Next: 13.4 allowpriv: other privileges
Up: 13 Access control other
Previous: 13.2 allowpriv: related to
Contents
Allow privileges to administrate SELinux.
- relabel
Allow to relabel all files. You must also allow
getsecurity and allowpriv search.
- part_relabel
Allow to relabel files that the domain can write. You must
also allow getsecurity.
- setfscreate
This is necessary only applications that use SELinux API(setfscreatecon).
- getsecurity
Allow to get security policy decisions, by accessing /selinux.
- setenforce
Allow to toggle enforcing/permissive mode.
- load_policy
Allow to load policy to kernel.
- setsecparam
Change performance parameter of SELinux via /selinux/avc
- getsecattr
Get security information(such as domain, stored in /proc/pid/attr) of other processes.
Yuichi Nakamura
2006-11-13