Layer: system

Module: mount

Interfaces

Description:

Policy for mount.

Interfaces:

mount_domtrans( domain )
Summary

Execute mount in the mount domain.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

mount_domtrans_ecryptmount( domain )
Summary

Transition to ecryptmount.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

mount_domtrans_fusermount( domain )
Summary

Execute fusermount in the mount domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_domtrans_showmount( domain )
Summary

Execute a domain transition to run showmount.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

mount_domtrans_unconfined( domain )
Summary

Execute mount in the unconfined mount domain.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

mount_dontaudit_exec_fusermount( domain )
Summary

dontaudit Execute fusermount.

Parameters
Parameter:Description:
domain

Domain to not audit.

mount_dontaudit_write_mount_pid( domain )
Summary

Do not audit attemps to write mount PID files.

Parameters
Parameter:Description:
domain

Domain to not audit.

mount_entry_type( domain )
Summary

Allow mount programs to be an entrypoint for the specified domain.

Parameters
Parameter:Description:
domain

The domain for which mount programs is an entrypoint.

mount_exec( domain )
Summary

Execute mount in the caller domain.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_exec_fusermount( domain )
Summary

Execute fusermount.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_list_tmp( domain )
Summary

Read the mount tmp directory

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_manage_pid_files( domain )
Summary

Manage mount PID files.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_read_pid_files( domain )
Summary

Read mount PID files.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_run( domain , role )
Summary

Execute mount in the mount domain, and allow the specified role the mount domain, and use the caller's terminal.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

role

Role allowed access.

mount_run_fusermount( domain , role )
Summary

Execute fusermount in the mount domain, and allow the specified role the mount domain, and use the caller's terminal.

Parameters
Parameter:Description:
domain

Domain allowed access.

role

The role to be allowed the mount domain.

mount_run_showmount( domain , role )
Summary

Execute showmount in the showmount domain, and allow the specified role the showmount domain.

Parameters
Parameter:Description:
domain

Domain allowed access

role

The role to be allowed the showmount domain.

mount_run_unconfined( domain , role )
Summary

Execute mount in the unconfined mount domain, and allow the specified role the unconfined mount domain, and use the caller's terminal.

Parameters
Parameter:Description:
domain

Domain allowed to transition.

role

Role allowed access.

mount_rw_pid_files( domain )
Summary

Read/write mount PID files.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_send_nfs_client_request( domain )
Summary

Allow the mount domain to send nfs requests for mounting network drives

Description

Allow the mount domain to send nfs requests for mounting network drives

This interface has been deprecated as these rules were a side effect of leaked mount file descriptors. This interface has no effect.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_signal( domain )
Summary

Send a generic signal to mount.

Parameters
Parameter:Description:
domain

Domain allowed access.

mount_use_fds( domain )
Summary

Use file descriptors for mount.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return