Layer: apps

Module: nsplugin

Tunables Interfaces

Description:

policy for nsplugin


Tunables:

allow_nsplugin_execmem
Default value

false

Description

Allow nsplugin code to execmem/execstack

nsplugin_can_network
Default value

true

Description

Allow nsplugin code to connect to unreserved ports

Return

Interfaces:

nsplugin_domtrans( user_domain )
Summary

The per role template for the nsplugin module.

Parameters
Parameter:Description:
user_domain

The type of the user domain.

nsplugin_domtrans_config( user_domain )
Summary

The per role template for the nsplugin module.

Parameters
Parameter:Description:
user_domain

The type of the user domain.

nsplugin_manage_home_files( domain )
Summary

Create, read, write, and delete nsplugin home files.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_manage_rw( domain )
Summary

Manage nsplugin rw files.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_manage_rw_files( domain )
Summary

Create, read, write, and delete nsplugin rw files.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_read_home( domain )
Summary

Read nsplugin home files.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_read_rw_files( domain )
Summary

Read nsplugin rw files.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_role( userdomain_prefix , user_role , user_domain )
Summary

Role access for nsplugin

Parameters
Parameter:Description:
userdomain_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

user_role

The role associated with the user domain.

user_domain

The type of the user domain.

nsplugin_role_notrans( userdomain_prefix , user_domain , user_role )
Summary

The per role template for the nsplugin module.

Description

This template creates a derived domains which are used for nsplugin web browser.

This template is invoked automatically for each user, and generally does not need to be invoked directly by policy writers.

Parameters
Parameter:Description:
userdomain_prefix

The prefix of the user domain (e.g., user is the prefix for user_t).

user_domain

The type of the user domain.

user_role

The role associated with the user domain.

nsplugin_rw_exec( domain )
Summary

Exec nsplugin rw files.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_rw_pipes( domain )
Summary

Allow attempts to read and write to nsplugin named pipes.

Parameters
Parameter:Description:
domain

Domain to not audit.

nsplugin_rw_semaphores( domain )
Summary

Allow read and write access to nsplugin semaphores.

Parameters
Parameter:Description:
domain

Domain allowed access.

nsplugin_rw_shm( domain )
Summary

Read and write to nsplugin shared memory.

Parameters
Parameter:Description:
domain

The type of the process performing this action.

nsplugin_search_rw_dir( domain )
Summary

Search nsplugin rw directories.

Parameters
Parameter:Description:
domain

Domain allowed access.

Return