Layer: apps

Module: java

Tunables Interfaces Templates

Description:

Java virtual machine

Tunables:

allow_java_execstack

Default value

false

Description

Determine whether java can make its stack executable.

java_manage_all_user_content

Default value

false

Description

Grant the java domains manage rights on all user content

java_manage_generic_user_content

Default value

false

Description

Grant the java domains manage rights on generic user content

java_read_all_user_content

Default value

false

Description

Grant the java domains read access to all user content

java_read_generic_user_content

Default value

true

Description

Grant the java domains read access to generic user content

Return

Interfaces:

java_domtrans(
	
		domain
		
	)

Summary

Execute the java program in the java domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

java_domtrans_unconfined(
	
		domain
		
	)

Summary

Execute the java program in the unconfined java domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

java_exec(
	
		domain
		
	)

Summary

Execute the java program in the callers domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

java_home_filetrans_java_home(
	
		domain
		
			,
		
		object_class
		
			,
		
		name
		
	)

Summary

Create specified objects in user home directories with the generic java home type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object_class	Class of the object being created.
name	The name of the object being created.

java_manage_generic_home_content(
	
		domain
		
	)

Summary

Create, read, write, and delete generic java home content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

java_manage_java_tmp(
	
		domain
		
	)

Summary

Create, read, write, and delete temporary java content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

java_run(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute java in the java domain, and allow the specified role the java domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

java_run_unconfined(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute the java program in the unconfined java domain and allow the specified role the java domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

Return

Templates:

java_role(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

Role access for java.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

java_role_template(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

The role template for the java module.

Description

This template creates a derived domains which are used for java applications.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

Return