Layer: apps

Module: wm

Tunables Interfaces Templates

Description:

X Window Managers.


Tunables:

wm_write_xdg_data
Default value

false

Description

Grant the window manager domains write access to xdg data

Return

Interfaces:

wm_application_domain( target_domain , entry_point , source_domain )
Summary

Create a domain for applications that are launched by the window manager.

Description

Create a domain for applications that are launched by the window manager (implying a domain transition). Typically these are graphical applications that are run interactively.

The types will be made usable as a domain and file, making calls to domain_type() and files_type() redundant.

Parameters
Parameter:Description:
target_domain

Type to be used in the domain transition as the application domain.

entry_point

Type of the program to be used as an entry point to this domain.

source_domain

Type to be used as the source window manager domain.

wm_dontaudit_exec_tmp_files( domain )
Summary

Do not audit attempts to execute files in temporary directories.

Parameters
Parameter:Description:
domain

Domain to not audit.

wm_dontaudit_exec_tmpfs_files( domain )
Summary

Do not audit attempts to execute files in temporary filesystems.

Parameters
Parameter:Description:
domain

Domain to not audit.

wm_exec( domain )
Summary

Execute wm in the caller domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return

Templates:

wm_dbus_chat( role_prefix , domain )
Summary

Send and receive messages from specified wm over dbus.

Parameters
Parameter:Description:
role_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

domain

Domain allowed access.

wm_role_template( role_prefix , user_domain , user_exec_domain , role )
Summary

The role template for the wm module.

Description

This template creates a derived domains which are used for window manager applications.

Parameters
Parameter:Description:
role_prefix

The prefix of the user role (e.g., user is the prefix for user_r).

user_domain

User domain for the role.

user_exec_domain

User exec domain for execute and transition access.

role

Role allowed access

wm_write_pipes( role_prefix , domain )
Summary

Write wm unnamed pipes.

Parameters
Parameter:Description:
role_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

domain

Domain allowed access.

Return