Layer: system

Module: libraries

Description:

Policy for system libraries.

Interfaces:

libs_delete_lib_symlinks(
	
		domain
		
	)

Summary

Delete generic symlinks in library directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_domtrans_ldconfig(
	
		domain
		
	)

Summary

Execute ldconfig in the ldconfig domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

libs_dontaudit_manage_lib_dirs(
	
		domain
		
	)

Summary

Do not audit attempts to manage to library directories.

Description

Do not audit attempts to manage to library directories. Typically this is used to quiet attempts to recompile python byte code.

Parameters

Parameter:	Description:
domain	Domain to not audit.

libs_dontaudit_manage_lib_files(
	
		domain
		
	)

Summary

Do not audit attempts to create, read, write, and delete generic files in library directories.

Parameters

Parameter:	Description:
domain	Domain to not audit.

libs_dontaudit_setattr_lib_files(
	
		domain
		
	)

Summary

dontaudit attempts to setattr on library files

Parameters

Parameter:	Description:
domain	Domain to not audit.

libs_dontaudit_write_lib_dirs(
	
		domain
		
	)

Summary

Do not audit attempts to write to library directories.

Description

Do not audit attempts to write to library directories. Typically this is used to quiet attempts to recompile python byte code.

Parameters

Parameter:	Description:
domain	Domain to not audit.

libs_exec_ld_so(
	
		domain
		
	)

Summary

Execute the dynamic link/loader in the caller's domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_exec_ldconfig(
	
		domain
		
	)

Summary

Execute ldconfig in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_exec_lib_files(
	
		domain
		
	)

Summary

Execute library scripts in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_legacy_use_ld_so(
	
		domain
		
	)

Summary

Use the dynamic link/loader for automatic loading of shared libraries with legacy support.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_legacy_use_shared_libs(
	
		domain
		
	)

Summary

Load and execute functions from shared libraries, with legacy support.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_manage_ld_so(
	
		domain
		
	)

Summary

Create, read, write, and delete the dynamic link/loader.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_manage_lib_dirs(
	
		domain
		
	)

Summary

Create, read, write, and delete library directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_manage_lib_files(
	
		domain
		
	)

Summary

Create, read, write, and delete generic files in library directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_manage_shared_libs(
	
		domain
		
	)

Summary

Create, read, write, and delete shared libraries.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_read_lib_files(
	
		domain
		
	)

Summary

Read files in the library directories, such as static libraries.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_relabel_ld_so(
	
		domain
		
	)

Summary

Relabel to and from the type used for the dynamic link/loader.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_relabel_lib_files(
	
		domain
		
	)

Summary

Relabel to and from the type used for generic lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_relabel_shared_libs(
	
		domain
		
	)

Summary

Relabel to and from the type used for shared libraries.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_relabelto_lib_files(
	
		domain
		
	)

Summary

Relabel files to the type used in library directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_run_ldconfig(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute ldconfig in the ldconfig domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	The role to allow the ldconfig domain.

libs_rw_ld_so_cache(
	
		domain
		
	)

Summary

Modify the dynamic link/loader's cached listing of shared libraries.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_search_lib(
	
		domain
		
	)

Summary

Search library directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_use_ld_so(
	
		domain
		
	)

Summary

Use the dynamic link/loader for automatic loading of shared libraries.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_use_shared_libs(
	
		domain
		
	)

Summary

Load and execute functions from shared libraries.

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_watch_lib_dirs(
	
		domain
		
	)

Summary

Watch /usr/lib directories

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_watch_shared_libs_dir(
	
		domain
		
	)

Summary

watch lib dirs

Parameters

Parameter:	Description:
domain	Domain allowed access.

libs_watch_shared_libs_dirs(
	
		domain
		
	)

Summary

watch lib dirs

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return