Policy for the kernel message logger and system logging daemon.
Append to all log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Execute auditctl in the auditctl domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Execute auditd in the auditd domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Execute syslogd in the syslog domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Do not audit attempts to get the atttributes of any log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Do not audit attempts to search the var log directory.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain not to audit. | No |
Execute all log files in the caller domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
List the contents of the generic log directory (/var/log).
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Make the specified type a file used for logs.
Parameter: | Description: | Optional: |
---|---|---|
file_type |
Type of the file to be used as a log. | No |
Create an object in the log directory, with a private type using a type transition.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
private type |
The type of the object to be created. | No |
object |
The object class of the object being created. | No |
Create, read, write, and delete all log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Manage the auditd configuration files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Manage the audit log.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Create, read, write, and delete generic log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read all log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read the auditd configuration files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read the audit log.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read generic log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Execute auditctl in the auditctl domain, and allow the specified role the auditctl domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
role |
The role to be allowed the auditctl domain. | No |
terminal |
The type of the terminal allow the auditctl domain to use. | No |
Execute auditd in the auditd domain, and allow the specified role the auditd domain.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
role |
The role to be allowed the auditd domain. | No |
terminal |
The type of the terminal allow the auditd domain to use. | No |
Read and write the generic log directory (/var/log).
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Read and write generic log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Allows the domain to open a file in the log directory, but does not allow the listing of the contents of the log directory.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send audit messages
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Send system log messages.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Set up audit
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Set audit control rules
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Set login uid
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Connect to auditdstored over an unix stream socket.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |
Write generic log files.
Parameter: | Description: | Optional: |
---|---|---|
domain |
Domain allowed access. | No |