Crate selinux Copy item path Source pub use security_server::SecurityServer ;
permission_check policy security_server FileSystemLabel FileSystemMountOptions SELinux security context-related filesystem mount options. These options are documented in the
context=context, fscontext=context, defcontext=context, and rootcontext=context
section of
the mount(8)
manpage. NullessByteStr A borrowed byte slice that contains no NUL
characters by truncating the input slice at the
first NUL
(if any) upon construction. SeLinuxStatus Status information parameter for the SeLinuxStatusPublisher
interface. SecurityId The Security ID (SID) used internally to refer to a security context. AbstractObjectClass A class that may appear in SELinux policy or an access vector cache query. AbstractPermission A permission that may appear in SELinux policy or an access vector cache query. AnonFsNodePermission A well-known “anon_file” class permission used to manage special file-like nodes not linked
into any directory structures. BlockFilePermission A well-known “blk_file” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. CharacterFilePermission A well-known “chr_file” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. CommonFilePermission Permissions common to all file-like object classes (e.g. “lnk_file”, “dir”). These are
combined with a specific FileClass
by policy enforcement hooks, to obtain class-affine
permission values to check. DirPermission A well-known “dir” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. FdPermission A well-known “fd” class permission in SELinux policy that has a particular meaning in policy
enforcement hooks. FifoFilePermission A well-known “fifo_file” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. FileClass A well-known file-like class in SELinux policy that has a particular meaning in policy
enforcement hooks. FilePermission A well-known “file” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. FileSystemLabelingScheme FileSystemPermission A well-known “filesystem” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. InitialSid Initial Security Identifier (SID) values actually used by this implementation.
These must be present in the policy, for it to be valid. LinkFilePermission A well-known “lnk_file” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. ObjectClass A well-known class in SELinux policy that has a particular meaning in policy enforcement
hooks. Permission A well-known (class, permission)
pair in SELinux policy that has a particular meaning in
policy enforcement hooks. ProcessPermission A well-known “process” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. SecurityPermission A well-known “security” class permission in SELinux policy, used to control access to
sensitive administrative and query API surfaces in the “selinuxfs”. SocketPermission A well-known “sock_file” class permission in SELinux policy that has a particular meaning in
policy enforcement hooks. FIRST_UNUSED_SID Lowest Security Identifier value guaranteed not to be used by this
implementation to refer to an initial Security Context. ClassPermission SeLinuxStatusPublisher Interface for security server to interact with selinuxfs status file.