Layer: system

Module: unconfined

Description:

The unconfined domain.

Interfaces:

unconfined_create_keys(
	
		domain
		
	)

Summary

Create keys for the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_dbus_chat(
	
		domain
		
	)

Summary

Send and receive messages from unconfined_t over dbus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_dbus_connect(
	
		domain
		
	)

Summary

Connect to the the unconfined DBUS for service (acquire_svc).

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_dbus_send(
	
		domain
		
	)

Summary

Send messages to the unconfined domain over dbus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_domain(
	
		domain
		
	)

Summary

Make the specified domain unconfined and audit executable heap usage.

Description

Make the specified domain unconfined and audit executable heap usage. With exception of memory protections, usage of this interface will result in the level of access the domain has is like SELinux was not being used.

Only completely trusted domains should use this interface.

Does not allow return communications from confined domains via message based mechanisms such as dbus or SysV message queues.

Parameters

Parameter:	Description:
domain	Domain to make unconfined.

unconfined_domain_noaudit(
	
		domain
		
	)

Summary

Make the specified domain unconfined.

Parameters

Parameter:	Description:
domain	Domain to make unconfined.

unconfined_domtrans(
	
		domain
		
	)

Summary

Transition to the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

unconfined_domtrans_to(
	
		domain
		
			,
		
		entry_file
		
	)

Summary

Allow unconfined to execute the specified program in the specified domain.

Description

Allow unconfined to execute the specified program in the specified domain.

This is a interface to support third party modules and its use is not allowed in upstream reference policy.

Parameters

Parameter:	Description:
domain	Domain to execute in.
entry_file	Domain entry point file.

unconfined_dontaudit_read_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to read unconfined domain unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain to not audit.

unconfined_dontaudit_rw_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to read and write unconfined domain unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain to not audit.

unconfined_dontaudit_rw_stream_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to read and write unconfined domain stream.

Parameters

Parameter:	Description:
domain	Domain to not audit.

unconfined_dontaudit_rw_tcp_sockets(
	
		domain
		
	)

Summary

Do not audit attempts to read or write unconfined domain tcp sockets.

Description

Do not audit attempts to read or write unconfined domain tcp sockets.

This interface was added due to a broken symptom in ldconfig.

Parameters

Parameter:	Description:
domain	Domain to not audit.

unconfined_read_pipes(
	
		domain
		
	)

Summary

Read unconfined domain unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_run(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute specified programs in the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	The role to allow the unconfined domain.

unconfined_run_to(
	
		domain
		
			,
		
		entry_file
		
	)

Summary

Allow unconfined to execute the specified program in the specified domain. Allow the specified domain the unconfined role and use of unconfined user terminals.

Description

Allow unconfined to execute the specified program in the specified domain. Allow the specified domain the unconfined role and use of unconfined user terminals.

This is a interface to support third party modules and its use is not allowed in upstream reference policy.

Parameters

Parameter:	Description:
domain	Domain to execute in.
entry_file	Domain entry point file.

unconfined_rw_pipes(
	
		domain
		
	)

Summary

Read and write unconfined domain unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_search_keys(
	
		domain
		
	)

Summary

Search keys for the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_shell_domtrans(
	
		domain
		
	)

Summary

Transition to the unconfined domain by executing a shell.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

unconfined_sigchld(
	
		domain
		
	)

Summary

Send a SIGCHLD signal to the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_signal(
	
		domain
		
	)

Summary

Send generic signals to the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_signull(
	
		domain
		
	)

Summary

Send a SIGNULL signal to the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_stream_connect(
	
		domain
		
	)

Summary

Connect to the unconfined domain using a unix domain stream socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_stub(
	
		domain
		
	)

Summary

Unconfined stub interface. No access allowed.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_unix_dgram_send(
	
		domain
		
	)

Summary

Send unix_dgram_socket to unconfined_t

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_use_fds(
	
		domain
		
	)

Summary

Inherit file descriptors from the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

unconfined_write_keys(
	
		domain
		
	)

Summary

Write keys for the unconfined domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return