Policy for network configuration: ifconfig and dhcp client.
false
Allow dhcpc client applications to execute iptables commands
Create network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send and receive messages from dhcpc over dbus.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Delete the dhcp client pid file.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Delete the dhcp client state files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Create DHCP state data.
Create DHCP state data.
This is added for DHCP server, as the server and client put their state files in the same directory.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
file_type |
The type of the object to be created |
object_class |
The object class. |
name |
The name of the object being created. |
Perform a DNS name resolution.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Execute dhcp client in dhcpc domain.
Parameter: | Description: |
---|---|
domain |
Domain allowed to transition. |
Execute ifconfig in the ifconfig domain.
Parameter: | Description: |
---|---|
domain |
Domain allowed to transition. |
Do not audit attempts to use the dhcp file descriptors.
Parameter: | Description: |
---|---|
domain |
Domain to not audit. |
Do not audit attempts to read network config files.
Parameter: | Description: |
---|---|
domain |
Domain to not audit. |
Do not audit attempts to read and write dhcpc udp socket descriptors.
Parameter: | Description: |
---|---|
domain |
Domain to not audit. |
Do not audit attempts to read/write to the dhcp unix stream socket descriptors.
Parameter: | Description: |
---|---|
domain |
Domain to not audit. |
Do not audit attempts to use the dhcp file descriptors.
Parameter: | Description: |
---|---|
domain |
Domain to not audit. |
Create files in /etc with the type used for the network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
name |
The name of the object being created. |
Execute ifconfig in the caller domain.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Transition content to the type used for the network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
private type |
The type of the directory to which the object will be created. |
object_class |
The object class. |
name |
The name of the object being created. |
Create specified objects in generic pid directories with the dhcpc pid file type.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
name |
The name of the object being created. |
Transition to sysnet named content
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Transition to sysnet ifconfig named content
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Transition to sysnet ifconfig named content
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a kill signal to the dhcp client.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a kill signal to iconfig.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Create, read, write, and delete network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Create, read, write, and delete network config dirs.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Manage the dhcp client pid file.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Manage the dhcp client state files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Transition to sysnet ifconfig named content
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read network config files.
Allow the specified domain to read the general network configuration files. A common example of this is the /etc/resolv.conf file, which has domain name system (DNS) server IP addresses. Typically, most networking processes will require the access provided by this interface.
Higher-level interfaces which involve networking will generally call this interface, for example:
sysnet_dns_name_resolve()
sysnet_use_ldap()
sysnet_use_portmap()
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read the DHCP configuration files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read the dhcp client pid file.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Read dhcp client state files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Allow caller to relabel dhcpc_state files
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Allow caller to relabel net_conf files
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Allow caller to relabel net_conf files
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Transition to system_r when execute an dhclient script
Execute dhclient script in a specified role
No interprocess communication (signals, pipes, etc.) is provided by this interface since the domains are not owned by this module.
Parameter: | Description: |
---|---|
source_role |
Role to transition from. |
Execute DHCP clients in the dhcpc domain, and allow the specified role the dhcpc domain.
Parameter: | Description: |
---|---|
domain |
Domain allowed to transition. |
role |
Role allowed access. |
Execute ifconfig in the ifconfig domain, and allow the specified role the ifconfig domain, and use the caller's terminal.
Parameter: | Description: |
---|---|
domain |
Domain allowed to transition. |
role |
Role allowed access. |
Read and write dhcp configuration files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Search the DHCP state data directory.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Search the DHCP client state directories.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Set the attributes of network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Set the attributes of network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a SIGCHLD signal to the dhcp client.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a generic signal to the dhcp client.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a generic signal to ifconfig.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a null signal to the dhcp client.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send null signals to ifconfig.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Send a SIGSTOP signal to the dhcp client.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Connect and use a LDAP server.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Connect and use remote port mappers.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |
Write network config files.
Parameter: | Description: |
---|---|
domain |
Domain allowed access. |