Layer: kernel

Module: ubac

Interfaces

Description:

User-based access control policy

This module is required to be included in all policies.

Interfaces:

ubac_constrained( type )
Summary

Constrain by user-based access control (UBAC).

Description

Constrain the specified type by user-based access control (UBAC). Typically, these are user processes or user files that need to be differentiated by SELinux user. Normally this does not include administrative or privileged programs. For the UBAC rules to be enforced, both the subject (source) type and the object (target) types must be UBAC constrained.

Parameters
Parameter:Description:
type

Type to be constrained by UBAC.

ubac_db_exempt( domain )
Summary

Exempt user-based access control for databases.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_dbus_exempt( domain )
Summary

Exempt user-based access control for dbus.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_fd_exempt( domain )
Summary

Exempt user-based access control for file descriptors.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_file_exempt( domain )
Summary

Exempt user-based access control for files.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_key_exempt( domain )
Summary

Exempt user-based access control for keys.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_process_exempt( domain )
Summary

Exempt user-based access control for processes.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_socket_exempt( domain )
Summary

Exempt user-based access control for sockets.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_sysvipc_exempt( domain )
Summary

Exempt user-based access control for SysV IPC.

Parameters
Parameter:Description:
domain

Domain to be exempted.

ubac_xwin_exempt( domain )
Summary

Exempt user-based access control for X Windows.

Parameters
Parameter:Description:
domain

Domain to be exempted.

Return