Crate selinux

Re-exports

• pub use security_server::SecurityServer;

Modules

• permission_check
• policy
• security_server

Structs

• FileSystemLabel
• FileSystemMountOptions
  SELinux security context-related filesystem mount options. These options are documented in the context=context, fscontext=context, defcontext=context, and rootcontext=context section of the mount(8) manpage.
• NullessByteStr
  A borrowed byte slice that contains no NUL characters by truncating the input slice at the first NUL (if any) upon construction.
• SeLinuxStatus
  Status information parameter for the SeLinuxStatusPublisher interface.
• SecurityId
  The Security ID (SID) used internally to refer to a security context.

Enums

• AbstractObjectClass
  A class that may appear in SELinux policy or an access vector cache query.
• AbstractPermission
  A permission that may appear in SELinux policy or an access vector cache query.
• AnonFsNodePermission
  A well-known “anon_file” class permission used to manage special file-like nodes not linked into any directory structures.
• BlockFilePermission
  A well-known “blk_file” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• CharacterFilePermission
  A well-known “chr_file” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• CommonFilePermission
  Permissions common to all file-like object classes (e.g. “lnk_file”, “dir”). These are combined with a specific FileClass by policy enforcement hooks, to obtain class-affine permission values to check.
• DirPermission
  A well-known “dir” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• FdPermission
  A well-known “fd” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• FifoFilePermission
  A well-known “fifo_file” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• FileClass
  A well-known file-like class in SELinux policy that has a particular meaning in policy enforcement hooks.
• FilePermission
  A well-known “file” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• FileSystemLabelingScheme
• FileSystemPermission
  A well-known “filesystem” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• InitialSid
  Initial Security Identifier (SID) values actually used by this implementation. These must be present in the policy, for it to be valid.
• LinkFilePermission
  A well-known “lnk_file” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• ObjectClass
  A well-known class in SELinux policy that has a particular meaning in policy enforcement hooks.
• Permission
  A well-known (class, permission) pair in SELinux policy that has a particular meaning in policy enforcement hooks.
• ProcessPermission
  A well-known “process” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.
• SecurityPermission
  A well-known “security” class permission in SELinux policy, used to control access to sensitive administrative and query API surfaces in the “selinuxfs”.
• SocketPermission
  A well-known “sock_file” class permission in SELinux policy that has a particular meaning in policy enforcement hooks.

Constants

• FIRST_UNUSED_SID
  Lowest Security Identifier value guaranteed not to be used by this implementation to refer to an initial Security Context.

Traits

• ClassPermission
• SeLinuxStatusPublisher
  Interface for security server to interact with selinuxfs status file.