directory contains definitions of types, broken up in to the following files:
This file contains the types for device nodes.
type device_t, file_type;
This line defines the type device_t for /dev
. file_type is the attribute that is used for all types for files and directories. If you search for
/dev in the file file_context
you will see its type is set to device_t.
type null_device_t, file_type, device_type, mlstrustedobject;
Defines the type null_device_t for /dev/null
. The device_type attribute identifies all types assigned to device nodes. mlstrustedobject is not used at this time.
This file contains the types for pseudo ttys.
type devpts_t, fs_type, root_dir_type;
Set the type of the devpts filesystem (devpts_t) and the type of the root directory of that filesystem.
This file contains the types for files.
type unlabeled_t, sysadmfile;
Unlabeled objects have the type unlabeled_t. Any time you change the policy to remove the definition of a type, everything that uses that type becomes unlabeled.
This file contains the types for networking.
type netif_t, netif_type;
type netif_eth0_t, netif_type;
type netif_eth1_t, netif_type;
type netif_eth2_t, netif_type;
type netif_lo_t, netif_type;
type netif_ippp0_t, netif_type;
The netif types are used for network interfaces.
This file contains types for NFS usage.
type nfs_t, fs_type, root_dir_type;
nfs_t is the default type for NFS file systems and their files. Set the root directory of the NFS file system to be of type nfs_t.
This file contains types for the proc file system.
type proc_t, fs_type, root_dir_type;
proc_t is the type of the proc file system. proc_kmsg_t is the type for /proc/kmsg
. proc_kcore_t is the type for /proc/kcore
This file contains types for security stuff for SE Linux.
type security_t, fs_type;
type policy_config_t, file_type;
type policy_src_t, file_type;
security_t is the target type when checking the permissions in the security class. policy_config_t is the type of /etc/security/selinux/*
and policy_src_t is the type of /etc/selinux/*