Layer: kernel

Module: terminal

Interfaces

Description:

Policy for terminals.

This module is required to be included in all policies.

Interfaces:

term_append_unallocated_ttys( domain )
Summary

Append to unallocated ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_create_console_dev( domain )
Summary

Create the console device (/dev/console).

Parameters
Parameter:Description:
domain

Domain allowed access.

term_create_controlling_term( domain )
Summary

Create the tty device.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_create_devpts_dirs( domain )
Summary

Create directory /dev/pts.

Parameters
Parameter:Description:
domain

The type of the process creating the directory.

term_create_ptmx( domain )
Summary

Create the pty multiplexor (/dev/ptmx).

Parameters
Parameter:Description:
domain

Domain to not audit.

term_create_pty( domain , pty_type )
Summary

Create a pty in the /dev/pts directory.

Parameters
Parameter:Description:
domain

The type of the process creating the pty.

pty_type

The type of the pty.

term_dontaudit_getattr_all_ptys( domain )
Summary

Do not audit attempts to get the attributes of any pty device nodes.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_getattr_all_ttys( domain )
Summary

Do not audit attempts to get the attributes of any tty device nodes.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_getattr_generic_ptys( domain )
Summary

Do not audit attempts to get the attributes of generic pty devices.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_getattr_ptmx( domain )
Summary

Do not audit attempts to get attributes on the pty multiplexor (/dev/ptmx).

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_getattr_pty_dirs( domain )
Summary

Do not audit attempts to get the attributes of the /dev/pts directory.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_getattr_unallocated_ttys( domain )
Summary

Do not audit attempts to get the attributes of all unallocated tty device nodes.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_ioctl_unallocated_ttys( domain )
Summary

Do not audit attempts to ioctl unallocated tty device nodes.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_list_ptys( domain )
Summary

Do not audit attempts to read the /dev/pts directory.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_manage_pty_dirs( domain )
Summary

Do not audit attempts to create, read, write, or delete the /dev/pts directory.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_read_console( domain )
Summary

Do not audit attempts to read from the console.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_search_ptys( domain )
Summary

Do not audit attempts to search the contents of the /dev/pts directory.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_setattr_generic_ptys( domain )
Summary

Dontaudit setting the attributes of generic pty devices.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_setattr_unallocated_ttys( domain )
Summary

Do not audit attempts to set the attributes of unallocated tty device nodes.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_use_all_ptys( domain )
Summary

Do not audit attempts to read or write any ptys.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_use_all_ttys( domain )
Summary

Do not audit attempts to read or write any ttys.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_use_console( domain )
Summary

Do not audit attempts to read from or write to the console.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_use_generic_ptys( domain )
Summary

Dot not audit attempts to read and write the generic pty type. This is generally only used in the targeted policy.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_use_ptmx( domain )
Summary

Do not audit attempts to read and write the pty multiplexor (/dev/ptmx).

Parameters
Parameter:Description:
domain

Domain to not audit.

term_dontaudit_use_unallocated_ttys( domain )
Summary

Do not audit attempts to read or write unallocated ttys.

Parameters
Parameter:Description:
domain

Domain to not audit.

term_getattr_all_ptys( domain )
Summary

Get the attributes of all pty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_getattr_all_ttys( domain )
Summary

Get the attributes of all tty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_getattr_generic_ptys( domain )
Summary

Get the attributes of generic pty devices.

Parameters
Parameter:Description:
domain

Domain to allow

term_getattr_ptmx( domain )
Summary

Get the attributes of the pty multiplexor (/dev/ptmx).

Parameters
Parameter:Description:
domain

Domain to not audit.

term_getattr_pty_dirs( domain )
Summary

Get the attributes of the /dev/pts directory.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_getattr_pty_fs( domain )
Summary

Get the attributes of a pty filesystem

Parameters
Parameter:Description:
domain

Domain allowed access.

term_getattr_unallocated_ttys( domain )
Summary

Get the attributes of all unallocated tty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_ioctl_generic_ptys( domain )
Summary

ioctl of generic pty devices.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_list_ptys( domain )
Summary

Read the /dev/pts directory to list all ptys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_login_pty( pty_type )
Summary

Transform specified type into a pty type used by login programs, such as sshd.

Parameters
Parameter:Description:
pty_type

An object type that will applied to a pty.

term_mount_devpts( domain )
Summary

mount a devpts_t filesystem

Parameters
Parameter:Description:
domain

The type of the process to mount it

term_pty( pty_type )
Summary

Transform specified type into a pty type.

Parameters
Parameter:Description:
pty_type

An object type that will applied to a pty.

term_read_console( domain )
Summary

Read from the console.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabel_all_ptys( domain )
Summary

Relabel from and to all pty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabel_all_ttys( domain )
Summary

Relabel from and to all tty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabel_console( domain )
Summary

Relabel from and to the console type.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabel_pty_dirs( domain )
Summary

Relabel from and to pty directories.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabel_pty_fs( domain )
Summary

Relabel from and to pty filesystem.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabel_unallocated_ttys( domain )
Summary

Relabel from and to the unallocated tty type.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_relabelto_all_ptys( domain )
Summary

Relabel to all ptys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_reset_tty_labels( domain )
Summary

Relabel from all user tty types to the unallocated tty type.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_search_ptys( domain )
Summary

Search the contents of the /dev/pts directory.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_all_ptys( domain )
Summary

Set the attributes of all pty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_all_ttys( domain )
Summary

Set the attributes of all tty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_console( domain )
Summary

Set the attributes of the console device node.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_controlling_term( domain )
Summary

Set the attributes of the tty device

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_generic_ptys( domain )
Summary

Allow setting the attributes of generic pty devices.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_unallocated_ttys( domain )
Summary

Set the attributes of all unallocated tty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_setattr_unlink_unallocated_ttys( domain )
Summary

Setattr and unlink unallocated tty device nodes.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_tty( tty_type )
Summary

Transform specified type into a tty type.

Parameters
Parameter:Description:
tty_type

An object type that will applied to a tty.

term_use_all_ptys( domain )
Summary

Read and write all ptys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_all_terms( domain )
Summary

Read and write the console, all ttys and all ptys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_all_ttys( domain )
Summary

Read and write all ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_console( domain )
Summary

Read from and write to the console.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_controlling_term( domain )
Summary

Read and write the controlling terminal (/dev/tty).

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_generic_ptys( domain )
Summary

Read and write the generic pty type. This is generally only used in the targeted policy.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_ptmx( domain )
Summary

Read and write the pty multiplexor (/dev/ptmx).

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_unallocated_ttys( domain )
Summary

Read and write unallocated ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_use_virtio_console( domain )
Summary

Read from and write virtio console.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_user_pty( userdomain , object_type )
Summary

Transform specified type into an user pty type. This allows it to be relabeled via type change by login programs such as ssh.

Parameters
Parameter:Description:
userdomain

The type of the user domain associated with this pty.

object_type

An object type that will applied to a pty.

term_user_tty( domain , tty_type )
Summary

Transform specified type into a user tty type.

Parameters
Parameter:Description:
domain

User domain that is related to this tty.

tty_type

An object type that will applied to a tty.

term_watch_reads_console( domain )
Summary

watch reads on console device

Parameters
Parameter:Description:
domain

Domain allowed access.

term_watch_reads_unallocated_ttys( domain )
Summary

Watch reads on unallocated ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_watch_unallocated_ttys( domain )
Summary

Watch unallocated ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_write_all_ptys( domain )
Summary

Write to all ptys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_write_all_terms( domain )
Summary

Write the console, all ttys and all ptys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_write_all_ttys( domain )
Summary

Write to all ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_write_console( domain )
Summary

Write to the console.

Parameters
Parameter:Description:
domain

Domain allowed access.

term_write_unallocated_ttys( domain )
Summary

Write to unallocated ttys.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return