and allow the specified role the unconfined mount domain, and use the caller's terminal.

Parameters
Parameter:Description:
domain

Domain allowed access.

role

The role to be allowed the unconfined mount domain.

terminal

The type of the terminal allow the unconfined mount domain to use.

mount_send_nfs_client_request( domain )
Summary

Allow the mount domain to send nfs requests for mounting network drives

Description

Allow the mount domain to send nfs requests for mounting network drives

This interface has been deprecated as these rules were a side effect of leaked mount file descriptors. This interface has no effect.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_use_fds( domain )
Summary

Use file descriptors for mount.

Parameters
Parameter:Description:
domain

The type of the process performing this action.

Return