Layer: admin

Policy modules for administrative functions, such as package management.


Module:Description:
consoletype

Determine of the console connected to the controlling terminal.

dmesg

Policy for dmesg.

logrotate

Rotate and archive system logs

netutils

Network analysis utilities

rpm

Policy for the RPM package manager.

usermanage

Policy for managing user accounts.



Layer: kernel

Policy for kernel threads, proc filesystem,and unlabeled processes and objects.


Module:Description:
bootloader

Policy for the kernel modules, kernel image, and bootloader.

corenetwork

Policy controlling access to network objects

devices

Device nodes and interfaces for many basic system devices.

filesystem

Policy for filesystems.

kernel

Policy for kernel threads, proc filesystem,and unlabeled processes and objects.

selinux

Policy for kernel security interface, in particular, selinuxfs.

storage

Policy controlling access to storage devices

terminal

Policy for terminals.



Layer: apps

Policy modules for applications


Module:Description:
gpg

Policy for GNU Privacy Guard and related programs.



Layer: system

Policy modules for system functions from init to multi-user login.


Module:Description:
authlogin

Common policy for authentication and user login.

clock

Policy for reading and setting the hardware clock.

corecommands

Core policy for shells, and generic programs in /bin, /sbin, /usr/bin, and /usr/sbin.

domain

Core policy for domains.

files

Basic filesystem types and interfaces.

fstools

Tools for filesystem management, such as mkfs and fsck.

getty

Policy for getty.

hostname

Policy for changing the system host name.

hotplug

Policy for hotplug system, for supporting the connection and disconnection of devices at runtime.

init

System initialization programs (init and init scripts).

ipsec

TCP/IP encryption

iptables

Policy for iptables.

libraries

Policy for system libraries.

locallogin

Policy for local logins.

logging

Policy for the kernel message logger and system logging daemon.

lvm

Policy for logical volume management programs.

miscfiles

Miscelaneous files.

modutils

Policy for kernel module utilities

mount

Policy for mount.

pcmcia

PCMCIA card management services

raid

RAID array management tools

selinuxutil

Policy for SELinux policy and userland applications.

sysnetwork

Policy for network configuration: ifconfig and dhcp client.

udev

Policy for udev.

unconfined

The unconfined domain.

userdomain

Policy for user domains



Layer: services

Policy modules for system services, like cron, and network services, like sshd.


Module:Description:
cron

Periodic execution of scheduled commands.

inetd

Internet services daemon.

kerberos

MIT Kerberos admin and KDC

mta

Policy common to all email tranfer agents.

nis

Policy for NIS (YP) servers and clients

nscd

Name service cache daemon

remotelogin

Policy for rshd, rlogind, and telnetd.

sendmail

Policy for sendmail.

ssh

Secure shell client and server policy.