Layer: contrib

Module: cron

Tunables Interfaces Templates

Description:

Periodic execution of scheduled commands.

Tunables:

cron_can_relabel

Default value

false

Description

Allow system cron jobs to relabel filesystem for restoring file contexts.

cron_system_cronjob_use_shares

Default value

false

Description

Allow system cronjob to be executed on on NFS, CIFS or FUSE filesystem.

cron_userdomain_transition

Default value

true

Description

Determine whether crond can execute jobs in the user domain as opposed to the the generic cronjob domain.

fcron_crond

Default value

false

Description

Enable extra rules in the cron domain to support fcron.

Return

Interfaces:

cron_admin_role(
	
		role
		
			,
		
		domain
		
	)

Summary

Role access for cron

Parameters

Parameter:	Description:
role	Role allowed access
domain	User domain for the role

cron_anacron_domtrans_system_job(
	
		domain
		
	)

Summary

Execute anacron in the cron system domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_dbus_chat_crond(
	
		domain
		
	)

Summary

Send and receive messages from crond over dbus.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_domtrans(
	
		domain
		
	)

Summary

Execute cron in the cron system domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_dontaudit_append_system_job_tmp_files(
	
		domain
		
	)

Summary

Do not audit attempts to append temporary files from the system cron jobs.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_rw_tcp_sockets(
	
		domain
		
	)

Summary

Dontaudit Read, and write cron daemon TCP sockets.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_setattr_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to setattr cron daemon unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_write_pipes(
	
		domain
		
	)

Summary

Do not audit attempts to write cron daemon unnamed pipes.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_dontaudit_write_system_job_tmp_files(
	
		domain
		
	)

Summary

Do not audit attempts to write temporary files from the system cron jobs.

Parameters

Parameter:	Description:
domain	Domain to not audit.

cron_exec(
	
		domain
		
	)

Summary

Execute crond_exec_t

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_generic_log_filetrans_log(
	
		domain
		
			,
		
		object_class
		
			,
		
		name
		
	)

Summary

Create specified objects in generic log directories with the cron log file type.

Parameters

Parameter:	Description:
domain	Domain allowed access.
object_class	Class of the object being created.
name	The name of the object being created.

cron_initrc_domtrans(
	
		domain
		
	)

Summary

Execute crond server in the crond domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_manage_log_files(
	
		domain
		
	)

Summary

Create, read, write and delete cron log files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_manage_pid_files(
	
		domain
		
	)

Summary

Manage pid files used by cron

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_manage_system_job_lib_files(
	
		domain
		
	)

Summary

Manage files from the system cron jobs.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_manage_system_spool(
	
		domain
		
	)

Summary

Search the directory containing user cron tables.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_pid_files(
	
		domain
		
	)

Summary

Read pid files used by cron

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_pipes(
	
		domain
		
	)

Summary

Read a cron daemon unnamed pipe.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_state_crond(
	
		domain
		
	)

Summary

Read crond state files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_system_job_lib_files(
	
		domain
		
	)

Summary

Read temporary files from the system cron jobs.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_read_system_job_tmp_files(
	
		domain
		
	)

Summary

Read temporary files from the system cron jobs.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_role(
	
		role
		
			,
		
		domain
		
	)

Summary

Role access for cron

Parameters

Parameter:	Description:
role	Role allowed access
domain	User domain for the role

cron_rw_inherited_spool_files(
	
		domain
		
	)

Summary

Read and write inherited spool files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_inherited_user_spool_files(
	
		domain
		
	)

Summary

Read and write inherited user spool files.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_pipes(
	
		domain
		
	)

Summary

Read and write a cron daemon unnamed pipe.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_system_job_pipes(
	
		domain
		
	)

Summary

Read and write a system cron job unnamed pipe.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_system_job_stream_sockets(
	
		domain
		
	)

Summary

Allow read/write unix stream sockets from the system cron jobs.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_rw_tcp_sockets(
	
		domain
		
	)

Summary

Read, and write cron daemon TCP sockets.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_search_spool(
	
		domain
		
	)

Summary

Search the directory containing user cron tables.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_sigchld(
	
		domain
		
	)

Summary

Send a SIGCHLD signal to the cron daemon.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_signal(
	
		domain
		
	)

Summary

Send a generic signal to cron daemon.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_system_entry(
	
		domain
		
			,
		
		entrypoint
		
	)

Summary

Make the specified program domain accessable from the system cron jobs.

Parameters

Parameter:	Description:
domain	The type of the process to transition to.
entrypoint	The type of the file used as an entrypoint to this domain.

cron_systemctl(
	
		domain
		
	)

Summary

Execute crond server in the crond domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

cron_unconfined_role(
	
		role
		
			,
		
		domain
		
	)

Summary

Role access for unconfined cronjobs

Parameters

Parameter:	Description:
role	Role allowed access
domain	User domain for the role

cron_use_fds(
	
		domain
		
	)

Summary

Inherit and use a file descriptor from the cron daemon.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_use_system_job_fds(
	
		domain
		
	)

Summary

Inherit and use a file descriptor from system cron jobs.

Parameters

Parameter:	Description:
domain	Domain allowed access.

cron_write_system_job_pipes(
	
		domain
		
	)

Summary

Write a system cron job unnamed pipe.

Parameters

Parameter:	Description:
domain	Domain allowed access.

Return

Templates:

cron_common_crontab_template(
	
		userdomain_prefix
		
	)

Summary

The common rules for a crontab domain.

Parameters

Parameter:	Description:
userdomain_prefix	The prefix of the user domain (e.g., user is the prefix for user_t).

Return