Layer: contrib

Module: rpm

Interfaces

Description:

Policy for the RPM package manager.

Interfaces:

rpm_admin( domain , role )
Summary

All of the rules required to administrate an rpm environment.

Parameters
Parameter:Description:
domain

Domain allowed access.

role

Role allowed access.

rpm_append_log( domain )
Summary

Allow the specified domain to append to rpm log files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_append_tmp_files( domain )
Summary

Allow the specified domain to append to rpm tmp files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_dbus_chat( domain )
Summary

Send and receive messages from rpm over dbus.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_debuginfo_domtrans( domain )
Summary

Execute debuginfo_install programs in the rpm domain.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

rpm_delete_db( domain )
Summary

Delete the RPM package database.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_domtrans( domain )
Summary

Execute rpm programs in the rpm domain.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

rpm_domtrans_script( domain )
Summary

Execute rpm_script programs in the rpm_script domain.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

rpm_dontaudit_dbus_chat( domain )
Summary

Do not audit attempts to send and receive messages from rpm over dbus.

Parameters
Parameter:Description:
domain

Domain to not audit.

rpm_dontaudit_leaks( domain )
Summary

dontaudit read and write an leaked file descriptors

Parameters
Parameter:Description:
domain

Domain to not audit.

rpm_dontaudit_manage_db( domain )
Summary

Do not audit attempts to create, read, write, and delete the RPM package database.

Parameters
Parameter:Description:
domain

Domain to not audit.

rpm_dontaudit_read_db( domain )
Summary

Do not audit attempts to create, read,the RPM package database.

Parameters
Parameter:Description:
domain

Domain to not audit.

rpm_entry_type( domain )
Summary

Make rpm_exec_t an entry point for the specified domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_exec( domain )
Summary

Execute the rpm client in the caller domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_inherited_fifo( domain )
Summary

Send a null signal to rpm.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_manage_cache( domain )
Summary

Create, read, write, and delete the RPM package database.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_manage_db( domain )
Summary

Create, read, write, and delete the RPM package database.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_manage_log( domain )
Summary

Create, read, write, and delete the RPM log.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_manage_pid_files( domain )
Summary

Create, read, write, and delete rpm pid files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_manage_script_tmp_files( domain )
Summary

Create, read, write, and delete RPM script temporary files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_manage_tmp_files( domain )
Summary

Create, read, write, and delete RPM temporary files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_named_filetrans( domain )
Summary

Create rpm logs with an correct label.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_pid_filetrans( domain )
Summary

Create files in /var/run with the rpm pid file type.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_cache( domain )
Summary

Read the RPM cache.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_db( domain )
Summary

Read the RPM package database.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_log( domain )
Summary

Create, read, write, and delete the RPM log.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_pid_files( domain )
Summary

Read rpm pid files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_pipes( domain )
Summary

Read from an unnamed RPM pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_script_tmp_files( domain )
Summary

Read RPM script temporary files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_read_tmp_files( domain )
Summary

Read rpm temporary files.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_run( domain , role )
Summary

Execute RPM programs in the RPM domain.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

role

The role to allow the RPM domain.

rpm_rw_pipes( domain )
Summary

Read and write an unnamed RPM pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_rw_script_inherited_pipes( domain )
Summary

Read and write an unnamed RPM script pipe.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_script_dbus_chat( domain )
Summary

Send and receive messages from rpm_script over dbus.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_search_log( domain )
Summary

Search RPM log directory.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_signull( domain )
Summary

Send a null signal to rpm.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_transition_script( domain , role )
Summary

Allow application to transition to rpm_script domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

role

Role allowed access.

rpm_use_fds( domain )
Summary

Inherit and use file descriptors from RPM.

Parameters
Parameter:Description:
domain

Domain allowed access.

rpm_use_script_fds( domain )
Summary

Inherit and use file descriptors from RPM scripts.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return