Layer: contrib

Module: openshift

Tunables Interfaces Templates

Description:

policy for openshift

Tunables:

openshift_use_nfs

Default value

false

Description

Allow openshift to access nfs file systems without labels

Return

Interfaces:

openshift_admin(
	
		domain
		
			,
		
		role
		
	)

Summary

All of the rules required to administrate an openshift environment

Parameters

Parameter:	Description:
domain	Domain allowed access.
role	Role allowed access.

openshift_append_lib_files(
	
		domain
		
	)

Summary

Read openshift lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_append_log(
	
		domain
		
	)

Summary

Allow the specified domain to append openshift log files.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

openshift_dontaudit_rw_inherited_fifo_files(
	
		domain
		
	)

Summary

Dontaudit Read and write inherited script fifo files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_dyntransition(
	
		domain
		
	)

Summary

Allow calling app to transition to an openshift domain

Parameters

Parameter:	Description:
domain	Domain allowed access

openshift_getattr_lib(
	
		domain
		
	)

Summary

Getattr openshift lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_initrc_domtrans(
	
		domain
		
	)

Summary

Execute openshift server in the openshift domain.

Parameters

Parameter:	Description:
domain	The type of the process performing this action.

openshift_initrc_run(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute openshift server in the openshift domain.

Parameters

Parameter:	Description:
domain	The type of the process performing this action.
role	Role access to this domain.

openshift_initrc_signal(
	
		domain
		
	)

Summary

Send a signal to openshift init scripts.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_initrc_signull(
	
		domain
		
	)

Summary

Send a null signal to openshift init scripts.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_lib_filetrans(
	
		domain
		
			,
		
		private type
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create private objects in the mail lib directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.
private type	The type of the object to be created.
object	The object class of the object being created.
name	The name of the object being created.

openshift_manage_cache_dirs(
	
		domain
		
	)

Summary

Create, read, write, and delete openshift cache dirs.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_manage_cache_files(
	
		domain
		
	)

Summary

Create, read, write, and delete openshift cache files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_manage_content(
	
		domain
		
	)

Summary

Manage openshift lib content.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_manage_lib_dirs(
	
		domain
		
	)

Summary

Create, read, write, and delete openshift lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_manage_lib_files(
	
		domain
		
	)

Summary

Create, read, write, and delete openshift lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_manage_log(
	
		domain
		
	)

Summary

Allow domain to manage openshift log files

Parameters

Parameter:	Description:
domain	Domain to not audit.

openshift_manage_tmp_files(
	
		domain
		
	)

Summary

Manage openshift tmp files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_manage_tmp_sockets(
	
		domain
		
	)

Summary

Manage openshift tmp sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_mounton_tmp(
	
		domain
		
	)

Summary

Mounton openshift tmp directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_net_type(
	
		type
		
	)

Summary

Make the specified type usable as a openshift domain.

Parameters

Parameter:	Description:
type	Type to be used as a openshift domain type.

openshift_read_cache_files(
	
		domain
		
	)

Summary

Read openshift cache files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_read_lib_files(
	
		domain
		
	)

Summary

Read openshift lib files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_read_log(
	
		domain
		
	)

Summary

Allow the specified domain to read openshift's log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_read_pid_files(
	
		domain
		
	)

Summary

Read openshift PID files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_relabelfrom_lib(
	
		domain
		
	)

Summary

Relabel openshift library files

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_run(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute openshift in the openshift domain, and allow the specified role the openshift domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	Role allowed access.

openshift_rw_inherited_content(
	
		domain
		
	)

Summary

Read and write inherited openshift files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_search_cache(
	
		domain
		
	)

Summary

Search openshift cache directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_search_lib(
	
		domain
		
	)

Summary

Search openshift lib directories.

Parameters

Parameter:	Description:
domain	Domain allowed access.

openshift_transition(
	
		domain
		
	)

Summary

Allow calling app to transition to an openshift domain

Parameters

Parameter:	Description:
domain	Domain allowed access

Return

Templates:

openshift_service_domain_template(
	
		openshiftdomain_prefix
		
	)

Summary

Make the specified type usable as a openshift domain.

Parameters

Parameter:	Description:
openshiftdomain_prefix	The prefix of the domain (e.g., openshift is the prefix for openshift_t).

Return