Layer: services

Module: cron

Tunables Interfaces Templates

Description:

Periodic execution of scheduled commands.

Tunables:

cron_can_relabel

Default value

false

Description

Determine whether system cron jobs can relabel filesystem for restoring file contexts.

Return

Interfaces:

cron_admin(
	
		domain
		
			,
		
		role
		
	)

Summary

All of the rules required to administrate a cron environment.

Parameters

Parameter:	Description:
domain	Domain allowed access.
role	Role allowed access.

cron_admin_role(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

Role access for admin cron.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

cron_anacron_domtrans_system_job(
	
		domain
		
	)

Summary

Execute anacron in the cron system domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_append_system_job_tmp_files(
	
		domain
		
	)

Summary

allow appending temporary system cron job files.

Parameters

Parameter:	Description:
domain	Domain to allow.

cron_create_log_files(
	
		domain
		
	)

Summary

Create cron log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_domtrans(
	
		domain
		
	)

Summary

Execute cron in the cron system domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_dontaudit_append_system_job_tmp_files(
	
		domain
		
	)

Summary

Do not audit attempts to append temporary system cron job files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_rw_tcp_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to read and write cron daemon TCP sockets.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_write_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to write cron daemon unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_write_system_job_tmp_files(
	
		domain
		
	)

Summary

Do not audit attempts to write temporary system cron job files.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_exec(
	
		domain
		
	)

Summary

Execute crond in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_exec_crontab(
	
		domain
		
	)

Summary

Execute crontab in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_generic_log_filetrans_log(
	
		domain
		
			,
		
		object_class
		
			,
		
		name
		
	)

Summary

Create specified objects in generic log directories with the cron log file type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object_class	Class of the object being created.
name	The name of the object being created.

cron_initrc_domtrans(
	
		domain
		
	)

Summary

Execute crond server in the crond domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_manage_log_files(
	
		domain
		
	)

Summary

Create, read, write and delete cron log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_manage_system_job_lib_files(
	
		domain
		
	)

Summary

Create, read, write, and delete system cron job lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_manage_system_spool(
	
		domain
		
	)

Summary

Create, read, write, and delete the system spool.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_pipes(
	
		domain
		
	)

Summary

Read cron daemon unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_system_job_lib_files(
	
		domain
		
	)

Summary

Read system cron job lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_system_job_tmp_files(
	
		domain
		
	)

Summary

Read system cron job temporary files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_system_spool(
	
		domain
		
	)

Summary

Read the system spool.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_role(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

Role access for cron.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

cron_rw_inherited_system_job_tmp_files(
	
		domain
		
	)

Summary

Read and write to inherited system cron job temporary files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_inherited_tmp_files(
	
		domain
		
	)

Summary

Read and write inherited crond temporary files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_pipes(
	
		domain
		
	)

Summary

Read and write crond unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_system_job_pipes(
	
		domain
		
	)

Summary

Read and write system cron job unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_system_job_stream_sockets(
	
		domain
		
	)

Summary

Read and write inherited system cron job unix domain stream sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_system_job_tmp_files(
	
		domain
		
	)

Summary

Read/write system cron job temporary files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_tcp_sockets(
	
		domain
		
	)

Summary

Read and write crond TCP sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_tmp_files(
	
		domain
		
	)

Summary

Read and write crond temporary files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_search_spool(
	
		domain
		
	)

Summary

Search cron spool directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_setattr_log_files(
	
		domain
		
	)

Summary

Set the attributes of cron log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_sigchld(
	
		domain
		
	)

Summary

Send child terminated signals to crond.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_system_entry(
	
		domain
		
			,
		
		entrypoint
		
	)

Summary

Make the specified program domain accessible from the system cron jobs.

Parameters

Parameter:	Description:
domain	The type of the process to transition to.
entrypoint	The type of the file used as an entrypoint to this domain.

cron_unconfined_role(
	
		role_prefix
		
			,
		
		user_domain
		
			,
		
		user_exec_domain
		
			,
		
		role
		
	)

Summary

Role access for unconfined cron.

Parameters

Parameter:	Description:
role_prefix	The prefix of the user role (e.g., user is the prefix for user_r).
user_domain	User domain for the role.
user_exec_domain	User exec domain for execute and transition access.
role	Role allowed access

cron_use_fds(
	
		domain
		
	)

Summary

Use crond file descriptors.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_use_system_job_fds(
	
		domain
		
	)

Summary

Use system cron job file descriptors.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_write_log_files(
	
		domain
		
	)

Summary

Write to cron log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_write_system_job_pipes(
	
		domain
		
	)

Summary

Write system cron job unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return

Templates:

cron_common_crontab_template(
	
		domain_prefix
		
	)

Summary

The template to define a crontab domain.

Parameters

Parameter:	Description:
domain_prefix	Domain prefix to be used.

Return