Layer: admin

Module: usermanage

Description:

Policy for managing user accounts.

Interfaces:

usermanage_access_check_groupadd(
	
		domain
		
	)

Summary

Check access to the groupadd executable.

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_access_check_passwd(
	
		domain
		
	)

Summary

Check access to the passwd executable

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_access_check_useradd(
	
		domain
		
	)

Summary

Check access to the useradd executable.

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_check_exec_passwd(
	
		domain
		
	)

Summary

Check if the passwd binary is executable.

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_check_exec_useradd(
	
		domain
		
	)

Summary

Check if the useradd binaries are executable.

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_domtrans_admin_passwd(
	
		domain
		
	)

Summary

Execute password admin functions in the admin passwd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

usermanage_domtrans_chfn(
	
		domain
		
	)

Summary

Execute chfn in the chfn domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

usermanage_domtrans_groupadd(
	
		domain
		
	)

Summary

Execute groupadd in the groupadd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

usermanage_domtrans_passwd(
	
		domain
		
	)

Summary

Execute passwd in the passwd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

usermanage_domtrans_useradd(
	
		domain
		
	)

Summary

Execute useradd in the useradd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

usermanage_dontaudit_use_useradd_fds(
	
		domain
		
	)

Summary

Do not audit attempts to use useradd fds.

Parameters

Parameter:	Description:
domain	Domain to not audit.

usermanage_kill_passwd(
	
		domain
		
	)

Summary

Send sigkills to passwd.

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_read_crack_db(
	
		domain
		
	)

Summary

Read the crack database.

Parameters

Parameter:	Description:
domain	Domain allowed access.

usermanage_run_admin_passwd(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute passwd admin functions in the admin passwd domain, and allow the specified role the admin passwd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

usermanage_run_chfn(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute chfn in the chfn domain, and allow the specified role the chfn domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

usermanage_run_groupadd(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute groupadd in the groupadd domain, and allow the specified role the groupadd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

usermanage_run_passwd(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute passwd in the passwd domain, and allow the specified role the passwd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

usermanage_run_useradd(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute useradd in the useradd domain, and allow the specified role the useradd domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

Return